Information-Centric Networking (ICN) has emerged as a paradigm to cope with the increasing demand for content delivery on the Internet. In contrast to the Internet Protocol (IP), the underlying architecture of ICN enables users to request contents based on their name rather than their hosting location (IP address). On the one hand, this preserves users’ anonymity since packet routing does not require source and destination addresses of the communication parties. On the other hand, semantically-rich names reveal information about users’ interests, which poses serious threats to their privacy. A curious ICN node can monitor the traffic to profile users’ or censor specific contents for instance. In this paper, we present PrivICN: a system that enhances users privacy in ICN by protecting the confidentiality of content names and content data. PrivICN relies on a proxy encryption scheme and has several features that distinguish it from existing solutions: it preserves full in-network caching benefits, it does not require end-to-end communication between consumers and providers and it provides flexible user management (addition/removal of users). We evaluate PrivICN in a real ICN network (CCNx implementation) showing that it introduces an acceptable overhead and little delay. PrivICN is publicly available as an open-source library.
- Information-centric networking
- Content names
- Proxy encryption