Apr 26, 2016 - However, from a security perspective, the adaptively secure CP-ABPRE scheme is ..... scheme is composed of 6 fundamental algorithms and it has an authority, a ...... proxy re-encryption for cloud data sharing,â in Information.
IPRES: In-device Proxy Re-Encryption. Service for Secure ICN. Motivation. @kddi-research.jp ka-suksomboon tagami basu. @kddi-research.jp. @kddi-research.
IPRES: In-device Proxy Re-Encryption Service for Secure ICN Motivation
Current access control schemes:
A device is allowed to access the network
1
Application layer
Session layer
Network layer
How about ICN?
2
A device is permitted to establish a secure session
3
Who has the keys?
Re-encryption
An application is permitted to access the content
How to revoke a key?
4
How to utilize in-network caching
IPRES Architecture
Re-encryption is to transform the content that is encrypted with the publisher’s key to that encrypted with the application’s key without decrypting the encrypted content
App2
App1
(1)
Where to place a re-encryption function?
App1
App2
App3
(8)
Forwarder
(7) (2)
PIT
In-network? Re-encryption
CS
App3
Proxy Key management
RKT
FIB
NRT
(3) Re-encryption
Consumer’s Device Publisher
Intermediate nodes
Device
(4)
RKT : Re-encryption key table responsible for keeping track of the re-encryption keys
Drawback 1) Not fully gain the benefits of in-network caching
Network Interface
NRT : Name replacement table responsible for keeping track of the requests of re-encryption keys and re-encrypted content
2) Difficult to revoke keys in the network
Flow of interest packets Flow of data packets
IPRES Messages
Pick up!
In-Device Publisher
Cache node
Proxy
APP1
APP2 In-device proxy service yields higher in-network caching utilization than an in-network proxy service.
