Secure Network Coding in the Setting in Which a Non-Source Node May Generate Random Keys

It is common in the study of secure multicast network coding in the presence of an eavesdropper that has access to z network links, to assume that the source node is the only node that generates random keys. In this setting, the secure multicast rate is well understood. Computing the secure multicast rate, or even the secure unicast rate, in the more general setting in which all network nodes may generate (independent) random keys is known to be as difficult as computing the (non-secure) capacity of multiple-unicast network coding instances — a well known open problem. This work treats an intermediate model of secure unicast in which only one node can generate random keys, however that node need not be the source node. The secure communication rate for this setting is characterized again with an eavesdropper that has access to z network links

Secure Network Coding in the Setting in Which a Non-Source Node May Generate Random Keys

It is common in the study of secure multicast network coding in the presence of an eavesdropper that has access to z network links, to assume that the source node is the only node that generates random keys. In this setting, the secure multicast rate is well understood. Computing the secure multicast rate, or even the secure unicast rate, in the more general setting in which all network nodes may generate (independent) random keys is known to be as difficult as computing the (non-secure) capacity of multiple-unicast network coding instances — a well known open problem. This work treats an intermediate model of secure unicast in which only one node can generate random keys, however that node need not be the source node. The secure communication rate for this setting is characterized again with an eavesdropper that has access to z network links

Routing for Security in Networks with Adversarial Nodes

We consider the problem of secure unicast transmission between two nodes in a directed graph, where an adversary eavesdrops/jams a subset of nodes. This adversarial setting is in contrast to traditional ones where the adversary controls a subset of links. In particular, we study, in the main, the class of routing-only schemes (as opposed to those allowing coding inside the network). Routing-only schemes usually have low implementation complexity, yet a characterization of the rates achievable by such schemes was open prior to this work. We first propose an LP based solution for secure communication against eavesdropping, and show that it is information-theoretically rate-optimal among all routing-only schemes. The idea behind our design is to balance information flow in the network so that no subset of nodes observe "too much" information. Interestingly, we show that the rates achieved by our routing-only scheme are always at least as good as, and sometimes better, than those achieved by "na\"ive" network coding schemes (i.e. the rate-optimal scheme designed for the traditional scenario where the adversary controls links in a network rather than nodes.) We also demonstrate non-trivial network coding schemes that achieve rates at least as high as (and again sometimes better than) those achieved by our routing schemes, but leave open the question of characterizing the optimal rate-region of the problem under all possible coding schemes. We then extend these routing-only schemes to the adversarial node-jamming scenarios and show similar results. During the journey of our investigation, we also develop a new technique that has the potential to derive non-trivial bounds for general secure-communication schemes

An Equivalence Between Secure Network and Index Coding

We extend the equivalence between network coding and index coding by Effros, El Rouayheb, and Langberg to the secure communication setting in the presence of an eavesdropper. Specifically, we show that the most general versions of secure network-coding setup by Chan and Grant and the secure index-coding setup by Dau, Skachek, and Chee, which also include the randomised encoding setting, are equivalent

Centralized and Cooperative Transmission of Secure Multiple Unicasts using Network Coding

We introduce a method for securely delivering a set of messages to a group of clients over a broadcast erasure channel where each client is interested in a distinct message. Each client is able to obtain its own message but not the others'. In the proposed method the messages are combined together using a special variant of random linear network coding. Each client is provided with a private set of decoding coefficients to decode its own message. Our method provides security for the transmission sessions against computational brute-force attacks and also weakly security in information theoretic sense. As the broadcast channel is assumed to be erroneous, the missing coded packets should be recovered in some way. We consider two different scenarios. In the first scenario the missing packets are retransmitted by the base station (centralized). In the second scenario the clients cooperate with each other by exchanging packets (decentralized). In both scenarios, network coding techniques are exploited to increase the total throughput. For the case of centralized retransmissions we provide an analytical approximation for the throughput performance of instantly decodable network coded (IDNC) retransmissions as well as numerical experiments. For the decentralized scenario, we propose a new IDNC based retransmission method where its performance is evaluated via simulations and analytical approximation. Application of this method is not limited to our special problem and can be generalized to a new class of problems introduced in this paper as the cooperative index coding problem