17,441 research outputs found
On Secure Network Coding with Nonuniform or Restricted Wiretap Sets
The secrecy capacity of a network, for a given collection of permissible
wiretap sets, is the maximum rate of communication such that observing links in
any permissible wiretap set reveals no information about the message. This
paper considers secure network coding with nonuniform or restricted wiretap
sets, for example, networks with unequal link capacities where a wiretapper can
wiretap any subset of links, or networks where only a subset of links can
be wiretapped. Existing results show that for the case of uniform wiretap sets
(networks with equal capacity links/packets where any can be wiretapped),
the secrecy capacity is given by the cut-set bound, and can be achieved by
injecting random keys at the source which are decoded at the sink along
with the message. This is the case whether or not the communicating users have
information about the choice of wiretap set. In contrast, we show that for the
nonuniform case, the cut-set bound is not achievable in general when the
wiretap set is unknown, whereas it is achievable when the wiretap set is made
known. We give achievable strategies where random keys are canceled at
intermediate non-sink nodes, or injected at intermediate non-source nodes.
Finally, we show that determining the secrecy capacity is a NP-hard problem.Comment: 24 pages, revision submitted to IEEE Transactions on Information
Theor
Coding against a Limited-view Adversary: The Effect of Causality and Feedback
We consider the problem of communication over a multi-path network in the
presence of a causal adversary. The limited-view causal adversary is able to
eavesdrop on a subset of links and also jam on a potentially overlapping subset
of links based on the current and past information. To ensure that the
communication takes place reliably and secretly, resilient network codes with
necessary redundancy are needed. We study two adversarial models - additive and
overwrite jamming and we optionally assume passive feedback from decoder to
encoder, i.e., the encoder sees everything that the decoder sees. The problem
assumes transmissions are in the large alphabet regime. For both jamming
models, we find the capacity under four scenarios - reliability without
feedback, reliability and secrecy without feedback, reliability with passive
feedback, reliability and secrecy with passive feedback. We observe that, in
comparison to the non-causal setting, the capacity with a causal adversary is
strictly increased for a wide variety of parameter settings and present our
intuition through several examples.Comment: 15 page
Secure Communication over 1-2-1 Networks
This paper starts by assuming a 1-2-1 network, the abstracted noiseless model
of mmWave networks that was shown to closely approximate the Gaussian capacity
in [1], and studies secure communication. First, the secure capacity is derived
for 1-2-1 networks where a source is connected to a destination through a
network of unit capacity links. Then, lower and upper bounds on the secure
capacity are derived for the case when source and destination have more than
one beam, which allow them to transmit and receive in multiple directions at a
time. Finally, secure capacity results are presented for diamond 1-2-1 networks
when edges have different capacities.Comment: Submitted for ISIT 201
Routing for Security in Networks with Adversarial Nodes
We consider the problem of secure unicast transmission between two nodes in a
directed graph, where an adversary eavesdrops/jams a subset of nodes. This
adversarial setting is in contrast to traditional ones where the adversary
controls a subset of links. In particular, we study, in the main, the class of
routing-only schemes (as opposed to those allowing coding inside the network).
Routing-only schemes usually have low implementation complexity, yet a
characterization of the rates achievable by such schemes was open prior to this
work. We first propose an LP based solution for secure communication against
eavesdropping, and show that it is information-theoretically rate-optimal among
all routing-only schemes. The idea behind our design is to balance information
flow in the network so that no subset of nodes observe "too much" information.
Interestingly, we show that the rates achieved by our routing-only scheme are
always at least as good as, and sometimes better, than those achieved by
"na\"ive" network coding schemes (i.e. the rate-optimal scheme designed for the
traditional scenario where the adversary controls links in a network rather
than nodes.) We also demonstrate non-trivial network coding schemes that
achieve rates at least as high as (and again sometimes better than) those
achieved by our routing schemes, but leave open the question of characterizing
the optimal rate-region of the problem under all possible coding schemes. We
then extend these routing-only schemes to the adversarial node-jamming
scenarios and show similar results. During the journey of our investigation, we
also develop a new technique that has the potential to derive non-trivial
bounds for general secure-communication schemes
The QUIC Fix for Optimal Video Streaming
Within a few years of its introduction, QUIC has gained traction: a
significant chunk of traffic is now delivered over QUIC. The networking
community is actively engaged in debating the fairness, performance, and
applicability of QUIC for various use cases, but these debates are centered
around a narrow, common theme: how does the new reliable transport built on top
of UDP fare in different scenarios? Support for unreliable delivery in QUIC
remains largely unexplored.
The option for delivering content unreliably, as in a best-effort model,
deserves the QUIC designers' and community's attention. We propose extending
QUIC to support unreliable streams and present a simple approach for
implementation. We discuss a simple use case of video streaming---an
application that dominates the overall Internet traffic---that can leverage the
unreliable streams and potentially bring immense benefits to network operators
and content providers. To this end, we present a prototype implementation that,
by using both the reliable and unreliable streams in QUIC, outperforms both TCP
and QUIC in our evaluations.Comment: Published to ACM CoNEXT Workshop on the Evolution, Performance, and
Interoperability of QUIC (EPIQ
QUALITY-DRIVEN CROSS LAYER DESIGN FOR MULTIMEDIA SECURITY OVER RESOURCE CONSTRAINED WIRELESS SENSOR NETWORKS
The strong need for security guarantee, e.g., integrity and authenticity, as well as privacy and confidentiality in wireless multimedia services has driven the development of an emerging research area in low cost Wireless Multimedia Sensor Networks (WMSNs). Unfortunately, those conventional encryption and authentication techniques cannot be applied directly to WMSNs due to inborn challenges such as extremely limited energy, computing and bandwidth resources. This dissertation provides a quality-driven security design and resource allocation framework for WMSNs. The contribution of this dissertation bridges the inter-disciplinary research gap between high layer multimedia signal processing and low layer computer networking. It formulates the generic problem of quality-driven multimedia resource allocation in WMSNs and proposes a cross layer solution. The fundamental methodologies of multimedia selective encryption and stream authentication, and their application to digital image or video compression standards are presented. New multimedia selective encryption and stream authentication schemes are proposed at application layer, which significantly reduces encryption/authentication complexity. In addition, network resource allocation methodologies at low layers are extensively studied. An unequal error protection-based network resource allocation scheme is proposed to achieve the best effort media quality with integrity and energy efficiency guarantee. Performance evaluation results show that this cross layer framework achieves considerable energy-quality-security gain by jointly designing multimedia selective encryption/multimedia stream authentication and communication resource allocation
- …