Security Analysis and Improvements on Two Homomorphic Authentication Schemes for Network Coding

Cheng, Chunfu; Lee, Jemin; Jiang, Tao; Takagi, Tsuyoshi

doi:10.1109/tifs.2016.2515517

Cited by 46 publications

(27 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The study to ensure the security of network coding discussed in chapter 2 includes the method of applying cryptographic techniques such as encryption algorithms and digital signatures in [1,4,[8][9][10][11], the method of secure network coding proposed in [7,9,17], and the prevention of attacks by distinguishing the trusted nodes in [13,15]. In the method of applying a cryptographic technique, there is overhead such as key exchange, and if an internal attacker modifies the packet and encrypts it with a correct key, the destination decrypts it and trusts the packet and executes the recovery for network coding.…”

Section: Resultsmentioning

confidence: 99%

“…In addition, Wu et al [10] proposed a method that verifies whether a packet is valid by applying a digital signature algorithm in case a network coding is used in a vehicular area network (VANET) and a vehicle cannot recover a message due to a pollution attack. Cheng et al showed that multi-generation pollution attacks are possible when homogeneous subspace signature schemes are used to cope with pollution attacks in network coding and described an algorithm that solves this problem by improving the key distribution method [11].…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Attack Detection Using Network Coding in IoT Environment

Yong¹,

Lee

2020

Sensors

View full text Add to dashboard Cite

Network coding is a reasonable way to increase network efficiency in response to an increase of sensed data in the Internet of Things (IoT). In network coding, intermediate nodes combine packets received from neighboring nodes, transform, and transmit encoded packets that can be decoded at the destination. This scheme is based on trust among nodes. If any malicious node joins the network, it can act as an intermediate node that could fabricate encoded packets. It might be more difficult to identify the authenticity of such encoded packets since packets that are received at the destination might not originate from a single source, but be combined with several other packets originating from multiple sources. In this paper, we propose a scheme on how to detect attacked packets among the received packets at a destination and how to recover the original message from the packets including the attacked “look-like-valid” packets. This scheme shows that a destination could recover the valid message with just the received packets including some attacked packets and will result in a quite efficient performance in network coding.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Attack Detection Using Network Coding in IoT Environment

Yong¹,

Lee

2020

Sensors

View full text Add to dashboard Cite

show abstract

“…Nevertheless, this approach still relies on key pre-distribution. In [20] two improved key distribution schemes are proposed and analyzed in terms of computation and communications costs. The authors of [21] address a weakness of verificationbased techniques known as verification attack, whereby a large amount of content to be checked is injected at high rate in a named-data networking scenario.…”

Section: Related Workmentioning

confidence: 99%

“…The model we developed in Sec. V, through (19) and (20), allows us to predict the value of the honest score estimated by each node. As already discussed this amounts at estimating the system-wide parameters s h and s p .…”

Section: Honest Score Model Exploitationmentioning

confidence: 99%

Securing Network Coding Architectures Against Pollution Attacks With Band Codes

Fiandrotti

Gaeta

Grangetto

2019

IEEE Trans.Inform.Forensic Secur.

View full text Add to dashboard Cite

During a pollution attack, malicious nodes purposely transmit bogus data to the honest nodes to cripple the communication. Securing the communication requires identifying and isolating the malicious nodes. However, in Network Coding (NC) architectures, random recombinations at the nodes increase the probability that honest nodes relay polluted packets. So, discriminating between honest and malicious nodes to isolate the latter turns out to be challenging at best. Band Codes (BC) are a family of rateless codes whose coding window size can be adjusted to reduce the probability that honest nodes relay polluted packets. We leverage such property to design a distributed scheme for identifying the malicious nodes in the network. Each node counts the number of times each neighbor has been involved in cases of polluted data reception and exchanges such counts with its neighbor nodes. Then, each node computes for each neighbor a discriminative honest score estimating the probability that the neighbor relays clean packets. We model such probability as a function of the BC coding window size, showing its impact on the accuracy and effectiveness of our distributed blacklisting scheme. We experiment distributing a live video feed in a P2P NC system, verifying the accuracy of our model and showing that our scheme allows to secure the network against pollution attacks recovering near pre-attack video quality.

show abstract

“…Li et al [19] proposed to use a symmetric key based homomorphic MAC algorithms to detect corrupted packets. In [21], the authors analyzed and improved two homomorphic authentication schemes homomorphic subspace signature (HSS) [22] and key predistribution-based tag encoding (KEPTE) [23] for network coding.…”

Section: Related Workmentioning

confidence: 99%

Enjoy the Benefit of Network Coding: Combat Pollution Attacks in 5G Multihop Networks

Ren

et al. 2018

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

In the upcoming 5G era, many new types of networks will greatly expand the connectivity of the world such as vehicular ad hoc networks (VANETs), Internet of Things (IoT), and device-to-device communications (D2D). Network coding is a promising technology that can significantly improve the throughput and robustness of these emerging 5G multihop networks. However, network coding is generally very fragile to malicious attacks such as message content corruption and node compromise attacks. To take advantage of network coding in performance gain while refraining malicious network attacks is an interesting and challenging research issue. In this paper, we propose a new error-detection and error-correction (EDEC) scheme that can jointly detect and remove the malicious attacks based on the underlying error-control scheme for general multihop networks that can model the 5G multihop networks. The proposed scheme can increase the throughput for network with pollution attacks compared to existing error-detection based schemes. Then we propose a low-density parity check (LDPC) decoding based EDEC (LEDEC) scheme. Our theoretical analysis demonstrates that the LEDEC scheme can further increase the throughput for heavily polluted network environments. We also provide extensive performance evaluation and simulation results to validate the proposed schemes. This research ensures the expected performance gain for the application of network coding in the 5G network under malicious pollution attacks.

show abstract

Security Analysis and Improvements on Two Homomorphic Authentication Schemes for Network Coding

Cited by 46 publications

References 28 publications

Attack Detection Using Network Coding in IoT Environment

Attack Detection Using Network Coding in IoT Environment

Securing Network Coding Architectures Against Pollution Attacks With Band Codes

Enjoy the Benefit of Network Coding: Combat Pollution Attacks in 5G Multihop Networks

Contact Info

Product

Resources

About