Field
This disclosure is generally related to the secure and efficient distribution of digital content. More specifically, this disclosure is related to a system for publishing a key catalog that enumerates key information for content offered by a producer to consumers.
Related Art
The proliferation of the Internet and e-commerce continues to create a vast amount of digital content. Content-centric network (CCN) architectures have been designed to facilitate accessing and processing such digital content. A CCN includes entities, or nodes, such as network clients and consumers, forwarders (e.g., routers), and content producers, which communicate with each other by sending interest packets for various content items and receiving content object packets in return. CCN interests and content objects are identified by their unique names, which are typically hierarchically structured variable length identifiers (HSVLI). An HSVLI can include contiguous name components ordered from a most general level to a most specific level.
A CCN content object can be signed by a producer. The content object can contain information necessary to request, locate, or identify the cryptographic keys needed to verify the signature of the producer of the content object. In order to verify the signature of a received content object, a consumer must either possess prior knowledge of the keys, or retrieve the keys based on the information included in the content object. The first approach (prior key knowledge) may be infeasible, as it is unlikely that a consumer will have knowledge of all possible producers and their signing certificate or keys prior to issuing an interest. The second approach (individual key retrieval) may introduce significant overhead, e.g., verifying a public key may require traversing a certificate chain, where each node in the chain requires another interest-content exchange. Neither approach provides an efficient system for obtaining the relevant keys for content published by a producer.