Reading Sessions
2016.09.06 - Reading session 1: ICN'16
- Participants: Haoyuan Xu, Jiachen Chen, Sugang Li, Wuyang Zhang, Ying Liu, Zhenhua Jia
- Summary: We managed to finish 2 papers in this meeting. We also went through some basic discussions on NDN & congestion control.
Papers
ID | Paper | Presenter | Slides |
---|---|---|---|
1 | Sharing mHealth Data via Named Data Networking | Sugang | |
2 | Network Names in Content-Centric Networking | Wuyang |
Reviews
ID | Jiachen | Haoyuan | Sugang | Zhenhua | Ying |
---|---|---|---|---|---|
1 | Review | ||||
2 | Review |
Discussion Notes
- Named-Data Networking, Content-Centric Networking
- Components in a forwarding engine (FIB, PIT, Content Store)
- Forwarding rule
- Basic knowledge about congestion control
- Why window-based, how does it look like
- Why hop-by-hop fairness does not work (dumbell topology with 2 bottlenecks)
- Controlling window is not equal to controlling rate
- Buffer bloat and active queue management (RED/CoDel)
- Fast recovery and why it is not feasible in NDN
- Network Names in Content-Centric Networking
- This paper is not well written. Problems:
- It did not cover the security issue mentioned in the abstract.
- The evaluation did not compare the proposed solutions with other solutions.
- The packet header is still with variable length in the design.
- However, there are also something interesting in the paper:
- This solution enables hash, at the same time allows for longest prefix matching.
- From the hardware design point of view, it is simpler than trie (tree), and it has comparable lookup efficiency.
- This paper is not well written. Problems:
- Sharing mHealth Data via Named Data Networking
- Problems with the paper:
- ICN is not quite beneficial according to the solution
- The paper assumes DSU and DPU are benign.
- The key exchange model in sec. 2.5 is not clear. Should read the NAC citation [11] in the paper for further information. However, this should not be counted as novelty of the paper.
- Interesting topics in the paper:
- The solution can benefit IP-based solutions -- we can also sign the contents in IP, rather than only securing the channels.
- Key exchange procedure in the paper
- Data generator (Fitbit) generates a data and uses a symmetric key (C-KEY) to encrypt the content.
- Data generator gets a key-encrypt key (KEK) from the data owner (me) and encrypts the C-KEY with KEK.
- Data consumer (DPU/DVU) gets a key-decrypt key (KDK) from the data owner, and get an encrypted C-KEY (by KEK), and an encrypted data (by C-KEY) from the data generator.
- Data consumer gets C-KEY using KDK and gets data using C-KEY.
- Problem: the data owner now reveals both KEK and KDK (a key pair) to the network. How to prevent the leak of KEK/KDK?
- One interesting thing: there should be no pre-known mapping between data generator and consumer. A data generated now might be used by some future DPUs/DVUs.
- Problems with the paper:
- Basic of cryptography
- Assumption:
U_a
has a private keya
,U_b
has private keyb
. - Todo:
U_a
andU_b
should have a symmetric key, butU_a
should not knowb
, nor shouldU_b
knowa
. Evesdropper should know neithera
norb
. - Prerequirement: there are two well-known integers
q
andg
. - Process:
U_a
sendsA = q ^ a % g
toU_b
U_b
sendsB = q ^ b % g
toU_a
U_a
usesB ^ a % g
as the keyU_b
usesA ^ b % g
as the key
- Proof of symmetric:
A ^ b % g
=(q ^ a % g) ^ b % g
Letq ^ a
=n * g + v_a
(v_a
=q ^ a % g
)
We can get:
(q ^ a - n * g) ^ b % g
=(q ^ (ab) + ? * g + ? * g ^ 2 + ... + ? * g ^ b) % g
(q ^ a - n * g) ^ b % g
=(q ^ (ab)) % g
Similarly, we can getB ^ a % g
=(q ^ (ab)) % g
Therefore,B ^ a % g
==A ^ b % g
(symmetric). - With proper
q
value, we cannot getx
fromq ^ x % g
. ThereforeU_a
will not knowb
, nor willU_b
knowa
, or evesdropper knowa
orb
.
- Assumption:
Last modified
8 years ago
Last modified on Sep 13, 2016, 7:19:02 PM
Note:
See TracWiki
for help on using the wiki.