A bandwidth efficient HMAC-based authentication scheme for network coding

Abstract Pollution attacks in network coding result in the waste of bandwidth and computational resources. Several homomorphic message authentication code (HMAC) and signature-based schemes have been proposed to mitigate such attacks. In these schemes, authentication is achieved by appending several HMAC tags with or without a signature to the packet payload. This approach negatively affects the throughput as well as the communication overhead incurred by such schemes. A phenomenon determined by a property we dubbed as the admissible payload rate (APR). In this paper we propose an HMAC and signature-based authentication scheme that addresses the afore mentioned problems. It achieves this by reducing the number of symbols needed to represent a packet. We evaluated the performance of our scheme and compared our findings to the performance of similar, state of the art authentication schemes. Our comparisons revealed that the proposed scheme incurred a negligible percentage gain in computational complexity. However, with no extra key storage overhead, and without sacrificing security, our scheme achieved a significant percentage reduction in communication overhead. The above mentioned favorable characteristics make our scheme an ideal and practical authentication solution for networks where bandwidth is a constraint or an optimal throughput is a requirement.

[1]  Alireza Esfahani,et al.  Dual-Homomorphic Message Authentication Code Scheme for Network Coding-Enabled Wireless Sensor Networks , 2015, Int. J. Distributed Sens. Networks.

[2]  D. R. Fulkerson,et al.  Maximal Flow Through a Network , 1956 .

[3]  Xuemin Shen,et al.  Padding for orthogonality: Efficient subspace authentication for network coding , 2011, 2011 Proceedings IEEE INFOCOM.

[4]  Dan Boneh,et al.  Homomorphic MACs: MAC-Based Integrity for Network Coding , 2009, ACNS.

[5]  Kamal Jain,et al.  Signatures for Network Coding , 2006, 2006 40th Annual Conference on Information Sciences and Systems.

[6]  Alireza Esfahani,et al.  An efficient homomorphic MAC-based scheme against data and tag pollution attacks in network coding-enabled wireless networks , 2016, International Journal of Information Security.

[7]  Béla Bollobás,et al.  Random Graphs , 1985 .

[8]  Jun Yang,et al.  Orthogonal vector based network coding against pollution attacks in n-layer combination networks , 2010, 2010 5th International ICST Conference on Communications and Networking in China.

[9]  Tracey Ho,et al.  A Random Linear Network Coding Approach to Multicast , 2006, IEEE Transactions on Information Theory.

[10]  Sachin Katti,et al.  The Importance of Being Opportunistic: Practical Network Coding for Wireless Environments , 2005 .

[11]  Peter Elias,et al.  A note on the maximum flow through a network , 1956, IRE Trans. Inf. Theory.

[12]  Jonathan Katz,et al.  Signing a Linear Subspace: Signature Schemes for Network Coding , 2009, IACR Cryptol. ePrint Arch..

[13]  Fang Zhao,et al.  On counteracting Byzantine attacks in network coded peer-to-peer networks , 2009, IEEE Journal on Selected Areas in Communications.

[14]  Benxiong Huang,et al.  Survey of network coding-aware routing protocols in wireless networks , 2011, J. Netw. Comput. Appl..

[15]  Yong Guan,et al.  An Efficient Signature-Based Scheme for Securing Network Coding Against Pollution Attacks , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[16]  R. Yeung,et al.  Secure network coding , 2002, Proceedings IEEE International Symposium on Information Theory,.

[17]  K. Menger Zur allgemeinen Kurventheorie , 1927 .

[18]  Peter Sanders,et al.  Polynomial time algorithms for multicast network code construction , 2005, IEEE Transactions on Information Theory.

[19]  Xuemin Shen,et al.  P-Coding: Secure Network Coding against Eavesdropping Attacks , 2010, 2010 Proceedings IEEE INFOCOM.

[20]  Rudolf Ahlswede,et al.  Network information flow , 2000, IEEE Trans. Inf. Theory.

[21]  Yong Guan,et al.  An Efficient Scheme for Securing XOR Network Coding against Pollution Attacks , 2009, IEEE INFOCOM 2009.

[22]  Sachin Katti,et al.  Trading structure for randomness in wireless opportunistic routing , 2007, SIGCOMM 2007.

[23]  Minghua Chen,et al.  RIPPLE Authentication for Network Coding , 2010, 2010 Proceedings IEEE INFOCOM.

[24]  Fang Zhao,et al.  Signatures for Content Distribution with Network Coding , 2007, 2007 IEEE International Symposium on Information Theory.

[25]  Baochun Li,et al.  Null Keys: Limiting Malicious Attacks Via Null Space Properties of Network Coding , 2009, IEEE INFOCOM 2009.

[26]  Tracey Ho,et al.  Byzantine Modification Detection in Multicast Networks With Random Network Coding , 2008, IEEE Transactions on Information Theory.

[27]  Muriel Medard,et al.  Network coding : fundamentals and applications , 2012 .

[28]  Tracey Ho,et al.  Resilient Network Coding in the Presence of Byzantine Adversaries , 2007, INFOCOM.

[29]  David Mazières,et al.  On-the-fly verification of rateless erasure codes for efficient content distribution , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[30]  Moni Naor,et al.  Multicast security: a taxonomy and some efficient constructions , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[31]  Panagiotis Galiotos,et al.  On Blockchain Enhanced Secure Network Coding for 5G Deployments , 2018, 2018 IEEE Global Communications Conference (GLOBECOM).

[32]  Vinod M. Prabhakaran,et al.  Ubiquitous access to distributed data in large-scale sensor networks through decentralized erasure codes , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[33]  Christos Gkantsidis,et al.  Network coding for large scale content distribution , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..