| 发明名称 |
LOW-COST AUTHENTICATED SIGNING DELEGATION IN CONTENT CENTRIC NETWORKING |
| 摘要 |
One embodiment provides a system that delegates signature production in a CCN. During operation, a first content producing device monitors content objects created by a second content producing device. A content object can be identified by a name that is a hierarchically structured variable length identifier (HSVLI) which comprises contiguous name components ordered from a most general level to a most specific level. The first device retrieves the content objects and authenticates a message authentication code for each content object based on a key shared by the first and second device. The first device creates a manifest with a name and a content object hash value for each content object, produces a digital signature for the manifest based on a private key of the first device, and includes the digital signature in the manifest, thereby delegating signature production to the first device for content objects created by the second device. |
| 申请公布号 |
US2016182475(A1) |
申请公布日期 |
2016.06.23 |
| 申请号 |
US201414579674 |
申请日期 |
2014.12.22 |
| 申请人 |
Palo Alto Research Center Incorporated |
发明人 |
Uzun Ersin |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A computer-implemented method comprising:
monitoring, by a first content producing device, one or more content objects created by a second content producing device, wherein a content object is identified by a name that is a hierarchically structured variable length identifier (HSVLI) which comprises contiguous name components ordered from a most general level to a most specific level; retrieving the one or more content objects; in response to determining that the retrieved content objects indicate a message authentication code, authenticating the message authentication code for the retrieved content objects based on a key shared by the first content producing device and the second content producing device; creating a manifest that indicates a name for the manifest and a content object hash (COH) value for each of the retrieved content objects; producing a digital signature for the manifest based on a private key of the first content producing device; and including the digital signature in the manifest, thereby facilitating delegation of signature production to the first content producing device for content objects created by the second content producing device. |
| 地址 |
Palo Alto CA US |
