A Novel Lightweight Algorithm for Secure Network Coding



Similar documents
Additional File 1 - A model-based circular binary segmentation algorithm for the analysis of array CGH data

An Algorithm For Factoring Integers

AREA COVERAGE SIMULATIONS FOR MILLIMETER POINT-TO-MULTIPOINT SYSTEMS USING STATISTICAL MODEL OF BUILDING BLOCKAGE

Keywords: Transportation network, Hazardous materials, Risk index, Routing, Network optimization.

Joint Virtual Machine and Bandwidth Allocation in Software Defined Network (SDN) and Cloud Computing Environments

TRUCK ROUTE PLANNING IN NON- STATIONARY STOCHASTIC NETWORKS WITH TIME-WINDOWS AT CUSTOMER LOCATIONS

Efficient Evolutionary Data Mining Algorithms Applied to the Insurance Fraud Prediction

Perturbation Theory and Celestial Mechanics

PCA vs. Varimax rotation

A New Estimation Model for Small Organic Software Project

Mixed Task Scheduling and Resource Allocation Problems

Gravitation. Definition of Weight Revisited. Newton s Law of Universal Gravitation. Newton s Law of Universal Gravitation. Gravitational Field

A Coverage Gap Filling Algorithm in Hybrid Sensor Network

Minimal Coding Network With Combinatorial Structure For Instantaneous Recovery From Edge Failures

A New replenishment Policy in a Two-echelon Inventory System with Stochastic Demand

LINES ON BRIESKORN-PHAM SURFACES

(Semi)Parametric Models vs Nonparametric Models

On the Efficiency of Equilibria in Generalized Second Price Auctions

Luby s Alg. for Maximal Independent Sets using Pairwise Independence

A Mathematical Model for Selecting Third-Party Reverse Logistics Providers

REAL INTERPOLATION OF SOBOLEV SPACES

A PARTICLE-BASED LAGRANGIAN CFD TOOL FOR FREE-SURFACE SIMULATION

Orbit dynamics and kinematics with full quaternions

PAS: A Packet Accounting System to Limit the Effects of DoS & DDoS. Debish Fesehaye & Klara Naherstedt University of Illinois-Urbana Champaign

Charging the Internet Without Bandwidth Reservation: An Overview and Bibliography of Mathematical Approaches

PREVENTIVE AND CORRECTIVE SECURITY MARKET MODEL

A SECURE CLOUD ARCHITECTURE FOR PUBLIC AUDITING BY USING SHARED MECHANISM

Electric Potential. otherwise to move the object from initial point i to final point f

AN EQUILIBRIUM ANALYSIS OF THE INSURANCE MARKET WITH VERTICAL DIFFERENTIATION

The Detection of Obstacles Using Features by the Horizon View Camera

Drag force acting on a bubble in a cloud of compressible spherical bubbles at large Reynolds numbers

Statistical modelling of gambling probabilities

The Development of Web Log Mining Based on Improve-K-Means Clustering Analysis

econstor zbw

An Efficient Group Key Agreement Protocol for Ad hoc Networks

Security of Full-State Keyed Sponge and Duplex: Applications to Authenticated Encryption

HEALTHCARE INTEGRATION BASED ON CLOUD COMPUTING

UNIVERSIDAD DE LA REPÚBLICA Facultad de Ingeniería RESOURCE ALLOCATION IN NETWORKS FROM A CONNECTION-LEVEL PERSPECTIVE

Research on Cloud Computing Load Balancing Based on Virtual Machine Migration

Discussion Papers. Thure Traber Claudia Kemfert

Order-Degree Curves for Hypergeometric Creative Telescoping

Module 2 LOSSLESS IMAGE COMPRESSION SYSTEMS. Version 2 ECE IIT, Kharagpur

REAL TIME MONITORING OF DISTRIBUTION NETWORKS USING INTERNET BASED PMU. Akanksha Eknath Pachpinde

High Availability Replication Strategy for Deduplication Storage System

The Can-Order Policy for One-Warehouse N-Retailer Inventory System: A Heuristic Approach

Recurrence. 1 Definitions and main statements

Effect of Contention Window on the Performance of IEEE WLANs

A Secure Password-Authenticated Key Agreement Using Smart Cards

Determinants of Borrowing Limits on Credit Cards Shubhasis Dey and Gene Mumy

Research on Risk Assessment of the Transformer Based on Life Cycle Cost

An Interest-Oriented Network Evolution Mechanism for Online Communities

PSYCHOLOGICAL RESEARCH (PYC 304-C) Lecture 12

AN IMPLEMENTATION OF BINARY AND FLOATING POINT CHROMOSOME REPRESENTATION IN GENETIC ALGORITHM

International Business Cycles and Exchange Rates

The Greedy Method. Introduction. 0/1 Knapsack Problem

"Research Note" APPLICATION OF CHARGE SIMULATION METHOD TO ELECTRIC FIELD CALCULATION IN THE POWER CABLES *

Prejudice and the Economics of Discrimination

Bending Stresses for Simple Shapes

Adaptive Queue Management with Restraint on Non-Responsive Flows

Statistical Discrimination or Prejudice? A Large Sample Field Experiment. Michael Ewens, Bryan Tomlin, and Liang Choon Wang.

Simultaneous Detection and Estimation, False Alarm Prediction for a Continuous Family of Signals in Gaussian Noise

Institute of Informatics, Faculty of Business and Management, Brno University of Technology,Czech Republic

Ilona V. Tregub, ScD., Professor

v a 1 b 1 i, a 2 b 2 i,..., a n b n i.

MULTIPLE SOLUTIONS OF THE PRESCRIBED MEAN CURVATURE EQUATION

Software Engineering and Development

Green's function integral equation methods for plasmonic nanostructures

YARN PROPERTIES MEASUREMENT: AN OPTICAL APPROACH

Over-encryption: Management of Access Control Evolution on Outsourced Data

Imperial College London

8 Algorithm for Binary Searching in Trees

Automatic Testing of Neighbor Discovery Protocol Based on FSM and TTCN*

APPLICATION OF PROBE DATA COLLECTED VIA INFRARED BEACONS TO TRAFFIC MANEGEMENT

The transport performance evaluation system building of logistics enterprises

Impact on inventory costs with consolidation of distribution centers

Forecasting the Demand of Emergency Supplies: Based on the CBR Theory and BP Neural Network

benefit is 2, paid if the policyholder dies within the year, and probability of death within the year is ).

Spirotechnics! September 7, Amanda Zeringue, Michael Spannuth and Amanda Zeringue Dierential Geometry Project

Strength Analysis and Optimization Design about the key parts of the Robot

Support Vector Machines

An Efficient Recovery Algorithm for Coverage Hole in WSNs

Linear Circuits Analysis. Superposition, Thevenin /Norton Equivalent circuits

An Evaluation of the Extended Logistic, Simple Logistic, and Gompertz Models for Forecasting Short Lifecycle Products and Services

I = Prt. = P(1+i) n. A = Pe rt

Molecular Dynamics. r F. r dt. What is molecular dynamics?

IMPACT ANALYSIS OF A CELLULAR PHONE

Cloud Service Reliability: Modeling and Analysis

4. SHAFT SENSORLESS FORCED DYNAMICS CONTROL OF RELUCTANCE SYNCHRONOUS MOTOR DRIVES

Transcription:

A Novel Lghtweght Algothm fo Secue Netwok Codng A Novel Lghtweght Algothm fo Secue Netwok Codng State Key Laboatoy of Integated Sevce Netwoks, Xdan Unvesty, X an, Chna, E-mal: {wangxaoxao,wangmeguo}@mal.xdan.edu.cn Abstact In the pactcal netwok codng scenao, the advesay usually has full eavesdoppng abltes. Hence, lghtweght secue netwok codng s moe sutable than the nfomaton-theoetc appoach. We popose a novel codng scheme aganst a global eavesdoppe n ths pape. In ou scheme, we utlze mappng values to andomze ognal packets nstead of locked coeffcents. It means that only one encypted symbol s eued fo a packet, whch apdly educes space ovehead and encypton volume. Meanwhle, thee s no addtonal euement at ntemedate nodes. Compaed to the exstng schemes, ou scheme s moe effcent n space ovehead and encypton volume wth appopate computatonal complexty.. Intoducton Keywods: Netwok Codng, Lghtweght Secue, Eavesdoppng Attacks Netwok codng [] allows ntemedate nodes to mx the ncomng packets befoe sendng out, whch s dffeent fom the tadtonal stoe-fowad mechansm. Lnea netwok codng [2] showed that t could acheve the multcast capacty n a suffcent lage feld. Fo the opeaton convenence and smple algebac stuctue, much of the eseach focuses on the lnea netwok codng. Moeove, when the feld sze s lage than 2 8 o 2 6, andom lnea netwok codng (RLNC) [3] could also acheve the multcast capacty wth pobablty exponental appoachng wth code length. In RLNC, the ntemedate nodes ndependently select codng coeffcents andomly ove fnte feld, whch s a decentalzed mechansm, and easy to mplemented n pactce. Koette and Medad [4] poposed the algebac famewok fo netwok codng and gave an algebac chaactezaton of the multcast poblem. Netwok codng had many applcatons, such as weless mesh netwok [5-6] and coopeatve communcaton [7] etc. Secue netwok codng was fst consdeed n [8] to acheve pefect nfomaton-theoetc secuty, whch s aganst that advesaes could only wetap a lmted numbe of netwok lnks. Feldman et al. [9] showed that makng a secue lnea netwok code s euvalent to fndng a lnea code wth genealzed dstance popetes and ponted that f we gve up a small amount of oveall capacty, then a andom code acheves secuty by usng a much smalle feld. Rouayheb et al. [] pesented a constucton of secue netwok codes by usng secue codes fo wetap channel Ⅱ.Nga et al. [] extended the genealzed Hammng weght [2] fo lnea eo coecton codes to lnea netwok codes. Weakly secue netwok codng was poposed n [3] such that advesay s unable to get any meanngful nfomaton about the souce messages, ths s moe pactce than the pefect nfomaton-theoetc secuty. Stongly secue lnea netwok codng s poposed by Haada and Yamamoto [4], they showed that stong secuty n fact contans weak secuty as a specal case. Unvesal secue netwok codng was poposed n [5] based on ank-metc codes, and t has the unvesal popety that can be appled on top of any netwok wthout po knowledge o any modfcatons on the lnea netwok code. Jan [6] studed the elaton between secuty and netwok topology. A necessay and suffcent condton was deved unde whch souce messages can be tansmtted wth pefect secuty. In eal scenaos, the wetap capablty s unlmted and computatonally bounded. Moeove, netwok capacty and compute esouce ae pecous. To solve the poblem, the moe pactcal scheme was poposed n [7-9] that combnes cyptogaphc appoaches wth netwok codng to aganst global eavesdoppe and keeps andom netwok codng unchanged at ntemedate nodes. A mnmum ovehead scheme (MOS) was poposed n [7] to acheve pefect secuty, but wth hgh encypton volume because the whole message s encypted. The scheme n [8] (P-Codng) utlzed pemutaton encypton functon to aganst eavesdoppng attacks wthout ovehead, but t s also wth hgh Advances n nfomaton Scences and Sevce Scences(AISS) Volume4, Numbe2, Nov 22 do:.456/aiss.vol4.ssue2.8 675

A Novel Lghtweght Algothm fo Secue Netwok Codng encypton volume. Lghtweght secue scheme (SPOC) was pesented n [9], whch only encypts a much shote exta codng vecto nstead of the whole packet, so t educed encypton volume but nceased capacty ovehead. In ths pape, we popose a moe effcent scheme aganst global eavesdoppe that acheves secuty wth mnmum ovehead and encypton volume wthout changng the mplement at the ntemedate nodes o eung a lage feld. The key dea of ou novel scheme s to utlze some mappng values to geneate a souce pecodng matx nstead of exta codng vectos, whch educe the length of the andom keys. 2. Poblem Fomulaton We epesent a communcaton netwok by an acyclc dected gaph G V, E, whee V and E denote the set of nodes and edges, espectvely. Each edge n the netwok s able to tansmt a packet ove fnte feld wthout eo. Souce node S wshes to send a lage fle M to all the eceves n a geneaton and M s spltted nto data packets by S. Each data packet s denoted by n x ( x,, xn),, whee. Intemedate nodes andomly choose codng coeffcents ove fo ts nput packets and fowad a lnea combnaton of nput packets at each outgong edge. Snk nodes can ecove M wth Gaussan elmnaton afte ecevng at least lnea ndependent packets. Thee s a global eavesdoppe n the netwok. We assume the advesay s able to choose a subset of ndependent edges, whch means that the global codng vectos of wetap edges ae ndependent. 3. Poposed Scheme In ths secton, we popose a pecodng scheme fo lghtweght secue netwok codng wth gnoed space ovehead. 3. Pecodng at Souce As descbed n the pevous secton, a lage fle M was spltted nto packets, and we choose an n appopate mappng functon h( x): fo these packets, whch maps packets to dffeent values. Then, we constuct a pecodng matx P by mappng values h( x ),. h( x) h( x2) h( x ) 2 2 2 h( x) h( x2) h( x ) P h( x) h( x2) h( x ) () Obvously, matx P s a Vandemonde matx and t s an nvetble matx that could be used to pe-encode ognal packets x, x. x x x2 x2 P x x n n (2) Then souce S concatenates packet x ( x,, xn, h( x)). x wth coespondng mappng value h( x ) to be a pe-encoded 676

A Novel Lghtweght Algothm fo Secue Netwok Codng Fo secuty, S must hde the last symbol h( x ) of x fom advesay, so that the advesay can not get nfomaton about ognal packet by wetappng attacks. We encypt h( x ) usng AES cyptosystem and obtan Ehx ( ( )). Then we get a new packet x ( x,, xn, E( h( x))). Afte that, S ceates an augmented packet as follow, new m (,,,,,,, x ) ( n),,,. At last, the augmented packets ae tansmtted nto the netwok and the ntemedate nodes employee RLNC. 3.2 Decodng at Snks When a snk node eceves at least ndependent message packets, t can begn to decode as follows. new new T Step : Usng Gaussan elmnaton to ecove the new message packets [ x,, x ]. new new T Step 2: We decypt the last column of [ x,, x ] wth AES to get [ x,, x ] T and h( x ). Step 3: Constuct the pecodng matx P by h( x ),,,. Compute the nvese matx P, and emove h( x ),, h( x ) T fom [ x,, x ] T to obtan [ x,, x ] T. T T Step 4: At last, we obtan the ogn data packets by [ x,, x ] P [ x,, x ]. 3.3 Secuty Analyss new We assume the advesay has full knowledge about the stuctual chaactestcs of P, and mappng functon h() s also known to t. Howeve, t s computatonally bounded, whch means that gven a ha mappng value b, t s computatonally nfeasble to fnd nput a such that b. The element of P s keep secet to advesay, snce we andomze the ognal packets x, by P. Euvalently, the ognal packets ae encypted by P. Theefoe, the advesay only gets the new lnea combnaton of x,. Futhemoe, the advesay s able to eavesdop at least ndependent edges to decode new new x,, x. The subset of wetap edges s denoted by W, and R {( h x ),,} denotes new new mappng value set. The advesay tes to obtan the ogn packets x,, x fom x,, x by the followng euaton system, h( x) xh( x2) x2 h( x) x x h( x) xj h( x2) x2j h( x) xj xj (4) h( x) xn h( x2) x2n h( x) xn xn thee ae ( n ) euatons wth ( n ) unknown vaables x,, xn and h( x),, h( x ) n (4). It s easly known that h( x ),, h( x ) has P possbltes, because h( x ), has possbltes. So the numbe of total possbltes s ( ) ( 2) ( ) P. Theefoe, the soluton to (4) s an affne subspace wth cadnalty as follow, That means, ( n) P ( n) P (3) 677

A Novel Lghtweght Algothm fo Secue Netwok Codng P x,, xyw (5) P whee Y W denotes the message packets whch ae caed n W. Hence, the advesay cannot ecove x,, x wthout h( x),, h( x ). That s, the ogn data packets ae secue. 3.4 Compason In ou scheme, thee ae ogn data packets n a geneaton whch ae n -length, and get n - length pe-encoded packets afte souce codng. That means the space ovehead of one packet s. The last symbol of the pe-encoded packet s used to constuct the locked coeffcent, so that only one symbol s needed to be encypted. As mentoned pevously, the space ovehead and encypton volume ae ndependent of the packets, whch ae sgnfcant educed by ou scheme. Howeve, SPOC encypts n -length ogn data packets wth -length global encodng vectos. These global encodng vectos ae encypted by shaed keys and placed n the heade of the coespondng peencoded packets, whch ae called locked coeffcents. 8 In ode to gve a smple compason, we consde a feld wth sze 2, and thee ae 2 packets n a geneaton. The maxmum packet sze s 5 bytes as [9] mentoned. Ou scheme esults n a space ovehead ato of.667%, because of only one symbol s placed n the heade of a packet. Howeve, thee s 2-length locked coeffcent placed n the heade by SPOC, so that the space ovehead ato s 3.3% fo SPOC. Futhemoe, ou scheme yelds encypton volume of 2 bytes n a geneaton and coespondng to 4 bytes by SPOC. Table. Compason wth othe schemes Schemes Encypton Volume Space Ovehead Computaton Cost Adel [7] n Zhang [8] Vlela [9] Ous n 3 ( ) 3 ( ) The compason between ou scheme and othe schemes s gven n Table. and Fgue, the ed cuve n Fgue s ou esult. And the blue cuve s ovelappng to the puple cuve, whch means the encypton volume geneated by Vlela scheme s almost same as tadtonal scheme. We can see fom Table. that ou scheme causes a tny space ovehead and Fgue shows that ou scheme sgnfcantly educes the encypton volume compaed to othes. In addton, the computatonal cost of ou scheme s 3 ( ), whch s the same as SPOC. The man computatonal cost conssts of the nvese of pecodng matx P and othe matx opeaton. The scheme poposed n ths pape s an effcent algothm whch has smalle space ovehead and lowe encypton volume wth appopate computaton cost. 678

A Novel Lghtweght Algothm fo Secue Netwok Codng 9 8 7 Tadtonal Vlela Ou Zhang Adel Encypton volume 6 5 4 3 2 2 3 4 5 6 7 8 Data sze Fgue. The compason of encypton volume 4. Concluson We poposed a novel lghtweght scheme aganst eavesdoppng attacks based on computatonal secuty n ths pape. The basc dea of ths scheme s to utlze keys, whch ae espectve to ogn data packets, to geneate a Vandemonde matx as pecodng matx. Snce encypted mappng value s embedded at the end of pe-encoded packets and then tansmtted ove the netwok, the space ovehead s mnmzed, and the encypton volume s educed as well. The secuty analyss shows that fo the same secuty euement, ou scheme s moe effcent. 5. Acknowledgements Ths wok s suppoted by the Natonal Natual Foundaton of Chna unde Gants No.6832 and 62774. The authos also would lke to thank all the evewes fo the had woks. 6. Refeences [] Rudolf Ahlswede, Nng Ca, Shuo-Yen Robet L, and Raymond W. Yeung, Netwok nfomaton flow, IEEE Tans. Inf. Theoy, Vol. 46, No.4, pp. 24 26, July. 2. [2] Shuo-Yen Robet L, Raymond W. Yeung and Nng Ca, Lnea netwok codng, IEEE Tans. Inf. Theoy, Vol. 49, No. 2, pp. 37-38, Feb. 23. [3] Tacey Ho, Muel Medad, Ralf Koette, Davd R. Kage, Mchelle Effos, Jun Sh and Ben Leong, A andom lnea netwok codng appoach to multcaost, IEEE Tans. Inf. Theoy, Vol. 52, No., pp. 443 443, Oct. 26. [4] Ralf Koette and Muel Medad, An algebac appoach to netwok codng, IEEE/ACM Tansactons on Netwokng, Vol., No. 5, pp. 782-795, Oct. 23. [5] Jn Q,, Shuny Zhang, Shujng L,, Lu Cao, "A Random Lnea Codng Algothm fo Cogntve Weless Mesh Netwoks", JCIT, Vol. 7, No. 6, pp. 2-2, 22. [6] Yafe Hu, Fangmn L, Xnhua Lu, "On Netwok Codng fo Qos Impovement n Weless Mesh Netwoks", AISS, Vol. 4, No. 7, pp. -3, 22. 679

A Novel Lghtweght Algothm fo Secue Netwok Codng [7] Mngfeng Zhao, Yajan Zhou,, Yxan Yang, Wen Song, "An Impoved Analog Netwok Codng Scheme fo Coopeatve Communcaton Systems", JCIT, Vol. 6, No. 9, pp. 2-29, 2. [8] Nng Ca and Raymond W. Yeung, Secue netwok codng, n Poc. IEEE ISIT 2, Lausanne, Swtzeland, July 22, pp. 323. [9] Jon Feldman, Tal Malkn, Clff Sten, and Rocco A. Sevedo, On the capacty of secue netwok codng, n Poc. 42nd Annual Alleton Conf. Commun., Contol and Comput., Sep. 24. [] Salm El Rouayheb, Emna Soljann, and Alex Spntson, Secue netwok codng fo wetap netwoks of type Ⅱ, IEEE Tansactons on Infomaton Theoy, Vol. 58, No. 3, pp. 36-37. Ma. 22. [] Ch-Kn. Nga, Raymond W. Yeung and Zhxue Zhang, Netwok genealzed hammng weght, n Poc. Wokshop on Netwok Codng Theoy and Applcaton., Lausanne, Swtzeland, 29, pp. 48-53. [2] Vcto K. We, Genealzed hammng weght fo lnea codes, IEEE Tans. Inf. Theoy, Vol. 37, No. 5, pp. 42 48, Sep. 99. [3] Kapl Bhattad and Kshna R. Naayanan, Weakly secue netwok codng, n Poc. NETCOD 5, Rva del Gada, Italy, Ap. 25. [4] Kunhko Haada and Hosuke Yamamoto, Stongly secue lnea netwok codng, IEICE Tans. Fund., Vol. E9-A, No., pp. 272-2728, Oct. 28. [5] Danlo Slva and Fank R. Kschschang, Unvesal secue netwok codng va ank-metc codes, IEEE Tans. Inf. Theoy, Vol. 57, No. 2, pp. 24-35, Feb. 2. [6] Kamal Jan, Secuty based on netwok topology aganst the wetappng attack, IEEE Weless Commun., Vol., No., pp. 68-7, Feb. 24. [7] Majd Adel and Huapng Lu, Secue netwok codng wth mnmum ovehead based on hash functons, IEEE Commun. Lett., Vol. 3, No 2, pp. 956-958, Dec. 29. [8] Peng Zhang, Ynxn Jang, Chuang Ln, Yanfe Fan and Xuemn Shen, P-Codng: secue netwok codng aganst eavesdoppng attacks, n Poc. IEEE INFOCOM 2, San Dego, CA, USA, Ma. 2, pp. -9. [9] Joao P. Vlela, Lusa Lma and Joao Baos, Lghtweght secuty fo netwok codng, n Poc. IEEE ICC8, Bejng, Chna, pp. 75-754, May 28. 68

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information