Trust Model » History » Version 6
Suravi Regmi, 11/25/2025 05:29 PM
| 1 | 1 | Suravi Regmi | # Trust Model |
|---|---|---|---|
| 2 | |||
| 3 | 3 | Suravi Regmi | ## Signing chain |
| 4 | |||
| 5 |  |
||
| 6 | 4 | Suravi Regmi | |
| 7 | 3 | Suravi Regmi | --- |
| 8 | |||
| 9 | 1 | Suravi Regmi | |
| 10 | 4 | Suravi Regmi | ## Trust Model |
| 11 | 3 | Suravi Regmi |  |
| 12 | 1 | Suravi Regmi | |
| 13 | ---- |
||
| 14 | |||
| 15 | 4 | Suravi Regmi | ### Component identities |
| 16 | 1 | Suravi Regmi | |
| 17 | 5 | Suravi Regmi | **Root / Site CA** |
| 18 | **Identity:** `/ndn/md2k` |
||
| 19 | **Type:** Self-signed root CA |
||
| 20 | **Trust Anchor:** `md2k-trust-anchor.ndncert` |
||
| 21 | |||
| 22 | All components ultimately chain to this root. |
||
| 23 | Consumers load this file so they can trust any certificate issued under `/ndn/md2k`. |
||
| 24 | |||
| 25 | --- |
||
| 26 | |||
| 27 | **Identities Signed by the Root CA** |
||
| 28 | |||
| 29 | The root `/ndn/md2k` signs: |
||
| 30 | |||
| 31 | - `/ndn/md2k/mguard/controller` |
||
| 32 | - `/ndn/md2k/mguard/aa` |
||
| 33 | - `/ndn/md2k/mguard/dd40c` (producer) |
||
| 34 | - All consumer identities (example: `/ndn/md2k/adam`) |
||
| 35 | |||
| 36 | --- |
||
| 37 | |||
| 38 | **Stream Identities Signed by the Producer** |
||
| 39 | |||
| 40 | The producer identity `/ndn/md2k/mguard/dd40c` signs all stream identities: |
||
| 41 | |||
| 42 | - `/ndn/md2k/mguard/dd40c/phone/accelerometer` |
||
| 43 | - `/ndn/md2k/mguard/dd40c/phone/gyroscope` |
||
| 44 | - `/ndn/md2k/mguard/dd40c/phone/gps` |
||
| 45 | - `/ndn/md2k/mguard/dd40c/phone/battery` |
||
| 46 | - `/ndn/md2k/mguard/dd40c/data_analysis/gps_episodes_and_semantic_location` |
||
| 47 | |||
| 48 | These stream identities are used to sign **manifests**, **encrypted DATA**, and **CK packets**. |
||
| 49 | |||
| 50 | The producer must now serve the certificates for these streams |
||
| 51 | (interest filter on each stream's certificate prefix). |
||
| 52 | |||
| 53 | --- |
||
| 54 | |||
| 55 | 4 | Suravi Regmi | **Producer Behavior** |
| 56 | 1 | Suravi Regmi | |
| 57 | 4 | Suravi Regmi | Producer validates: |
| 58 | - AA public parameters (`/aa/PUBPARAMS`) |
||
| 59 | |||
| 60 | Producer signs: |
||
| 61 | - Stream manifests (RSA) using stream identity certificates |
||
| 62 | - CK packets (digest) |
||
| 63 | - Encrypted data (digest) |
||
| 64 | |||
| 65 | Producer serves: |
||
| 66 | - Producer certificate |
||
| 67 | - All stream certificates |
||
| 68 | |||
| 69 | Producer no longer signs manifests with its own identity; |
||
| 70 | manifests are now signed by stream identities. |
||
| 71 | |||
| 72 | 5 | Suravi Regmi | --- |
| 73 | 4 | Suravi Regmi | |
| 74 | **Consumer Behavior** |
||
| 75 | |||
| 76 | The consumer performs the most validation. |
||
| 77 | |||
| 78 | Consumer validates: |
||
| 79 | - AA parameters (RSA) |
||
| 80 | - DKEY segments (RSA) |
||
| 81 | - Controller POLICYDATA (RSA) |
||
| 82 | - Stream manifests (RSA) |
||
| 83 | - CK packets (digest) |
||
| 84 | - Encrypted data segments (digest) |
||
| 85 | |||
| 86 | All rules validated using the consumers trust schema. |
||
| 87 | |||
| 88 | Consumer decrypts: |
||
| 89 | 1. Encrypted application DATA → extract CK name |
||
| 90 | 2. Fetch CK → decrypt with DKEY |
||
| 91 | 3. Decrypt DATA using CK |
||
| 92 | |||
| 93 | |||
| 94 | The consumer uses three rules: |
||
| 95 | |||
| 96 | 1. **AA public parameters and DKEY validation** |
||
| 97 | `/ndn/md2k/mguard/aa/*` signed by AA (RSA), chaining to root. |
||
| 98 | |||
| 99 | 2. **Controller POLICYDATA replies** |
||
| 100 | `/ndn/md2k/mguard/controller/*` signed by controller (RSA), chaining to root. |
||
| 101 | |||
| 102 | 3. **Stream and producer content** |
||
| 103 | `/ndn/md2k/mguard/dd40c/*` |
||
| 104 | Allows: |
||
| 105 | - `sha256` (digest) for encrypted DATA, CK, metadata |
||
| 106 | - `rsa-sha256` for manifests, stream certs |
||
| 107 | KeyLocator must be a prefix of the Data name. |
||
| 108 | |||
| 109 | All validations ultimately chain back to `/ndn/md2k`. |