Scalable Content-centric Routing for Hybrid ICN

Hybrid Information-Centric Networking (hICN) is an incrementally-deployable information-centric networking architecture that is built on top of IPv6. In hICN, application-level identifiers are directly used to route interest packets (i.e., request for content) to fetch a copy of the desired content/data from any location. However, following the Internet Protocol conventions that require storing pre-computed routing/forwarding state for all prefixes in the routers raises scalability concerns, especially at the inter-domain level. Here we consider instead the other extreme; i.e. on-demand routing computation for content name prefixes when interest packets arrive at the router. Following this approach, we propose a centralized routing service within a domain that keeps a mapping between hICN name prefixes and locators (i.e., routable addresses) to hICN routers. Once a locator is received, an hICN router forwards an interest packet towards the intended destination using segment routing. We evaluated the proposed solution through a real testbed implementation in order to demonstrate that the performance is equivalent to typical hICN forwarding, while offering a scalability solution

Ditto: Towards Decentralised Similarity Search for Web3 Services

The Web has become an integral part of life, and over the past decade, it has become increasingly centralised, leading to a number of challenges such as censorship and control, particularly in search engines. Recently, the paradigm of the decentralised Web (DWeb), or Web3, has emerged, which aims to provide decentralised alternatives to current systems with decentralised control, transparency, and openness. In this paper we introduce Ditto, a decentralised search mechanism for DWeb content, based on similarity search. Ditto uses locality sensitive hashing (LSH) to extract similarity signatures and records from content, which are stored on a decentralised index on top of a distributed hash table (DHT). Ditto uniquely supports numerous underlying content networks and types, and supports various use-cases, including keyword-search. Our evaluation shows that our system is feasible and that our search quality, delay, and overhead are comparable to those currently accepted by users of DWeb and search systems

On the scalability of interdomain path computations

Abstract-Recent research has considered various architectural approaches in which route determination occurs separately from forwarding. Such offers many advantages, but also brings a number of challenges, not least of which is scalability. In this paper we consider the problem of computing domain-level end-toend routes in the Internet. We describe a system architecture and a prototype route computation service that provides performance information along with paths. The results of our experiments, which involve updating billions of routes and serving thousands of requests per second, suggest that the resource requirements for a single-domain end-to-end path service (i.e., a service that provides paths from one access domain to all others) are fairly modest

The Cloud Strikes Back: Investigating the Decentralization of IPFS

Interplanetary Filesystem (IPFS) is one of the largest peer-to-peer filesystems in operation. The network is the default storage layer for Web3 and is being presented as a solution to the centralization of the web. In this paper, we present a large-scale, multi-modal measurement study of the IPFS network. We analyze the topology, the traffic, the content providers and the entry points from the classical Internet. Our measurements show significant centralization in the IPFS network and a high share of nodes hosted in the cloud. We also shed light on the main stakeholders in the ecosystem. We discuss key challenges that might disrupt continuing efforts to decentralize the Web and highlight multiple properties that are creating pressures toward centralization

A Survey on Content Retrieval on the Decentralised Web

The control, governance, and management of the web have become increasingly centralised, resulting in security, privacy, and censorship concerns. Decentralised initiatives have emerged to address these issues, beginning with decentralised file systems. These systems have gained popularity, with major platforms serving millions of content requests daily. Complementing the file systems are decentralised search engines and name registry infrastructures, together forming the basis of a decentralised web . This survey paper analyses research trends and emerging technologies for content retrieval on the decentralised web, encompassing both academic literature and industrial projects. Several challenges hinder the realisation of a fully decentralised web. Achieving comparable performance to centralised systems without compromising decentralisation is a key challenge. Hybrid infrastructures, blending centralised components with verifiability mechanisms, show promise to improve decentralised initiatives. While decentralised file systems have seen more mature deployments, they still face challenges such as usability, performance, privacy, and content moderation. Integrating these systems with decentralised name-registries offers a potential for improved usability with human-readable and persistent names for content. Further research is needed to address security concerns in decentralised name-registries and enhance governance and crypto-economic incentive mechanisms

Content Censorship in the InterPlanetary File System

The InterPlanetary File System (IPFS) is currently the largest decentralized storage solution in operation, with thousands of active participants and millions of daily content transfers. IPFS is used as remote data storage for numerous blockchain-based smart contracts, Non-Fungible Tokens (NFT), and decentralized applications. We present a content censorship attack that can be executed with minimal effort and cost, and that prevents the retrieval of any chosen content in the IPFS network. The attack exploits a conceptual issue in a core component of IPFS, the Kademlia Distributed Hash Table (DHT), which is used to resolve content IDs to peer addresses. We provide efficient detection and mitigation mechanisms for this vulnerability. Our mechanisms achieve a 99.6\% detection rate and mitigate 100\% of the detected attacks with minimal signaling and computational overhead. We followed responsible disclosure procedures, and our countermeasures are scheduled for deployment in the future versions of IPFS.Comment: 15 pages (including references), 15 figures. Accepted to be published at the Network and Distributed System Security (NDSS) Symposium 202

DISC-NG : Robust Service Discovery in the Ethereum Global Network

The Ethereum Global Network (EGN) hosts a complete ecosystem of decentralized services, including blockchains such as Ethereum mainnet but also exchange markets, content delivery networks, and many more. Service discovery is a fundamental mechanism in the EGN, allowing new nodes to look up and connect to other nodes already participating in one of these services. The current service discovery of the EGN, DISCv5, is not scalable and efficient enough to support the current and future needs of the ecosystem. We present DISC-NG, a novel service discovery protocol for the EGN that is scalable, efficient, and secure. DISC-NG leverages the EGN-wide DHT to allow service participation advertisements to meet service discovery requests. DISC- NG compensates the unbalance in service popularity and minimizes the potential for abuse by malicious nodes. We implement DISC-NG in devp2p, the network stack used by the majority of clients connecting to the EGN, as well as in a large-scale simulator. DISC-NG can discover services in the EGN faster than DISCv5 while being more robust to malicious nodes. DISC-NG is now in a staging phase and scheduled for deployment as an improvement to DISCv5

Scalable Content-centric Routing for Hybrid ICN

Hybrid Information-Centric Networking (hICN) is an incrementally-deployable information-centric networking architecture that is built on top of IPv6. In hICN, application-level identifiers are directly used to route interest packets (i.e., request for content) to fetch a copy of the desired content/data from any location. However, following the Internet Protocol conventions that require storing pre-computed routing/forwarding state for all prefixes in the routers raises scalability concerns, especially at the inter-domain level. Here we consider instead the other extreme; i.e. on-demand routing computation for content name prefixes when interest packets arrive at the router. Following this approach, we propose a centralized routing service within a domain that keeps a mapping between hICN name prefixes and locators (i.e., routable addresses) to hICN routers. Once a locator is received, an hICN router forwards an interest packet towards the intended destination using segment routing. We evaluated the proposed solution through a real testbed implementation in order to demonstrate that the performance is equivalent to typical hICN forwarding, while offering a scalability solution

Ditto : Towards Decentralised Similarity Search for Web3 Services

The Web has become an integral part of life, and over the past decade, it has become increasingly centralised, leading to a number of challenges such as censorship and control, particularly in search engines. Recently, the paradigm of the decentralised Web (DWeb), or Web3, has emerged, which aims to provide decentralised alternatives to current systems with decentralised control, transparency, and openness. In this paper we introduce Ditto, a decentralised search mechanism for DWeb content, based on similarity search. Ditto uses locality sensitive hashing (LSH) to extract similarity signatures and records from content, which are stored on a decentralised index on top of a distributed hash table (DHT). Ditto uniquely supports numerous underlying content networks and types, and supports various use-cases, including keyword-search. Our evaluation shows that our system is feasible and that our search quality, delay, and overhead are comparable to those currently accepted by users of DWeb and search systems