1,027 research outputs found
An Effective Privacy-Preserving Data Coding in Peer-To-Peer Network
Coding Opportunistically (COPE) is a simple but very effective data coding
mechanism in the wireless network. However, COPE leaves risks for attackers
easily getting the private information saved in the packets, when they move
through the network to their destination nodes. Hence in our work, a
lightweight cryptographic approach, namely SCOPE, is proposed to consolidate
COPE against the honest-but-curious and malicious attacks. Honest-but-curious
attack serves adversaries who accurately obey the protocol but try to learn as
much private information as possible for their curiosity. Additionally, this
kind of attack is not destructive consequently. However, it may leave the
backdoor for the more dangerous attacks carrying catastrophes to the system.
Malicious attack tries to learn not only the private information but also
modifies the packet on harmful purposes. In our work, the SCOPE protocol is
defensive to the both attacks. The private information in the COPE packet are
encrypted by Elliptic Curve Cryptography (ECC), and an additional information
is inserted into SCOPE packets served for the authentication process using the
lightweight hash Elliptic Curve Digital Signature Algorithm (ECDSA). We then
prove our new protocol is still guaranteed to be a secure method of data
coding, and to be light to effectively operate in the peer-to-peer wireless
networkComment: 20 pages, 9 figures, 13 references, 1 table, 3 algorithms, 6
definition
Cooperative Defense against Pollution Attacks in Network Coding Using SpaceMac
Intra-session network coding is known to be vulnerable to pollution attacks.
In this work, first, we introduce a novel homomorphic MAC scheme called
SpaceMac, which allows an intermediate node to verify if its received packets
belong to a specific subspace, even if the subspace is expanding over time.
Then, we use SpaceMac as a building block to design a cooperative scheme that
provides complete defense against pollution attacks: (i) it can detect polluted
packets early at intermediate nodes and (ii) it can identify the exact location
of all, even colluding, attackers, thus making it possible to eliminate them.
Our scheme is cooperative: parents and children of any node cooperate to detect
any corrupted packets sent by the node, and nodes in the network cooperate with
a central controller to identify the exact location of all attackers. We
implement SpaceMac in both C/C++ and Java as a library, and we make the library
available online. Our evaluation on both a PC and an Android device shows that
(i) SpaceMac's algorithms can be computed quickly and efficiently, and (ii) our
cooperative defense scheme has low computation and significantly lower
communication overhead than other comparable state-of-the-art schemes.Comment: This is an extended version of a short version to appear in IEEE JSAC
on Cooperative Networking - Challenges and Applications 201
Network Coding Security: Attacks and Countermeasures
By allowing intermediate nodes to perform non-trivial operations on packets,
such as mixing data from multiple streams, network coding breaks with the
ruling store and forward networking paradigm and opens a myriad of challenging
security questions. Following a brief overview of emerging network coding
protocols, we provide a taxonomy of their security vulnerabilities, which
highlights the differences between attack scenarios in which network coding is
particularly vulnerable and other relevant cases in which the intrinsic
properties of network coding allow for stronger and more efficient security
solutions than classical routing. Furthermore, we give practical examples where
network coding can be combined with classical cryptography both for secure
communication and secret key distribution. Throughout the paper we identify a
number of research challenges deemed relevant towards the applicability of
secure network coding in practical networks.Comment: 8 pages, 4 figure
An Authentication Code against Pollution Attacks in Network Coding
Systems exploiting network coding to increase their throughput suffer greatly
from pollution attacks which consist of injecting malicious packets in the
network. The pollution attacks are amplified by the network coding process,
resulting in a greater damage than under traditional routing. In this paper, we
address this issue by designing an unconditionally secure authentication code
suitable for multicast network coding. The proposed scheme is robust against
pollution attacks from outsiders, as well as coalitions of malicious insiders.
Intermediate nodes can verify the integrity and origin of the packets received
without having to decode, and thus detect and discard the malicious messages
in-transit that fail the verification. This way, the pollution is canceled out
before reaching the destinations. We analyze the performance of the scheme in
terms of both multicast throughput and goodput, and show the goodput gains. We
also discuss applications to file distribution
Going Beyond Pollution Attacks: Forcing Byzantine Clients to Code Correctly
Network coding achieves optimal throughput in multicast networks. However,
throughput optimality \emph{relies} on the network nodes or routers to code
\emph{correctly}. A Byzantine node may introduce junk packets in the network
(thus polluting downstream packets and causing the sinks to receive the wrong
data) or may choose coding coefficients in a way that significantly reduces the
throughput of the network.
Most prior work focused on the problem of Byzantine nodes polluting packets.
However, even if a Byzantine node does not pollute packets, he can still affect
significantly the throughput of the network by not coding correctly. No
previous work attempted to verify if a certain node \emph{coded correctly using
random coefficients} over \emph{all} of the packets he was supposed to code
over.
We provide two novel protocols (which we call PIP and Log-PIP) for detecting
whether a node coded correctly over all the packets received (i.e., according
to a random linear network coding algorithm). Our protocols enable any node in
the network to examine a packet received from another node by running a
"verification test". With our protocols, the worst an adversary can do and
still pass the packet verification test is in fact equivalent to random linear
network coding, which has been shown to be optimal in multicast networks. Our
protocols resist collusion among nodes and are applicable to a variety of
settings.
Our topology simulations show that the throughput in the worst case for our
protocol is two to three times larger than the throughput in various
adversarial strategies allowed by prior work. We implemented our protocols in
C/C++ and Java, as well as incorporated them on the Android platform (Nexus
One). Our evaluation shows that our protocols impose modest overhead.Comment: A shorter version is in submission to IEEE INFOCOM 201
Auditing for Distributed Storage Systems
Distributed storage codes have recently received a lot of attention in the
community. Independently, another body of work has proposed integrity checking
schemes for cloud storage, none of which, however, is customized for
coding-based storage or can efficiently support repair. In this work, we bridge
the gap between these two currently disconnected bodies of work. We propose
NC-Audit, a novel cryptography-based remote data integrity checking scheme,
designed specifically for network coding-based distributed storage systems.
NC-Audit combines, for the first time, the following desired properties: (i)
efficient checking of data integrity, (ii) efficient support for repairing
failed nodes, and (iii) protection against information leakage when checking is
performed by a third party. The key ingredient of the design of NC-Audit is a
novel combination of SpaceMac, a homomorphic message authentication code (MAC)
scheme for network coding, and NCrypt, a novel chosen-plaintext attack (CPA)
secure encryption scheme that is compatible with SpaceMac. Our evaluation of a
Java implementation of NC-Audit shows that an audit costs the storage node and
the auditor a modest amount computation time and lower bandwidth than prior
work.Comment: ToN 2014 Submission with Data Dynamic
Secure Content Distribution in Vehicular Networks
Dedicated short range communication (DSRC) relies on secure distribution to
vehicles of a certificate revocation list (CRL) for enabling security
protocols. CRL distribution utilizing vehicle-to-vehicle (V2V) communications
is preferred to an infrastructure-only approach. One approach to V2V CRL
distribution, using rateless coding at the source and forwarding at vehicle
relays is vulnerable to a pollution attack in which a few malicious vehicles
forward incorrect packets which then spread through the network leading to
denial-of-service. This paper develops a new scheme called Precode-and-Hash
that enables efficient packet verification before forwarding thereby preventing
the pollution attack. In contrast to rateless codes, it utilizes a fixed
low-rate precode and random selection of packets from the set of precoded
packets. The fixed precode admits efficient hash verification of all encoded
packets. Specifically, hashes are computed for all precoded packets and sent
securely using signatures. We analyze the performance of the Precode-and-Hash
scheme for a multi-hop line network and provide simulation results for several
schemes in a more realistic vehicular model
Recommended from our members
Auditing for Distributed Storage Systems
Distributed storage codes have recently received a lot of attention in the community. Independently, another body of work has proposed integrity-checking schemes for cloud storage, none of which, however, is customized for coding-based storage or can efficiently support repair. In this work, we bridge the gap between these two currently disconnected bodies of work. We propose NC-Audit, a novel cryptography-based remote data integrity-checking scheme, designed specifically for network-coding-based distributed storage systems. NC-Audit combines, for the first time, the following desired properties: 1) efficient checking of data integrity; 2) efficient support for repairing failed nodes; and 3) protection against information leakage when checking is performed by a third party. The key ingredient of the design of NC-Audit is a novel combination of SpaceMac, a homomorphic message authentication code (MAC) scheme for network coding, and NCrypt, a novel chosen-plaintext attack (CPA) secure encryption scheme that preserves the correctness of SpaceMac. Our evaluation of NC-Audit based on a real Java implementation shows that the proposed scheme has significantly lower overhead compared to the state-of-the-art schemes for both auditing and repairing of failed nodes
Signatures for content distribution with network coding
Abstract — Recent research has shown that network coding can be used in content distribution systems to improve the speed of downloads and the robustness of the systems. However, such systems are very vulnerable to attacks by malicious nodes, and we need to have a signature scheme that allows nodes to check the validity of a packet without decoding. In this paper, we propose such a signature scheme for network coding. Our scheme makes use of the linearity property of the packets in a coded system, and allows nodes to check the integrity of the packets received easily. We show that the proposed scheme is secure, and its overhead is negligible for large files. I
Computation on Encrypted Data using Data Flow Authentication
Encrypting data before sending it to the cloud protects it against hackers
and malicious insiders, but requires the cloud to compute on encrypted data.
Trusted (hardware) modules, e.g., secure enclaves like Intel's SGX, can very
efficiently run entire programs in encrypted memory. However, it already has
been demonstrated that software vulnerabilities give an attacker ample
opportunity to insert arbitrary code into the program. This code can then
modify the data flow of the program and leak any secret in the program to an
observer in the cloud via SGX side-channels. Since any larger program is rife
with software vulnerabilities, it is not a good idea to outsource entire
programs to an SGX enclave. A secure alternative with a small trusted code base
would be fully homomorphic encryption (FHE) -- the holy grail of encrypted
computation. However, due to its high computational complexity it is unlikely
to be adopted in the near future. As a result researchers have made several
proposals for transforming programs to perform encrypted computations on less
powerful encryption schemes. Yet, current approaches fail on programs that make
control-flow decisions based on encrypted data. In this paper, we introduce the
concept of data flow authentication (DFAuth). DFAuth prevents an adversary from
arbitrarily deviating from the data flow of a program. Hence, an attacker
cannot perform an attack as outlined before on SGX. This enables that all
programs, even those including operations on control-flow decision variables,
can be computed on encrypted data. We implemented DFAuth using a novel
authenticated homomorphic encryption scheme, a Java bytecode-to-bytecode
compiler producing fully executable programs, and SGX enclaves. A transformed
neural network that performs machine learning on sensitive medical data can be
evaluated on encrypted inputs and encrypted weights in 0.86 seconds
- …