Abstract
Network coding (NC) authentication schemes based on homomorphic message authentication codes (HMACs) are usually preferred due to the low computational complexity associated with their implementation. A basic requirement of these schemes is that they should be able to resist both message and tag pollution attacks. A common approach adopted in the design of these schemes uses key vectors to generate tags that are then used to detect these attacks. Conventionally, the only constraint placed on existing key selection models is that key elements must be chosen from a predefined finite cyclic field. In this work we prove that this condition alone is not sufficient to ensure total resistance to pollution attacks. We also provide a detailed description of this security loophole as well as a proposition that defines what a scheme needs in order to achieve total resistance to pollution attacks. Based on our findings we propose a modified authentication scheme for NC that is not exposed to the security loophole and therefore provides complete resistance to pollution attacks. Our evaluation of the proposed scheme against similar state of the art schemes shows that it achieves this at no extra overhead. As a matter of fact, the proposed scheme incurs a slightly lower computational overhead at non-source nodes coupled with a slightly lower key storage overhead.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ahlswede, R., Ning, C., Li, S.R., Yeung, R.W.: Network information flow. IEEE Trans. Inf. Theory 46(4), 1204–1216 (2000)
Menger, K.: Zur allgemeinen kurventheorie. Fundam. Math. 10(1), 96–115 (1927)
Elias, P., Feinstein, A., Shannon, C.: A note on the maximum flow through a network. IRE Trans. Inf. Theory 2(4), 117–119 (1956)
Ford, L., Fulkerson, D.: Maximal flow through a network. Can. J. Math. 8, 399–404 (1956)
Cover, T.M., Thomas, J.A.: Elements of Information Theory. Wiley Series in Telecommunications and Signal Processing (2006)
Iqbal, M.A., Dai, B., Huang, B., Hassan, A., Yu, S.: Survey of network coding-aware routing protocols in wireless networks. J. Netw. Comput. Appl. 34(6), 1956–1970 (2011)
Gkantsidis, C., Rodriguez, P.R.: Network coding for large scale content distribution. In: Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies, vol. 4, pp. 2235–2245. IEEE (2005)
Chachulski, S., Jennings, M., Katti, S., Katabi, D.: Trading structure for randomness in wireless opportunistic routing. SIGCOMM Comput. Commun. Rev. 37(4), 169–180 (2007). https://doi.org/10.1145/1282427.1282400
Gkantsidis, C., Goldberg, M.: Avalanche: file swarming with network coding. Microsoft Research (2005)
Katti, S., Katabi, D., Hu, W., Rahul, H., Medard, M.: The importance of being opportunistic: practical network coding for wireless environments. Newsl. ACM SIGCOMM Comput. Commun. Rev. 36(4), 243–254 (2006)
Wu, Y., Chou, P.A., Kung, S.Y.: Information exchange in wireless networks with network coding and physical-layer broadcast. Report, MSR-TR-2004 (2005)
Widmer, J., Fragouli, C., Le Boudec, J.Y.: Low-complexity energy-efficient broadcasting in wireless ad-hoc networks using network coding. In: Proceedings (2005)
Dimakis, A.G., Prabhakaran, V., Ramchandran, K.: Ubiquitous access to distributed data in large-scale sensor networks through decentralized erasure codes. In: IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks 2005, pp. 111–117. IEEE (2005)
Parsamehr, R., Mantas, G., Rodriguez, J., Martinez-Ortega, J.F.: IDLP: an efficient intrusion detection and location-aware prevention mechanism for network coding-enabled mobile small cells. IEEE Access 8, 43863–43875 (2020)
Parsamehr, R., Esfahani, A., Mantas, G., Rodriguez, J., MartÃnez-Ortega, J.F.: A location-aware IDPS scheme for network coding-enabled mobile small cells. In: 2019 IEEE 2nd 5G World Forum (5GWF), pp. 91–96. IEEE (2019)
Adat, V., Parsamehr, R., Politis, I., Tselios, C., Kotsopoulos, S.: Malicious user identification scheme for network coding enabled small cell environment. In: ICC 2020–2020 IEEE International Conference on Communications (ICC), pp. 1–6. IEEE (2020)
Katti, S., Rahul, H., Hu, W., Katabi, D., Médard, M., Crowcroft, J.: XORs in the air: practical wireless network coding. In: Proceedings of the 2006 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, pp. 243–254 (2006)
Chen, Y.J., Wang, L.C., Wang, K., Ho, W.L.: Topology-aware network coding for wireless multicast. IEEE Syst. J. 12(4), 3683–3692 (2018)
Gkantsidis, C., Rodriguez, P.: Cooperative security for network coding file distribution. In: INFOCOM, vol. 3, p. 5 (2006)
Yu, Z., Wei, Y., Ramkumar, B., Guan, Y.: An efficient signature-based scheme for securing network coding against pollution attacks. In: IEEE INFOCOM 2008-The 27th Conference on Computer Communications, pp. 1409–1417. IEEE (2008)
Dai, B., Zhang, S., Qu, Y., Yang, J., Wang, F.: Orthogonal vector based network coding against pollution attacks in n-layer combination networks. In: 2010 5th International ICST Conference on Communications and Networking in China, pp. 1–5. IEEE (2010)
Charles, D., Jain, K., Lauter, K.: Signatures for network coding. Int. J. Inf. Coding Theory 1(1), 3–14 (2009)
Jaggi, S., Langberg, M., Katti, S., Ho, T., Katabi, D., Médard, M.: Resilient network coding in the presence of byzantine adversaries. In: IEEE INFOCOM 2007–26th IEEE International Conference on Computer Communications, pp. 616–624. IEEE (2007)
Yu, Z., Wei, Y., Ramkumar, B., Guan, Y.: An efficient scheme for securing XOR network coding against pollution attacks. In: IEEE INFOCOM 2009, pp. 406–414. IEEE (2009)
Kehdi, E., Li, B.: Null keys: limiting malicious attacks via null space properties of network coding. In: IEEE INFOCOM 2009, pp. 1224–1232. IEEE (2009)
Zhao, F., Kalker, T., Médard, M., Han, K.J.: Signatures for content distribution with network coding. In: 2007 IEEE International Symposium on Information Theory, pp. 556–560. IEEE (2007)
Agrawal, S., Boneh, D.: Homomorphic MACs: MAC-based integrity for network coding. In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS 2009. LNCS, vol. 5536, pp. 292–305. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01957-9_18
Krohn, M.N., Freedman, M.J., Mazieres, D.: On-the-fly verification of rateless erasure codes for efficient content distribution. In: IEEE Symposium on Security and Privacy 2004, Proceedings 2004, pp. 226–240. IEEE (2004)
Ho, T., Leong, B., Koetter, R., Médard, M., Effros, M., Karger, D.R.: Byzantine modification detection in multicast networks with random network coding. IEEE Trans. Inf. Theory 54(6), 2798–2803 (2008)
Esfahani, A., Mantas, G., Rodriguez, J.: An efficient null space-based homomorphic MAC scheme against tag pollution attacks in RLNC. IEEE Commun. Lett. 20(5), 918–921 (2016)
Esfahani, A., Yang, D., Mantas, G., Nascimento, A., Rodriguez, J.: Dual-homomorphic message authentication code scheme for network coding-enabled wireless sensor networks. Int. J. Distrib. Sens. Netw. 11(7), 510251 (2015)
Kim, M., et al.: On counteracting byzantine attacks in network coded peer-to-peer networks. IEEE J. Sel. Areas Commun. 28(5), 692–702 (2010)
Cai, N., Yeung, R.W.: Secure network coding. In: Proceedings IEEE International Symposium on Information Theory, p. 323. IEEE (2002)
Zhang, P., Jiang, Y., Lin, C., Fan, Y., Shen, X.: P-coding: secure network coding against eavesdropping attacks. In: 2010 Proceedings IEEE INFOCOM, pp. 1–9. IEEE (2010)
Li, Y., Yao, H., Chen, M., Jaggi, S., Rosen, A.: Ripple authentication for network coding. In: 2010 Proceedings IEEE INFOCOM, pp. 1–9. IEEE (2010)
Zhang, P., Jiang, Y., Lin, C., Yao, H., Wasef, A., Shenz, X.: Padding for orthogonality: efficient subspace authentication for network coding. In: 2011 Proceedings IEEE INFOCOM, pp. 1026–1034. IEEE (2011)
Esfahani, A., Mantas, G., Rodriguez, J., Neves, J.C.: An efficient homomorphic MAC-based scheme against data and tag pollution attacks in network coding-enabled wireless networks. Int. J. Inf. Secur. 16(6), 627–639 (2017). https://doi.org/10.1007/s10207-016-0351-z
Lawrence, T., Li, F., Ali, I., Haruna, C.R., Kpiebaareh, M.Y., Christopher, T.: A computationally efficient HMAC-based authentication scheme for network coding. Telecommun. Syst. 79, 47–69 (2022). https://doi.org/10.1007/s11235-021-00842-6
Acknowledgments
This work is supported by the Sichuan Science and Technology Program (grant no. 2021YFG0157)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
A Description of Symbols
A Description of Symbols
This appendix presents a tabulated description of all the symbols that were used in this work. Please that the symbols are listed in order of appearance (Table 2).
Rights and permissions
Copyright information
© 2022 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Tandoh, L., Li, F., Ali, I., Haruna, C.R., Kpiebaareh, M.Y., Tandoh, C. (2022). Requirements for Total Resistance to Pollution Attacks in HMAC-Based Authentication Schemes for Network Coding. In: Cao, C., Zhang, Y., Hong, Y., Wang, D. (eds) Frontiers in Cyber Security. FCS 2021. Communications in Computer and Information Science, vol 1558. Springer, Singapore. https://doi.org/10.1007/978-981-19-0523-0_12
Download citation
DOI: https://doi.org/10.1007/978-981-19-0523-0_12
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-19-0522-3
Online ISBN: 978-981-19-0523-0
eBook Packages: Computer ScienceComputer Science (R0)