On Wiretap Networks II



Similar documents
Modified Line Search Method for Global Optimization

Department of Computer Science, University of Otago

Soving Recurrence Relations

Vladimir N. Burkov, Dmitri A. Novikov MODELS AND METHODS OF MULTIPROJECTS MANAGEMENT

Your organization has a Class B IP address of Before you implement subnetting, the Network ID and Host ID are divided as follows:

Secure Network Coding for Wiretap Networks of Type II

1 Computing the Standard Deviation of Sample Means

Lecture 2: Karger s Min Cut Algorithm

5 Boolean Decision Trees (February 11)

A probabilistic proof of a binomial identity

Chapter 6: Variance, the law of large numbers and the Monte-Carlo method

Taking DCOP to the Real World: Efficient Complete Solutions for Distributed Multi-Event Scheduling

where: T = number of years of cash flow in investment's life n = the year in which the cash flow X n i = IRR = the internal rate of return

Discrete Mathematics and Probability Theory Spring 2014 Anant Sahai Note 13

Capacity of Wireless Networks with Heterogeneous Traffic

I. Chi-squared Distributions

MARTINGALES AND A BASIC APPLICATION

Hypergeometric Distributions

Here are a couple of warnings to my students who may be here to get a copy of what happened on a day that you missed.

In nite Sequences. Dr. Philippe B. Laval Kennesaw State University. October 9, 2008

Project Deliverables. CS 361, Lecture 28. Outline. Project Deliverables. Administrative. Project Comments

Chapter 7 Methods of Finding Estimators

On the Capacity of Hybrid Wireless Networks

Recovery time guaranteed heuristic routing for improving computation complexity in survivable WDM networks

CS103X: Discrete Structures Homework 4 Solutions


Overview on S-Box Design Principles

PROCEEDINGS OF THE YEREVAN STATE UNIVERSITY AN ALTERNATIVE MODEL FOR BONUS-MALUS SYSTEM

Domain 1: Designing a SQL Server Instance and a Database Solution

CHAPTER 3 DIGITAL CODING OF SIGNALS

Floating Codes for Joint Information Storage in Write Asymmetric Memories

SECTION 1.5 : SUMMATION NOTATION + WORK WITH SEQUENCES

Hypothesis testing. Null and alternative hypotheses

Systems Design Project: Indoor Location of Wireless Devices

THE ABRACADABRA PROBLEM

Convexity, Inequalities, and Norms

CME 302: NUMERICAL LINEAR ALGEBRA FALL 2005/06 LECTURE 8

Lecture 4: Cauchy sequences, Bolzano-Weierstrass, and the Squeeze theorem

Asymptotic Growth of Functions

CS103A Handout 23 Winter 2002 February 22, 2002 Solving Recurrence Relations

A Combined Continuous/Binary Genetic Algorithm for Microstrip Antenna Design

Notes on exponential generating functions and structures.

Properties of MLE: consistency, asymptotic normality. Fisher information.

The analysis of the Cournot oligopoly model considering the subjective motive in the strategy selection


Chair for Network Architectures and Services Institute of Informatics TU München Prof. Carle. Network Security. Chapter 2 Basics

CHAPTER 3 THE TIME VALUE OF MONEY

Example 2 Find the square root of 0. The only square root of 0 is 0 (since 0 is not positive or negative, so those choices don t exist here).

Week 3 Conditional probabilities, Bayes formula, WEEK 3 page 1 Expected value of a random variable

The Power of Free Branching in a General Model of Backtracking and Dynamic Programming Algorithms

Chatpun Khamyat Department of Industrial Engineering, Kasetsart University, Bangkok, Thailand

Firewall Modules and Modular Firewalls

THE REGRESSION MODEL IN MATRIX FORM. For simple linear regression, meaning one predictor, the model is. for i = 1, 2, 3,, n

1 Correlation and Regression Analysis

Domain 1 - Describe Cisco VoIP Implementations

A Faster Clause-Shortening Algorithm for SAT with No Restriction on Clause Length

Designing Incentives for Online Question and Answer Forums

*The most important feature of MRP as compared with ordinary inventory control analysis is its time phasing feature.

Optimize your Network. In the Courier, Express and Parcel market ADDING CREDIBILITY

Annuities Under Random Rates of Interest II By Abraham Zaks. Technion I.I.T. Haifa ISRAEL and Haifa University Haifa ISRAEL.

Lecture 3. denote the orthogonal complement of S k. Then. 1 x S k. n. 2 x T Ax = ( ) λ x. with x = 1, we have. i = λ k x 2 = λ k.

Major Coefficients Recovery: a Compressed Data Gathering Scheme for Wireless Sensor Network

7.1 Finding Rational Solutions of Polynomial Equations

Sequences and Series

Class Meeting # 16: The Fourier Transform on R n

Universal coding for classes of sources

Chapter 5: Inner Product Spaces

Center, Spread, and Shape in Inference: Claims, Caveats, and Insights

Maximum Likelihood Estimators.

The Stable Marriage Problem

THE ARITHMETIC OF INTEGERS. - multiplication, exponentiation, division, addition, and subtraction

Output Analysis (2, Chapters 10 &11 Law)

(VCP-310)

NEW HIGH PERFORMANCE COMPUTATIONAL METHODS FOR MORTGAGES AND ANNUITIES. Yuri Shestopaloff,

3. Greatest Common Divisor - Least Common Multiple

Lecture 4: Cheeger s Inequality

Building Blocks Problem Related to Harmonic Series

Professional Networking

Estimating Probability Distributions by Observing Betting Practices

Permutations, the Parity Theorem, and Determinants

Research Article Sign Data Derivative Recovery

1. MATHEMATICAL INDUCTION

LECTURE 13: Cross-validation

ODBC. Getting Started With Sage Timberline Office ODBC

Multiplexers and Demultiplexers

5 Interconnection Networks

Amendments to employer debt Regulations

Determining the sample size

How To Solve The Homewor Problem Beautifully

Engineering Data Management

MTO-MTS Production Systems in Supply Chains

Running Time ( 3.1) Analysis of Algorithms. Experimental Studies ( 3.1.1) Limitations of Experiments. Pseudocode ( 3.1.2) Theoretical Analysis

Transcription:

O Wiretap Networks II alim Y. El Rouayheb ECE Departmet Texas A&M Uiversity College tatio, TX 77843 salim@ece.tamu.edu Emia oljai Math. cieces Ceter Bell Labs, Alcatel-Lucet Murray ill, NJ 07974 emia@alcatel-lucet.com arxiv:0807.0821v1 cs.it] 4 Jul 2008 Abstract We cosider the problem of securig a multicast etwork agaist a wiretapper that ca itercept the packets o a limited umber of arbitrary etwork liks of his choice. We assume that the etwork implemets etwork codig techiques to simultaeously deliver all the packets available at the source to all the destiatios. We show how this problem ca be looked at as a etwork geeralizatio of the Ozarow-Wyer Wiretap Chael of type II. I particular, we show that etwork security ca be achieved by usig the Ozarow-Wyer approach of coset codig at the source o top of the implemeted etwork code. This way, we quickly ad trasparetly recover some of the results available i the literature o secure etwork codig for wiretapped etworks. We also derive ew bouds o the required secure code alphabet size ad a algorithm for code costructio. I. INTRODUCTION Cosider a commuicatio etwork represeted as a directed graph G = (V, E) with uit capacity edges, a iformatio source that multicasts iformatio to t receivers R 1,..., R t located at distict odes. Assume that the mi-cut value betwee the source ad each receiver ode is. We kow that a multicast rate of is possible with liear etwork codig 1], 2]. We are here cocered with multicast etworks i which there is a adversary that ca access data o a certai umber of liks of his choice, ad the goal is to maximize the multicast rate with the costrait of revealig o iformatio about the multicast data to the adversary. The problem of makig a liear etwork code iformatio theoretically secure i the presece of a wiretap adversary that ca look at a bouded umber, say µ, of etwork edges was first studied by Cai ad Yeug i 3]. They cosidered directed graphs ad demostrated the existece of a code over a alphabet with at least ( ) µ elemets which ca support a secure multicast rate of up to µ. They also showed that such codes ca be desiged i O( ( ) µ ) steps. The required edge badwidth ad the secure code desig complexity are mai drawbacks of this pioeerig work. Feldma et al. derived trade-offs betwee security, code alphabet size, ad multicaat rate of secure liear etwork codig schemes i 4], by usig ideas from secret sharig ad abstractig etwork topology. Aother approach was take by Jai i 5] who obtaied security by merely exploitig the topology of the etwork i questio. Weakly secure etwork codig (which isures that oly useless iformatio rather tha oe is revealed to the adversary) was studied by Bhattad ad Narayaa i 6], ad practical schemes are missig i this case as well. A related lie of work cosiders a more powerful adversary, oe that ca also modify the packets he observes. Modifyig a certai umber of packets i etworks which oly route iformatio simply results i their icorrect receptio, whereas modifyig the same umber of packets carryig liear combiatios of source packets ca have a more harmful effect sice it ca result i icorrect decodig of all source packets. uch attacks are i etwork codig literature kow as Byzatie modificatios, ad the Byzatie modificatio detectio i etworks implemetig radom etwork codig was studied by o et al. i 7] ad Jaggi et al. i 8]. The approach they take is to itroduce error correctio codig at the source so that the packets carry ot oly data but also some redudat iformatio derived from data which will help reduce the probability of icorrect decodig. We also fid codig at the source a atural approach to address the iformatio theoretic security of wiretap etworks. I a etwork where the mi-cut value betwee the source ad each receiver ode is ad a adversary ca access up to µ edges of his choice, we itroduce at the source a codig scheme which esures iformatio theoretic security o the Ozarow-Wyer wiretap chael type II, itroduced i 9] ad 10], where the source trasmits symbols to the receiver ad a adversary ca access ay µ of those symbols. Ozarow ad Wyer showed that the maximum umber of symbols (say k) that the source ca commuicate to the receiver securely i the iformatio theoretic sese is equal to µ. They also showed how to ecode the k source symbols ito the chael symbols for secure trasmissio. Clearly, if the chael symbols are multicast over a etwork ot performig codig (liear combiig of the symbols), the k source symbols remai secure i the presece of a adversary with access to ay µ edges. We will illustrate later that this is is ot ecessarily the case whe etwork codig is performed. owever, we will show that a etwork code that preserves security of the k source symbols (coded ito the multicast symbols i the Ozarow-Wyer maer) ca be desiged over a sufficietly large field. With the observatios made by Feldma et al. i 4], it is easy to show that our scheme is actually equivalet to the oe proposed i the pioeerig work of Cai ad Yeug i 3]. owever, with our approach, we ca quickly ad trasparetly recover some of the results available i the literature o secure etwork codig for wiretapped etworks. ice the publicatio of 3] i which the etwork code costructio is based o the work of Li et al. i 2], a umber of simpler etwork code costructio algorithms have bee proposed (see for example 11]), 12]. Computatioal complexity of etwork codig i terms of the umber of codig odes ad ways to miimize

it have also bee studied sice the 12], 13], 14]. We will use these results to derive ew bouds o the required secure code alphabet size ad a algorithm for code costructio. This paper is orgaized as follows: I ec. II, we briefly review the Ozarow-Wyer wiretap chael type II problem. I ec. III, we itroduce the etwork geeralizatio of this problem. I ec. IV, we preset a algorithm for secure etwork code desig ad discuss the required code alphabet size. I ec. V, we highlight some coectios of this work with the previous work o secure etwork codig ad more recet work o etwork error correctio. II. WIRETAP CANNEL II We first cosider a poit-to-poit sceario i which the source ca trasmit symbols to the receiver ad a adversary ca access ay µ of those symbols 9], 10]. For this case, we kow that the maximum umber of symbols that the source ca commuicate to the receiver securely i the iformatio theoretic sese is equal to µ. The problem is mathematically formulated as follows. Let = (s 1, s 2,..., s k ) be the radom variable associated with the k iformatio symbols that the source wishes to sed securely, Y = (y 1, y 2,..., y ) the radom variable associated with the symbols that are trasmitted through the oiseless chael betwee the source ad the receiver, ad Z = (z 1, z 2,...,z µ ) the radom variable associated with the wiretapped bits of Y. Whe k µ, there exists a ecodig scheme that maps ito Y so that the ucertaity about is ot reduced by the kowledge of Z ad is completely determied (decodable) by the complete kowledge of Y, that is, ( Z) = () ad ( Y ) = 0. (1) For = 2, k = 1, µ = 1, such a codig scheme ca be orgaized as follows. If the source bit equals 0, the either 00 or 11 is trasmitted through the chael with equal probability. imilarly, if the source bit equals 1, the either 01 or 10 is trasmitted through the chael with equal probability. source bit s 1 : 0 1 codeword y 1 y 2 chose at radom from: {00, 11} {01, 10} It is easy to see that kowledge of either y 1 or y 2 does ot reduce the ucertaity about s 1, whereas the kowledge of both y 1 ad y 2 is sufficiet to completely determie s 1, amely, s 1 = y 1 + y 2. I geeral, k = µ symbols ca be trasmitted securely by a codig scheme based o a, k] liear MD code C F q. I this scheme, the ecoder is a probabilistic device which operates o the space F q, where q is a large eough prime power, partitioed ito q k cosets of C. The k iformatio symbols are take as the sydrome which specifies a coset, ad the trasmitted word is chose uiformly at radom from the specified coset. The decoder recovers the iformatio symbols by simply computig the sydrome of the received word. Because of the properties of MD codes, kowledge ay µ = k or fewer symbols will leave ucertaity of the k iformatio symbols uchaged. The code used i the above example is the 2, 1] repetitio with the parity check matrix = 1 1 ]. (2) III. WIRETAP NETWORK II We ow cosider agai a acyclic multicast etwork G = (V, E) with uit capacity edges, a iformatio source, t receivers, ad the value of the micut to each receiver equal to. The goal is to maximize the multicast rate with the costrait of revealig o iformatio about the multicast data to the adversary that ca access data o ay µ liks. We assume that the adversary kows the implemeted etwork code, i.e. all the coefficiets of the liear combiatios that determie the packets o each edge. Moreover, the adversary is aware of ay shared radomess betwee the source ad the destiatios. The last assumptio rules out the use of traditioal key cryptography to achieve security. We kow that a multicast rate of is possible with liear etwork codig 1], 2]. It is iterestig to ask whether, usig the same etwork code, the source ca multicast k µ symbols securely if it first applies a secure wiretap chael code (as described above) mappig k ito symbols. Naturally, this would be a solutio if a multicast rate of ca be achieved just by routig. Cosider this approach for the butterfly etwork show i Fig. 1 where we have = 2, k = 1, µ = 1. If the source applies the codig scheme described i the previous sectio ad the usual etwork code as i Fig. 1-a, the adversary will be able to immediately lear the source bit if he taps ito ay of the edges BE, EF, ED. Therefore, a etwork code ca brake dow a secure wiretap chael code. owever, if the etwork code is chaged so that ode B combies its iputs over e.g., F 3 ad the BE codig vector is 1 α ] where α is a primitive elemet of F 3 (as i Fig. 1-b), the wiretap chael code remais secure, that is, the adversary caot gai ay iformatio by accessig ay sigle lik i the etwork. Note that the wiretap chael code based o the MD code with = 1 1 ] remais secure with ay etwork code whose BE codig vector is liearly idepedet of 1 1 ]. We will ext show that the source ca multicast k µ symbols securely if it first applies a secure wiretap chael code based o a MD code with a k parity check matrix if the etwork code is such that o liear combiatio of µ = k or fewer codig vectors belogs to the space spaed by the rows of. Let W E deote the set of W = µ edges the wiretapper chooses to observe, ad Z W = (z 1, z 2,..., z µ ) the radom variable associated with the packets carried by the edges i W. Let C W deote the matrix whose rows are the codig vectors associated with the observed edges i W. As i the case of wiretap chael, = (s 1, s 2,...,s k ) deotes the radom variable associated with the k iformatio symbols that the source wishes to sed securely, ad Y = (y 1, y 2,...,y ) the radom variable associated the wiretap chael code symbols. The symbols of Y will be multicast through the etwork by usig liear etwork codig. Cosider (, Y, Z W ) with the security requiremet ( Z W ) = () for all W E: ( Z W ) +(Y Z W ) = (Y Z W ) + ( Y Z W ) } {{ } } {{ } =() =0 (Y Z W ) = (Y Z W ) () 0 rak(c W ) k

µ. That is, a b A A WTC II ecoder B s 1 WTC II ecoder B x 1 x 1 + x 2 x 2 D E x 1 + x 2 x 1 + x 2 s 1 x 1 x 1 + αx 2 x 2 E x 1 + αx 2 x 1 + αx 2 R 1 D F R 2 Fig. 1. igle-edge wiretap butterfly etwork with a) isecure etwork code ad b) secure etwork code. ice there is a choice of edges such that rak(c W ) = µ, the maximum rate for secure trasmissio is bouded as k µ. If the boud is achieved with equality, we have (Y Z W ) = 0 ad cosequetly, the system of equatios = Zw] Y CW] has to have uique solutio for all W for which rak(c W ) = C F C rak = for all C CW] W s.t. rak(c W ) = µ. (3) This aalysis essetially proves the followig result: Theorem 1: Let G = (V, E) be a acyclic multicast etwork with uit capacity edges, a iformatio source ad the micut value to each receiver equal to. A wiretap code at the source based o a MD code with a k parity check matrix ad a etwork code such that o liear combiatio of µ = k or fewer codig vectors belogs to the space spaed by the rows of make the etwork iformatio theoretically secure agaist a wiretap adversary who ca observe at most µ k edges. Ay adversary able to observe more tha k edges will have ucertaity about the source smaller tha k. The above aalysis shows that the maximum throughput ca be achieved by applyig a wiretap chael code at the source ad the desigig the etwork code while respectig certai costraits. The decodig of secure source symbols is the merely matrix multiplicatio of the decoded multicast symbols Y. The method gives us a better isight of how much iformatio the adversary gets if he ca access more edges tha the code is desiged for. It also gives us a isight o how to simply desig secure etwork codes i some cases over much smaller alphabets the curretly deemed ecessary. Both claims are illustrated i the example below. IV. NETWORK CODE DEIGN ALPABET IZE The approach described previously i the literature for fidig a secure multicast etwork code cosisted of decouplig the problem of desigig a multicast etwork code ad makig it secure by usig some code o top of it. Feldma et al. showed i 4] that there exist etworks where the above costructio might require a quite large field size. We ivestigate here a differet costructio that, as was hited i the coclusio of 4], exploits the topology of the etwork. This is accomplished by icorporatig the security costraits i the Liear Iformatio Flow (LIF) algorithm of 11] that costructs liear multicast etwork codes i polyomial time i the umber of edges i the graph. The result is a better lower boud o the sufficiet field size. owever, the modified LIF algorithm does ot have polyomial time complexity. We start by givig a brief high level overview of the LIF algorithm of 11]. The iputs of the algorithm are the etwork, the source ode, the t destiatio odes ad the umber of packets that eed to be multicast to all the destiatios. Assumig the mi-cut betwee the source ad ay destiatio is at least, the algorithm outputs a liear etwork code that guaraties the delivery of the packets to all the destiatios. The algorithm starts by 1) fidig t flows F 1, F 2,...,F t of value each, from the source to to each destiatio ad 2) settig t matrices B Fj (oe for each receiver) equal to I The, it goes over the etwork edges, visitig each oe i topological order. I each iteratio, the algorithm fids a suitable local ecodig vector for the visited edge, ad updates the t matrices B Fj, each formed by the global ecodig vectors of the last visited edges i the flow F j. The algorithm maitais the ivariat that the matrices B Fj remai ivertible

after each iteratio. Thus, whe it termiates, each destiatio will get liear combiatio of the origial packets that form a full rak system. Thus each destiatio ca solve for these packets by ivertig the correspodig system. A importat result of the previous algorithm, is that a field of size at least t (the umber of destiatios) is always sufficiet for fidig the desired etwork code. As show i 11, Lemma 8], this follows from the fact that a field of size larger or equal to t is actually sufficiet for satisfyig the coditio that the t matrices B Fj are always ivertible. We modify the LIF algorithm so it outputs a secure etwork code i the followig way. We fix the k parity check matrix. WLOG, we assume that the µ packets observed by the wiretapper are liearly idepedet, i.e. rak C W = µ. We deote by e i the edge visited at the i-th iteratio of the LIF algorithm, ad by P i the set of the edges that have bee processed by the ed of it. The, we exted the set of ivariats to make sure that the ] ecodig vectors are chose so the matrices M W = are also ivertible; which by C w Theorem 1 achieves the security coditio. More precisely, usig the same techiques as the origial LIF algorithm, we make sure that by the ed of the ith iteratio, the matrices B Fj ad the matrices M Wi are ivertible; where W i = {e i } W ad W is a subset of P i of order µ 1 = k 1. The total umber of the matrices that eed to be kept ivertible i this modified versio of the LIF algorithm is at most ( ) 1 µ 1 + t (which correspods to the last iteratio). Thus, similarly as i 11, Lemma 8], we obtai the followig improved boud o the alphabet size for secure multicast: Theorem 2: Let G = (V, E) be a acyclic etwork with uit capacity edges, a iformatio source, ad the micut value to each of the t receivers equal to. A secure mulitcast at rate k i the presece of a wiretapper who ca observe at most µ k edges is always possible over the alphabet F q of size ( ) 1 q > + t. (4) µ 1 Boud (4) ca be further improved by realizig as was first doe i 12] that ot all edges i the etwork carry differet liear combiatio of source symbols. Lagberg et al. showed i 13, Thm. 5] that the problem of fidig multicast etwork codes for a etwork G ca be reduced to solvig the same problem for a special equivalet etwork Ĝ with same parameters ad t, which has the properties that all odes except the source ad the destiatios have total degree 3 ad at most 3 t 2 of its odes have i-degree 2. These odes are called ecodig odes, whereas the other oes are called forwardig odes sice the packets carried by their outgoig edges are just copies of the oes available at their sigle icomig edge. Give a etwork code for Ĝ, a oe for G ca be foud efficietly over the same field. Ad, the set of global ecodig vectors of the edges of G would be a subset of the oe of Ĝ. Goig back the security problem over a etwork G, oe ca try to fid a secure etwork code for the equivalet etwork Ĝ, ad the use the procedure described i 13] ad 14] to costruct a etwork code for G which will also be secure. Now cosider the problem of fidig secure etwork codes for Ĝ. This problem will ot chage if the wiretapper is ot allowed to wiretap the forwardig edges. Therefore, the set of edges that the wiretapper might have access to cosists of the ecodig edges ad the edges outgoig from the source, ad is of order 3 t 2 +δ, where δ is the out-degree of the source. Now, applyig Theorem 2 o Ĝ ad takig ito cosideratio the restrictio o the edges that ca be potetially wiretapped, we obtai the followig boud o the sufficiet field size which is idepedet of the size of the etwork. Corollary 1: For the trasmissio sceario of Thm. 2, a secure mulitcast etwork code always exists over the alphabet F q of size ( k 3 t 2 ) + δ q > + t. (5) µ 1 For etworks with two sources, we ca completely settle the questio o the required alphabet size for a secure etwork code. Note that the adversary has to be limited to observig at most oe edge of his choice. Based o the work of Fragouli ad oljai i 12], the codig problem for these etworks is equivalet to a vertex colorig problem of some specially desiged graphs, where the colors are actually the poits o the projective lie PG(1, q): 0 1], 1 0], ad 1 α i ] for 0 i q 2, (6) where α is a primitive elemet of F q. Clearly, ay etwork with two sources ad arbitrary umber of receives ca be securely coded by reducig the set of available colors i (6) by removig poit (color) 1 1] ad applyig a wiretap code based o the matrix = 1 1] as i the example above. Alphabet size sufficiet to securely code all etwork with two sources also follows from 12]: Theorem 3: For ay cofiguratio with two sources t receivers, the code alphabet F q of size 2t 7/4 + 1/2 + 1 is sufficiet for a secure etwork code. There exist cofiguratios for which it is ecessary. The wiretap approach to etwork security also provides the exact alphabet size ad secure code for a class of etworks kow as combiatio etworks ad are illustrated i Fig. 2. There are ( M ) receiver odes. Note that each odes of the R 1 Fig. 2. M Combiatio B(, M) etwork. R ( M h) secod layer are observed by a receiver. It is easy to see that a M + k, ] Reed olomo code ca be used, amely, the

first k rows its parity check matrix ca be used for the cosset code ad the rest as the codig vectors of the M edges goig out of the source. V. CONNECTION WIT OTER CEME A umber of coectios betwee secure etwork codig with the cocurret work o etwork error correctio ca be observed 15], 16], 17]. We here describe the relatioship betwee the proposed scheme ad previously kow costructios. Cai ad Yeug were first to study the desig of secure etwork codes for multicast demads 3]. They showed that, i the settig described above, a secure etwork code ca be foud for ay k µ. Their costructio is equivalet to the followig scheme: 1) Geerate a vector R = (r 1, r 2,..., r µ ) T choosig its compoets uiformly at radom over F q, 2) Form vector X by cocateatig the µ radom symbols R to the k source symbols : X = = (s 1,...,s k, r 1,...,r µ ) T R 3) Chose a ivertible matrix over F q ad a liear code multicast (LCM) 2] to esure the security coditio (1). (It is show i 3, Thm. 1] that such LCM ad T ca be foud provided that q > ( ) µ.) 4) Compute Y = TX ad multicast Y to all the destiatios by usig the costructed code. Feldma et al. cosidered also the same problem i 4]. Adoptig the same approach of 3], they showed that i order for the code to be secure, the matrix T should satisfy certai coditios (4, Thm. 6]), that we restate here for coveiece: I the above trasmissio scheme, the security coditio (1) holds if ad oly if ay set of vectors cosistig of 1) at most µ liearly idepedet global edge codig vectors ad/or 2) ay umber of vectors from the first k rows of T 1 is liearly idepedet. They also showed that if oe sacrifices i the umber of iformatio packets, that is, take k < µ, the oe ca fid secure etwork codes over fields of size much smaller tha the very large boud q > ( ) µ. We will ow show that our approach based o codig for the wiretap chael at the source is equivalet to the above stated scheme 3] with the coditios of 4]. Claim 1: Let T ad C be a matrix ad a correspodig secure etwork code satisfyig the above coditios. et = T where T is the k matrix formed by takig the first k rows of T 1. The ad C satisfy the coditio of Thm. 1. Proof: Cosider the secure multicast scheme of 3] as preseted above. For a give iformatio vector F k q, let B() be the set of all possible vectors Y F q that could be multicast through the etwork uder this scheme. More precisely, B() = { Y F q Y = TX, X = R, R F k q The, for all Y B(), we have T Y = T T =. T Therefore, ay Y B() also belogs to the coset of the }. space spaed by the rows of T whose sydrome is equal to. Moreover, sice T is ivertible, B() = 2 k implyig that set B() is exactly that coset. The coditios of 4] as stated above directly traslate ito (3), the remaiig coditio of Thm. 1. VI. CONCLUION We cosidered the problem of securig a multicast etwork implemetig etwork codig agaist a wiretapper capable of observig a limited umber of liks of his choice, as defied iitially by Cai ad Yeug. We showed that the problem ca be formulated as a geeralizatio of the wiretap chael of type II (which was itroduced ad studied by Ozarow ad Wyer), ad decomposed ito two sub-problems: the first oe of desigig a secure wiretap chael code ad the secod of desigig a etwork code satisfyig some additioal costraits. We proved there is o pealty to pay by adoptig this separatio, which we fid i may ways illumiative. ACKNOWLEDGMENT The authors would like to thak A. pritso for useful discussios about this work ad C. N. Georghiades for his cotiued support. REFERENCE 1] R. Ahlswede, N. Cai, -Y. R. Li, ad R. W. Yeug, Network iformatio flow, IEEE Tras. Iform. Theory, pp. 1204 1216, Jul. 2000. 2] -Y. R. Li, R. W. Yeug, ad N. Cai, Liear etwork codig, IEEE Tras. Iform. Theory, vol. 49, pp. 371 381, Feb. 2003. 3] N. Cai ad R. W. Yeug, ecure etwork codig, i Proc. 2002 IEEE Iterat. ymp. Iform. Th. (IIT 02), Ju. 2002. 4] J. Feldma, T. Malki, C. tei, ad R. A. ervedio, O the capacity of secure etwork codig, i Proc. 42d Aual Allerto Coferece o Commu., Cotrol, ad Comput., 2004. 5] K. Jai, ecurity based o etwork topology agaist the wiretappig attack, IEEE Wireless Commuicatios, pp. 68 71, Feb. 2004. 6] K. Bhattad ad K. R. Narayaa, Weakly secure etwork codig, i Proc. First Workshop o Network Codig, Theory, ad Applicatios (NetCod 05), Apr. 2005. 7] T. o, B. Leog, R. Koetter, M. Medard, M. Effros, ad D. Karger, Byzatie modificatio detectio i multicast etworks usig radomized etwork codig, i Proc. 2004 IEEE Iterat. ymp. Iform. Th. (IIT 04), Ju. 2004. 8]. Jaggi, M. Lagberg,. Katti, T. o, D. Katabi, ad M. Medard, Resiliet etwork codig i the presece of byzatie adversaries, 2007. 9] L.. Ozarow ad A. D. Wyer, The wire-tap chael II, Bell yst. Tech. Jour., vol. 63, pp. 2135 2157, 1984. 10], Wire-tap chael II, i Proc. of the EUROCRYPT 84 workshop o Advaces i cryptology: theory ad applicatio of cryptographic techiques. New York, NY, UA: priger-verlag New York, Ic., 1985, pp. 33 51. 11]. Jaggi, P. aders, P. Chou, M. Effros,. Eger, K. Jai, ad L. Tolhuize, Polyomial time algorithms for multicast etwork code costructio, IEEE Tras. Iform. Theory, pp. 1973 1982, Ju. 2005. 12] C. Fragouli ad E. oljai, Iformatio flow decompositio for etwork codig, IEEE Tras. Iform. Theory, pp. 829 848, Mar. 2006. 13] M. Lagberg, A. pritso, ad J. Bruck, Network codig: A computatioal perspective, IEEE Tras. Iform. Theory, pp. 2386 2397, Ju. 2006. 14], The ecodig complexity of etwork codig, submitted for publicatio. 15] Z. Zhag, Network error correctio codig i packetized etworks, i Proc. 2006 IEEE It. Iform. Theory Workshop (ITW 06), Chegdu, Chia, Oct. 2006. 16]. Yag ad R. W. Yeug, Characterizatios of etwork error correctio/detectio ad erasure correctio, i Proc. Third Workshop o Network Codig, Theory, ad Applicatios (NetCod 07), a Diego, CA, Ja. 2007. 17] R. Matsumoto, Costructio algorithm for etwork error-correctig codes attaiig the sigleto boud, 2006. Olie]. Available: http://www.citebase.org/abstract?id=oai:arxiv.org:cs/0610121

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information