A bandwidth efficient HMAC-based authentication scheme for network coding

https://doi.org/10.1016/j.jisa.2020.102658Get rights and content

Abstract

Pollution attacks in network coding result in the waste of bandwidth and computational resources. Several homomorphic message authentication code (HMAC) and signature-based schemes have been proposed to mitigate such attacks. In these schemes, authentication is achieved by appending several HMAC tags with or without a signature to the packet payload. This approach negatively affects the throughput as well as the communication overhead incurred by such schemes. A phenomenon determined by a property we dubbed as the admissible payload rate (APR). In this paper we propose an HMAC and signature-based authentication scheme that addresses the afore mentioned problems. It achieves this by reducing the number of symbols needed to represent a packet. We evaluated the performance of our scheme and compared our findings to the performance of similar, state of the art authentication schemes. Our comparisons revealed that the proposed scheme incurred a negligible percentage gain in computational complexity. However, with no extra key storage overhead, and without sacrificing security, our scheme achieved a significant percentage reduction in communication overhead. The above mentioned favorable characteristics make our scheme an ideal and practical authentication solution for networks where bandwidth is a constraint or an optimal throughput is a requirement.

Introduction

Almost two decades ago Alshwede et al. introduced the term and concept of network coding in [1]. Contrary to the orthodox routing technique of store-and-forward. Network coding allowed intermediate nodes to combine received packets allowing the network to achieve its maximum multicast rate as per the max-flow min-cut theorem [2]. Several variations of network coding approaches exist. These are classified based on the manner in which packets are re-coded as they traverse the network. In simple network coding, packets are combined using the XoR operation. In a slightly more advanced approach to linear network coding, packets leaving a node are formed via a linear combination of the packets received by the node and carefully chosen local encoding coefficients. The most famous of them all is the method introduced by Ho et al. [3] dubbed random linear network coding. Unlike linear network coding, this approach allows network nodes to choose their local encoding coefficients uniformly at random from a finite field. Thus, making this a fully distributed approach. Network coding presents many advantages some of which include: robustness to packet loss, increase in throughput, and reduction in power consumption and transmission delays [4], [5], [6]. It is no secret that the actual implementation of network coding in real life scenarios still presents some challenges. However, it has been found to be a viable substitute for traditional network routing techniques in areas such as: data gathering in sensor networks [7], P2P networks [6], [7], [8], wireless networks [9], [10], [11], [12], [13], [14], and any other networking environment which supports internode processing.

Unfortunately, the fact that network coding allows packets to be re-coded at the intermediate nodes exposes it to a severe security threat known as the pollution attack. In this form of attack, the network suffers severely with respect to bandwidth waste and the amount of excess computational power required to rectify the damage sustained. In general, pollution attacks in network coding enabled environments are grouped into two categories.

The first form of pollution attack is the message/data pollution attack. In this form of attack, the adversary aims to alter the contents of a packet’s payload. An example of this will be the case presented in [15]. As these polluted packets travel downstream, they are combined with and pollute large numbers of legitimate packets. This form of pollution spreads quickly and prevents affected sink nodes from recovering the original message from the packets they receive. In order to mitigate this form of attack, numerous authentication schemes have been proposed over the years.

Authentication schemes in network coding are either information-theoretic [16], [17] or cryptographic [18], [19], [20], [21], [22], [23], [24], [25], [26]. As the name suggests information-theoretic schemes are based on concepts derived from information theory. Although these schemes are comparatively less demanding when it comes to the computational cost of implementing them. They are only able to detect pollution attacks at the sink nodes. The computational cost associated with implementing the cryptographic-based schemes is relatively higher. However, they support in-network authentication. This allows intermediate nodes to promptly detect and reject corrupted packets. This property has made them the obvious choice when authentication schemes for network coding environments are being considered. Three main cryptographic paradigms are employed in the creation of these schemes, namely: cryptographic signatures [23], [24], HMACs [25], [26], and homomorphic hash functions [20], [21]. The most favored out of these are the schemes based on HMACs due to the relatively lower computational complexity associated with their implementation. These schemes are mainly implemented by appending authentication tags to packet payloads [25], [26]. The afore mentioned schemes drastically reduced the probability with which an adversary can launch a successful message/data pollution attack. However, they exposed network coding enabled networks to a new form of threat dubbed as the tag pollution attack [27]. In this form of attack, the main goal of the adversary is to modify the tags appended to packets with the aim of making them fail authentication. Such packets may travel a few hops and, in some cases, may even reach the destination nodes before being detected and rejected.

In response to the new threat, improved versions of these HMAC schemes were introduced to detect packets whose tags may have been polluted. Most of the current state of the art HMAC-based schemes [12], [13], [14] achieved this by increasing the number of appended authentication tags and/or adding a single, homomorphic, cryptographic signature.

The above mentioned HMAC and homomorphic signature-based authentication schemes achieved their goal of mitigating message/data and/or tag pollution attacks. However, as stated in [28], the size of a network packet is upper bound. For that matter, increasing the number of authentication symbols required to achieve this level of security can have two negative effects on the efficiency of a network. Firstly, consider a case where the combined number of symbols needed to represent the packet payload and its authentication vector(s) is smaller than the maximum allowed network packet size. The extra appended authentication tags increase the size of the packet which results in extra communication overhead. Alternatively, the combined number of symbols needed to represent the packet payload and its authentication vector(s) could be larger than the maximum allowed packet size. In this case, messages will have to be truncated and sent via several packets. This results in a reduction in the throughput of the network. Overall, this forms a major constraint with respect to the practicality of implementing HMAC-based message/data and tag pollution immune schemes. A crucial requirement that has so far been neglected by the research community.

In this paper we propose a c-collusion resistant, network coding authentication scheme that is both message/data and tag pollution resistant. The concepts applied in our work are closely related to those presented in [13] and [27]. Hence, we shall be using two sets of homomorphic sub space tags as well as a homomorphic signature. We also introduce the concept of the Admissible Payload Rate (APR). A value that helps to determine how efficient an authentication scheme is with respect to its throughput and communication overhead. Also, the APR helps determine the maximum allowed packet payload size of an authentication scheme based on some underlying parameters. The main goal of this paper and hence the motivation for our work is to reduce the communication overhead and increase the APR of the proposed scheme. We achieve this by reducing the actual number of symbols required to represent the packet payload and its authentication parameters. We evaluate the performance of the proposed scheme with respect to its computational complexity, key storage overhead, communication overhead, and the APR. Finally, we compare our findings to three current state of the art schemes [12], [13], [14] and discuss our results. To the best of our knowledge, our work is the first to consider APR and its effect on the practicality of HMAC and homomorphic signature-based message/data and tag pollution resistant schemes for network coding.

The rest of this paper is organized as follows. In Section 2 we briefly introduce the concept of random linear network coding, discuss pollution attacks and introduce the APR. Section 3 contains the related works and Section 4 describes in detail the proposed authentication scheme and its concrete construction. In Section 5 we evaluate and compare the performance of our scheme to the HMAC-based authentication schemes introduced in [12], [13], [14]. We also present a summary of our findings in the same section. Section 6 concludes this paper.

Section snippets

Preliminaries

In this section we briefly explain the concept of random linear network coding. This is the network model of choice for implementing the scheme proposed. We then describe the threat model in which we explain the possible authentication security threats that can be faced by the proposed scheme. Finally, we present a formal definition for the APR and explain with an example its importance in determining the efficiency and practicality of an HMAC-based authentication scheme.

We begin by defining

Related works

In this section we present an introduction to the work done so far in the field of security and authentication in network coding. We begin with a brief description of general security threats and then proceed to pollution attacks.

Bandwidth efficient HMAC-based authentication scheme for network coding

In this section we present the proposed bandwidth efficient HMAC-based authentication scheme for network coding. This scheme uses two kinds of homomorphic message authentication tags namely the MACs and D-MACs as described in the previous section. The MAC tags authenticate the packet payload content whilst the D-MAC tags authenticate the MAC tags. In order to achieve a hundred percent Tag pollution resistance without compromising the extra security introduced by the key distribution protocol.

Discussion and results

In this section we first of all discuss the security of the proposed scheme. We discuss the probability of an adversary successfully launching chosen plaintext attacks in the form of data and tag pollution. First without and then whilst colluding with other nodes, respectively. We then evaluate and compare the performance of the proposed scheme with the performance of the Dual HMAC scheme proposed in [12], the Enhanced HMAC scheme proposed in [13], and the Enhanced block chain scheme for 5G

Conclusion and future work

In this paper we presented a bandwidth efficient HMAC-based authentication scheme for network coding that is both tag and data pollution resistant. Our scheme uses two sets of homomorphic tags and a homomorphic signature appended to the packet payload to prevent data and tag pollution. It incurs a much lower communication cost as compared to similar state of the art schemes without sacrificing security. By reducing the total number of symbols required to represent the message packet, we were

CRediT authorship contribution statement

Tandoh Lawrence: Conceptualization, Methodology, Formal analysis, Project administration, Investigation, Writing - original draft, Visualization, Writing - review & editing. Ikram Ali: Validation, Writing - review & editing. Tandoh Christopher: Validation, Writing - review & editing. Fagen Li: Resources, Writing - review & editing, Supervision, Funding acquisition, Project administration.

Declaration of Competing Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Acknowledgment

This works is supported by the National Natural Science Foundation of China under Grant No. 61872058, Industry University Research of Jiansu Province under Grant No. BY2019161, and the Natural Science Research in Colleges and Universities of Jiansu Province under Grant No. 19KJB510020.

References (39)

  • IqbalM.A. et al.

    Survey of network coding-aware routing protocols in wireless networks

    J Netw Comput Appl

    (2011)
  • AhlswedeR. et al.

    Network information flow

    IEEE Trans Inf Theory

    (2000)
  • BollobasB.

    RandOm graphs

    (1998)
  • HoT. et al.

    A random linear network coding approach to multicast

    IEEE Trans Inform Theory

    (2006)
  • GkantsidisC. et al.

    Network coding for large scale content distribution

  • ChachulskiS. et al.

    Trading structure for randomness in wireless opportunistic routing

    SIGCOMM Comput Commun Rev

    (2007)
  • DimakisA.G. et al.

    Ubiquitous access to distributed data in large-scale sensor networks through decentralized erasure codes

  • GkantsidisC. et al.

    Avalanche: File swarming with network coding

    Microsoft Res

    (2005)
  • KattiS. et al.

    The importance of being opportunistic: practical network coding for wireless environments

  • WuY. et al.

    Information exchange in wireless networks with network coding and physical-layer broadcastReport, MSR-TR-2004

    (2005)
  • Widmer J, Fragouli C, Le Boudec J-Y. Low-complexity energy-efficient broadcasting in wireless ad-hoc networks using...
  • EsfahaniA. et al.

    Dual-homomorphic message authentication code scheme for network coding-enabled wireless sensor networks

    Int J Distrib Sens Netw

    (2015)
  • EsfahaniA. et al.

    An efficient homomorphic MAC-based scheme against data and tag pollution attacks in network coding-enabled wireless networks

    Int J Inf Secur

    (2017)
  • AdatV. et al.

    On blockchain enhanced secure network coding for 5g deployments

  • KimM. et al.

    On counteracting byzantine attacks in network coded peer-to-peer networks

    IEEE J Sel Areas Commun

    (2010)
  • JaggiS. et al.

    Resilient network coding in the presence of byzantine adversaries

  • HoT. et al.

    Byzantine modification detection in multicast networks with random network coding

    IEEE Trans Inform Theory

    (2008)
  • KehdiE. et al.

    Null keys: Limiting malicious attacks via null space properties of network coding

  • DaiB. et al.

    Orthogonal vector based network coding against pollution attacks in n-layer combination networks

  • Cited by (3)

    • An HMAC-based authentication scheme for network coding with support for error correction and rogue node identification

      2021, Journal of Systems Architecture
      Citation Excerpt :

      However, both of the schemes proposed in [22,23] incurred a rather large communication overhead which resulted from the need to use two sets of HMAC tags. To address this issue, a bandwidth efficient version of the schemes proposed by Esfahani et al. was proposed in [31] by Tandoh et al. This scheme achieved a significant reduction in communication overhead by reducing the size of the network packet to a single HMAC tag vector and an HCS.

    • Study of Secure Network Coding Enabled Mobile Small Cells

      2021, IEEE International Conference on Communications
    View full text