The existing Internet
Core ideas developed in 1960s-1970s
Modeled after telephony:
point-to-point conversation between two entities
IP is ‘conversational’
IP datagrams can only name communication endpoints.
The world has changed
Almost anything is available online.
An ever increasing range of content can be distributed
Anyone can create, discover and consume content.
Exabytes of new content are produced yearly.
Everything is connected to the Internet.
Information Centric Networking
Let the network focus on the content
itself, rather than the location of the
Benefits of ICN
If network understands what it’s carrying,
Adaptive multipath routing
Better handling of mobility, address exhaustion, etc
Secure the content rather than the pipe
Named Data Networking
NDN is one of Information Centric Networking schemes.
CCN (Content Centric Networking) is the project name at
NDN (Named Data Networking) is the project name
sponsored by NSF.
Give each packet a unique name.
Packets are routed and forwarded based on names.
Essentially changing the waist of the hourglass
architecture from address-based IP to content-name
How it works?
Applications name its data.
Consumers send Interest packets, producers respond with
Data packets (ContentObjects).
Interests are routed based on their names.
Routers remember outstanding Interests in Pending
Interest Table (PIT).
Data trace back along PIT entries.
Every data packet carries a signature.
Applications give names to packets.
NDN uses hierarchical names to facilitate aggregation,
Receiver-driven data retrieval
All communication is initiated by consumers, ie start with
an Interest packet.
Routers forward the Interest towards the producer, and
remembers the incoming interface of the Interest.
The producer sends the data back. The data takes the
exact reverse path of the Interest to reach the consumer.
One Interest retrieves one data.
consumer router producer
1. Interest 2. Interest
3. ContentObject4. ContentObject
Routers can now cache the data since they’re named.
Security and Privacy
Secure the content/data, not the pipe or the perimeter.
Each data packet has to carry a signature
because data can come from any router or source.
NDN: hierarchical names defined by applications
Names are usually not hashes.
Other ICN architectures may use hash as data name.
Fast name lookup
NDN router looks up a Name in Forwarding Information Base (FIB)
to decide where to forward it.
Name could have any number of components, and a component
could be arbitrarily long.
Fast name lookup could be achieved in nested hash tables.
A hash is computed over the first component, and the result
is a pointer to the next hash table, which is keyed with the
hash of the second component, and so on.
If a name consists of k components, then in the absence of
collisions, k hash lookups would be required in the worst case
to identify the longest matching prefix.
Every ContentObject must be signed.
Generating signature (RSA) for every individual block is
Merkle hash trees amortize the signing cost over multiple
Sign the root hash (H6) only.
Include Merkle Path with the signature
node index (eg. node 1)
hash of sibling node, hash of parent’s sibling node, and so
on (eg. H0, H5 for node 1)
To verify the signature for block1, one can compute
H1=H(block1), H4=H(H0H1), H6=H(H4H5), and see whether
the signature is valid for H6.
H0 H1 H2 H3
Van Jacobson et al, Networking Named Data
NDN Technical Report NDN-0001, Named Data Networking (NDN) Project
Beichuan Zhang, CSC630 Spring 2012
CCNx technical documentation, CCNx Signature Generation and Verification
A particular slide catching your eye?
Clipping is a handy way to collect important slides you want to go back to later.