31 research outputs found
Analysis of a Homomorphic MAC-based scheme against tag pollution in RLNC-enabled wireless networks
Network Coding-enabled wireless networks are vulnerable to data pollution attacks where adversary nodes inject into the network polluted (i.e. corrupted) packets that prevent the destination nodes from decoding correctly. Even a small proportion of pollution can quickly propagate into other packets via re-coding, occurred at the intermediate nodes, and lead to resource waste. Therefore, during the past few years, several solutions have been proposed to provide resistance against data pollution attacks. One of the most well-known solutions is Homomorphic Message Authentication Code (HMAC). However, HMAC is susceptible to a new type of pollution attacks, called tag pollution attacks, in which a malicious node randomly modifies MAC tags appended at the end of the transmitted packets. To address this issue, we have recently proposed an HMAC-based scheme making use of two types of MAC tags to provide resistance against both data pollution attacks and tag pollution attacks. In this paper, we steer our focus on improving the resistance of our proposed scheme against tag pollution attacks by decreasing the number of MACs. Finally, we analyze the impact of the total number of MACs on the bandwidth overhead of the proposed scheme
Complexity of Multi-Value Byzantine Agreement
In this paper, we consider the problem of maximizing the throughput of
Byzantine agreement, given that the sum capacity of all links in between nodes
in the system is finite. We have proposed a highly efficient Byzantine
agreement algorithm on values of length l>1 bits. This algorithm uses error
detecting network codes to ensure that fault-free nodes will never disagree,
and routing scheme that is adaptive to the result of error detection. Our
algorithm has a bit complexity of n(n-1)l/(n-t), which leads to a linear cost
(O(n)) per bit agreed upon, and overcomes the quadratic lower bound
(Omega(n^2)) in the literature. Such linear per bit complexity has only been
achieved in the literature by allowing a positive probability of error. Our
algorithm achieves the linear per bit complexity while guaranteeing agreement
is achieved correctly even in the worst case. We also conjecture that our
algorithm can be used to achieve agreement throughput arbitrarily close to the
agreement capacity of a network, when the sum capacity is given
A null space-based MAC scheme against pollution attacks to random linear network coding
Network Coding has significantly shown the achievable throughput and robustness in wireless Networks. However, network coding-enabled networks are susceptible to pollution attacks where a small number of polluted messages will propagate due to recoding and corrupt bunches of legitimate messages. Several lightweight Homomorphic Message Authentication Code (HMAC) schemes have been proposed for protecting the transmitted data against pollution attacks; however, most of them are not appropriate for wireless networks or cannot resist tag pollution attacks. In this paper, we present a computationally efficient null space-based homomorphic MAC scheme, for network coding-enabled wireless networks. The proposed scheme makes use of two types of tags (i.e., MACs and D-MACs) to provide resistance against data pollution and tag pollution attacks. Furthermore, we demonstrate that due to its lightweight nature, our proposed scheme incurs a minimal complexity compared to other related schemes
On Counteracting Byzantine Attacks in Network Coded Peer-to-Peer Networks
Random linear network coding can be used in peer-to-peer networks to increase
the efficiency of content distribution and distributed storage. However, these
systems are particularly susceptible to Byzantine attacks. We quantify the
impact of Byzantine attacks on the coded system by evaluating the probability
that a receiver node fails to correctly recover a file. We show that even for a
small probability of attack, the system fails with overwhelming probability. We
then propose a novel signature scheme that allows packet-level Byzantine
detection. This scheme allows one-hop containment of the contamination, and
saves bandwidth by allowing nodes to detect and drop the contaminated packets.
We compare the net cost of our signature scheme with various other Byzantine
schemes, and show that when the probability of Byzantine attacks is high, our
scheme is the most bandwidth efficient.Comment: 26 pages, 9 figures, Submitted to IEEE Journal on Selected Areas in
Communications (JSAC) "Mission Critical Networking
Practical Random Linear Network Coding on GPUs
Abstract. Recently, random linear network coding has been widely applied in peer-to-peer network applications. Instead of sharing the raw data with each other, peers in the network produce and send encoded data to each other. As a result, the communication protocols have been greatly simplified, and the appli-cations experience higher end-to-end throughput and better robustness to net-work churns. Since it is difficult to verify the integrity of the encoded data, such systems can suffer from the famous pollution attack, in which a malicious node can send bad encoded blocks that consist of bogus data. Consequently, the bogus data will be propagated into the whole network at an exponential rate. Homomorphic hash functions (HHFs) have been designed to defend systems from such pollution attacks, but with a new challenge: HHFs require that network coding must be performed in GF(q), where q is a very large prime number. This greatly increases the computational cost of network coding, in ad-dition to the already computational expensive HHFs. This paper exploits the po-tential of the huge computing power of Graphic Processing Units (GPUs) to reduce the computational cost of network coding and homomorphic hashing. With our network coding and HHF implementation on GPU, we observed significant computational speedup in comparison with the best CPU implemen-tation. This implementation can lead to a practical solution for defending the pollution attacks in distributed systems