Multi-receiver/multi-sender network security: efficient authenticated multicast/feedback
IEEE INFOCOM '92 Proceedings of the eleventh annual joint conference of the IEEE computer and communications societies on One world through communications (Vol. 3)
Cryptography: Theory and Practice
Cryptography: Theory and Practice
Unconditionally Secure Digital Signature Schemes Admitting Transferability
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
An algebraic approach to network coding
IEEE/ACM Transactions on Networking (TON)
XORs in the air: practical wireless network coding
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Comprehensive view of a live network coding P2P system
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Homomorphic MACs: MAC-Based Integrity for Network Coding
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
IEEE Transactions on Information Theory
IEEE Transactions on Information Theory
Coding for Errors and Erasures in Random Network Coding
IEEE Transactions on Information Theory
A Rank-Metric Approach to Error Control in Random Network Coding
IEEE Transactions on Information Theory
Hi-index | 0.00 |
Systems exploiting network coding to increase their throughput suffer greatly from pollution attacks, which consist of injecting malicious packets in the network. The pollution attacks are amplified by the network coding process, resulting in a greater damage than under traditional routing. In this paper, we address this issue by designing an unconditionally secure authentication code (that is, which does not rely on computational assumptions) suitable for multicast network coding, where the keying material is initially computed and distributed by a trusted authority to the destinations and intermediate nodes. The proposed scheme allows not only destinations, but also intermediate nodes, to verify the integrity and origin of the packets received without having to decode, and thus detect and discard the malicious messages in transit that fail the verification. This way, the pollution is canceled out before reaching the destinations. The proposed scheme is robust against pollution attacks from outsiders, as well as coalitions of malicious insider nodes, which have the ability to perform the integrity check, but instead get corrupted and use their knowledge to themselves attack the network. We analyze the performance of the scheme in terms of both throughput and goodput and show that the price to pay for tolerating inside attackers is a high decrease in throughput (it is inversely proportional to the number of insider attackers that can collude). We finally discuss applications to file distribution.