ENCRYPTED CCNx

摘要

One embodiment provides a system that facilitates selective encryption of bit groups of a message. During operation, the system determines, by a content requesting device or content producing device, a message that includes a plurality of bit groups, each corresponding to a type, a length, and a set of values, wherein one or more bit groups are marked for encryption, and wherein the message indicates a name that is a hierarchically structured variable-length identifier comprising contiguous name components ordered from a most general level to a most specific level. The system computes a plurality of cipher blocks for the message based on an authenticated encryption protocol. The system encrypts the one or more bit groups marked for encryption based on one or more symmetric keys, wherein the marked bit groups include one or more name components. Subsequently, the system indicates the encrypted bit groups as encrypted.

主权项

1. A computer system for facilitating forwarding of packets, the system comprising:
a processor; and a storage device storing instructions that when executed by the processor cause the processor to perform a method, the method comprising:
determining, by a content requesting device or content producing device, a message that includes a plurality of bit groups, each corresponding to a type, a length, and a set of values, wherein one or more bit groups are marked for encryption, and wherein the message indicates a name that is a hierarchically structured variable-length identifier comprising contiguous name components ordered from a most general level to a most specific level;computing a plurality of cipher blocks for the message based on an authenticated encryption protocol;encrypting the one or more bit groups marked for encryption based on one or more symmetric keys, wherein the marked bit groups include one or more name components; andindicating the encrypted bit groups as encrypted,thereby facilitating selective encryption of bit groups of the message.