关键词: 命名数据网络；Yaksha系统；ElGamal；移动自组织网络

Abstract: It is allowed that data of content producer can be cached anywhere in NDN (named data networking). This scheme decoupling of data from the source makes traditional end-end authentication transmission unavailable in NDN. Existing solutions of content delivery rely on CDN (content delivery network) or require that data source is always on- line. However, these requirements are not fit for mobile ad hoc networks (MANET). A new Yaksha system is developed based on ElGamal. And then based on this new Yaksha scheme a content publish/subscribe system for NDN MANET is proposed which is called EY-CPS. In EY-CPS, Yaksha server distributes and manages the encrypted/decrypted key for content transmitted on network. So, even if in two cases that there is no CDN or data source is offline, it is also allowed that content consumer accesses content cached on network in new scheme. In addition, it is guaranteed that only legitimate users can publish and access content, because Yaksha server distributes “license” only to legitimate user. The license is used for verifying user identity before publishing content to the network or attaining content from the network. Finally, security properties of EY-CPS in LS2 is proved and comparison analysis is made between proposed solution and related solutions.

Key words: named data networking; Yaksha system; ElGamal; MANET