2,116 research outputs found
Secure Compute-and-Forward in a Bidirectional Relay
We consider the basic bidirectional relaying problem, in which two users in a
wireless network wish to exchange messages through an intermediate relay node.
In the compute-and-forward strategy, the relay computes a function of the two
messages using the naturally-occurring sum of symbols simultaneously
transmitted by user nodes in a Gaussian multiple access (MAC) channel, and the
computed function value is forwarded to the user nodes in an ensuing broadcast
phase. In this paper, we study the problem under an additional security
constraint, which requires that each user's message be kept secure from the
relay. We consider two types of security constraints: perfect secrecy, in which
the MAC channel output seen by the relay is independent of each user's message;
and strong secrecy, which is a form of asymptotic independence. We propose a
coding scheme based on nested lattices, the main feature of which is that given
a pair of nested lattices that satisfy certain "goodness" properties, we can
explicitly specify probability distributions for randomization at the encoders
to achieve the desired security criteria. In particular, our coding scheme
guarantees perfect or strong secrecy even in the absence of channel noise. The
noise in the channel only affects reliability of computation at the relay, and
for Gaussian noise, we derive achievable rates for reliable and secure
computation. We also present an application of our methods to the multi-hop
line network in which a source needs to transmit messages to a destination
through a series of intermediate relays.Comment: v1 is a much expanded and updated version of arXiv:1204.6350; v2 is a
minor revision to fix some notational issues; v3 is a much expanded and
updated version of v2, and contains results on both perfect secrecy and
strong secrecy; v3 is a revised manuscript submitted to the IEEE Transactions
on Information Theory in April 201
Weak Secrecy in the Multi-Way Untrusted Relay Channel with Compute-and-Forward
We investigate the problem of secure communications in a Gaussian multi-way
relay channel applying the compute-and-forward scheme using nested lattice
codes. All nodes employ half-duplex operation and can exchange confidential
messages only via an untrusted relay. The relay is assumed to be honest but
curious, i.e., an eavesdropper that conforms to the system rules and applies
the intended relaying scheme. We start with the general case of the
single-input multiple-output (SIMO) L-user multi-way relay channel and provide
an achievable secrecy rate region under a weak secrecy criterion. We show that
the securely achievable sum rate is equivalent to the difference between the
computation rate and the multiple access channel (MAC) capacity. Particularly,
we show that all nodes must encode their messages such that the common
computation rate tuple falls outside the MAC capacity region of the relay. We
provide results for the single-input single-output (SISO) and the
multiple-input single-input (MISO) L-user multi-way relay channel as well as
the two-way relay channel. We discuss these results and show the dependency
between channel realization and achievable secrecy rate. We further compare our
result to available results in the literature for different schemes and show
that the proposed scheme operates close to the compute-and-forward rate without
secrecy.Comment: submitted to JSAC Special Issue on Fundamental Approaches to Network
Coding in Wireless Communication System
BAN-GZKP: Optimal Zero Knowledge Proof based Scheme for Wireless Body Area Networks
BANZKP is the best to date Zero Knowledge Proof (ZKP) based secure
lightweight and energy efficient authentication scheme designed for Wireless
Area Network (WBAN). It is vulnerable to several security attacks such as the
replay attack, Distributed Denial-of-Service (DDoS) attacks at sink and
redundancy information crack. However, BANZKP needs an end-to-end
authentication which is not compliant with the human body postural mobility. We
propose a new scheme BAN-GZKP. Our scheme improves both the security and
postural mobility resilience of BANZKP. Moreover, BAN-GZKP uses only a
three-phase authentication which is optimal in the class of ZKP protocols. To
fix the security vulnerabilities of BANZKP, BAN-GZKP uses a novel random key
allocation and a Hop-by-Hop authentication definition. We further prove the
reliability of our scheme to various attacks including those to which BANZKP is
vulnerable. Furthermore, via extensive simulations we prove that our scheme,
BAN-GZKP, outperforms BANZKP in terms of reliability to human body postural
mobility for various network parameters (end-to-end delay, number of packets
exchanged in the network, number of transmissions). We compared both schemes
using representative convergecast strategies with various transmission rates
and human postural mobility. Finally, it is important to mention that BAN-GZKP
has no additional cost compared to BANZKP in terms memory, computational
complexity or energy consumption
Resource Allocation for Secure Gaussian Parallel Relay Channels with Finite-Length Coding and Discrete Constellations
We investigate the transmission of a secret message from Alice to Bob in the
presence of an eavesdropper (Eve) and many of decode-and-forward relay nodes.
Each link comprises a set of parallel channels, modeling for example an
orthogonal frequency division multiplexing transmission. We consider the impact
of discrete constellations and finite-length coding, defining an achievable
secrecy rate under a constraint on the equivocation rate at Eve. Then we
propose a power and channel allocation algorithm that maximizes the achievable
secrecy rate by resorting to two coupled Gale-Shapley algorithms for stable
matching problem. We consider the scenarios of both full and partial channel
state information at Alice. In the latter case, we only guarantee an outage
secrecy rate, i.e., the rate of a message that remains secret with a given
probability. Numerical results are provided for Rayleigh fading channels in
terms of average outage secrecy rate, showing that practical schemes achieve a
performance quite close to that of ideal ones
RAPTOR: Routing Attacks on Privacy in Tor
The Tor network is a widely used system for anonymous communication. However,
Tor is known to be vulnerable to attackers who can observe traffic at both ends
of the communication path. In this paper, we show that prior attacks are just
the tip of the iceberg. We present a suite of new attacks, called Raptor, that
can be launched by Autonomous Systems (ASes) to compromise user anonymity.
First, AS-level adversaries can exploit the asymmetric nature of Internet
routing to increase the chance of observing at least one direction of user
traffic at both ends of the communication. Second, AS-level adversaries can
exploit natural churn in Internet routing to lie on the BGP paths for more
users over time. Third, strategic adversaries can manipulate Internet routing
via BGP hijacks (to discover the users using specific Tor guard nodes) and
interceptions (to perform traffic analysis). We demonstrate the feasibility of
Raptor attacks by analyzing historical BGP data and Traceroute data as well as
performing real-world attacks on the live Tor network, while ensuring that we
do not harm real users. In addition, we outline the design of two monitoring
frameworks to counter these attacks: BGP monitoring to detect control-plane
attacks, and Traceroute monitoring to detect data-plane anomalies. Overall, our
work motivates the design of anonymity systems that are aware of the dynamics
of Internet routing
- …