Abstract
Network coding has emerged as a promising approach for peer-to-peer converged ubiquitous networks to increase network capacity and solve the block reconciliation problem. However, peer-to-peer systems with network coding suffer a severe security threat, known as pollution attack, in which malicious peers inject corrupted packets into the information flow. Previous solutions are either computationally expensive or too ineffective to limit pollution attacks with arbitrary collusion among malicious peers. In this paper, we propose time keys, an efficient security scheme which allows participating peers to efficiently detect corrupted packets by using time and space properties of network coding. Our work is an innovative security solution to frustrate pollution attacks with collusion based on time and space properties of network coding. In addition, time keys scheme provides an efficient packet verification without requiring the existence of any extra secure channels. We also present security analysis and simulations of our scheme, and results demonstrate the practicality and efficiency of time keys scheme.
Similar content being viewed by others
References
Ahlswede R, Cai N, Li S-YR, Yeung RW (2000) Network information flow. IEEE Trans Inf Theory 46(4):1204–1216
Cai N, Yeung RW (2011) Secure network coding on a wiretap network. IEEE Trans Inf Theory 57(1):424–435
Cai N, Chan T (2011) Theory of secure network coding. Proc IEEE 99(3):421–437
Chung T-Y, Wang C-C, Chen Y-M, Chang Y-H (2008) Pnecos: a peer-to-peer network coding streaming system. In: Proceedings IEEE international conference sensor networks, ubiquitous and trustworthy computing SUTC ’08, pp 379–384
Xu J, Wang X, Zhao J, Lim A (2012) I-swifter: improving chunked network coding for peer-to-peer content distribution. Peer-to-Peer Netw Appl 5:30–39
Silva D, Kschischang FR (2009) Universal weakly secure network coding. In: Proceedings IEEE information theory workshop networking and information theory (ITW 2009), pp 281–285
Vilela JP, Lima L, Barros J (2008) Lightweight security for network coding. In: Proceedings IEEE international conference communications ICC ’08, pp 1750–1754
Jaggi S, Langberg M, Katti S, Ho T, Katabi D, Medard M (2007) Resilient network coding in the presence of byzantine adversaries. In: Proceedings INFOCOM 2007. 26th IEEE international conference computer communications. IEEE, pp 616–624
Kehdi E, Li B (2009) Null keys: Limiting malicious attacks via null space properties of network coding. In: Proceedings IEEE INFOCOM 2009, pp 1224–1232
Dong J, Curtmola R, Nita-Rotaru C (2009) Practical defenses against pollution attacks in intra-flow network coding for wireless mesh networks. In: Proceedings of the second ACM conference on wireless network security, WiSec ’09. ACM, New York, pp 111–122
Li Y, Yao H, Chen M, Jaggi S, Rosen A (2010) Ripple authentication for network coding. In: Proceedings IEEE INFOCOM, pp 1–9
Ho T, Koetter R, Medard M, Karger D, Effros M (2003) The benefits of coding over routing in a randomized setting. In: Proceedings IEEE international symposium on information theory (ISIT 2003), pp 442–452
Yu Z, Wei Y, Ramkumar B, Guan Y (2009) An efficient scheme for securing xor network coding against pollution attacks. In: Proceedings IEEE INFOCOM 2009, pp 406–414
Tang Y, Xiao B, Lu X (2011) Signature tree generation for polymorphic worms. IEEE Trans Comput 60(4):565–579
Boneh D, Freeman D, Katz J, Waters B (2009) Signing a linear subspace: signature schemes for network coding. In: Jarecki S, Tsudik G (eds) Public key cryptography C PKC 2009, vol. 5443 of lecture notes in computer science. Springer Berlin/Heidelberg, pp 68–87
Gkantsidis C, Rodriguez Rodriguez P (2006) Cooperative security for network coding file distribution. In: Proceedings 25th IEEE international conference computer communications INFOCOM 2006, pp 1–13
Acknowledgments
This work is supported by The National Basic Research Program of China (973 Program) (2012CB315900); The National High Technology Research and Development Program of China (863 Program) (2011AA01A103); Hunan Provincial Natural Science Foundation of China (11JJ7003); Natural Science Foundation of China (61070201); Program for Changjiang Scholars and Innovative Research Team in University (IRT1012).
Author information
Authors and Affiliations
Corresponding author
Appendix
Appendix
Theorem 1
The dimension of orthogonal space of Π X is equal to m.
Proof
Considering the rank-nullity theorem [9], we have r a n k(A) + n u l l i t y(A) = n for any m × n matrix A, where the dimension of the orthogonal space of A is called the nullity of A.
X is a n × (m + n) matrix whose ith row is x i , and r a n k(X) = n. Applying the rank-nullity theorem to our network coding system, we have:
So, dimension of orthogonal space of π X is equal to m. Theorem 1 has been proved. □
Theorem 2
Packets verification with pure orthogonality principle is not secure in pollution attacks with collusion.
Proof
If the orthogonality principle is satisfied, it does not imply that the received vector belongs to π X . If the malicious node knows the value of orthogonal vectors collected by its neighbor, it can easily find a corrupted vector that satisfies the orthogonality principle. During pollution attacks with collusion, malicious nodes can obtain most of orthogonal vectors, and they can easily destroy the packets verification and launch pollution attacks. Theorem 2 has been proved. □
Rights and permissions
About this article
Cite this article
He, M., Gong, Z., Chen, L. et al. Securing network coding against pollution attacks in P2P converged ubiquitous networks. Peer-to-Peer Netw. Appl. 8, 642–650 (2015). https://doi.org/10.1007/s12083-013-0216-4
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12083-013-0216-4