English

On Certificate Management in Named Data Networking

Cryptography and Security 2020-09-22 v1

Abstract

Named Data Networking (NDN) secures network communications by requiring all data packets to be signed when produced. This requirement necessitates efficient and usable mechanisms to handle NDN certificate issuance and revocation, making these supporting mechanisms essential for NDN operations. In this paper, we first investigate and clarify core concepts related to NDN certificates and security design in general, and then present the model of NDN certificate management and its desired properties. We proceed with the design of a specific realization of NDN's certificate management, NDNCERT, evaluate it using a formal security analysis, and discuss the challenges in designing, implementing, and deploying the system, to share our experiences with other NDN security protocol development efforts.

Keywords

Cite

@article{arxiv.2009.09339,
  title  = {On Certificate Management in Named Data Networking},
  author = {Zhiyi Zhang and Su Yong Wong and Junxiao Shi and Davide Pesavento and Alexander Afanasyev and Lixia Zhang},
  journal= {arXiv preprint arXiv:2009.09339},
  year   = {2020}
}
R2 v1 2026-06-23T18:39:58.481Z