Falcon Codes: Fast, Authenticated LT Codes

In this paper, we introduce Falcon codes, a class of authenticated error correcting codes that are based on LT codes [23] and achieve the following properties, for the first time simultaneously: (1) with high probability, they can correct adversarial symbol corruptions in the encoding of a message, and (2) they allow for very efficient encoding and decoding times, even linear in the message length. We study Falcon codes in a new adversarial model for rateless codes over computational channels, and define a new security notion for corruption-tolerant encoding in this model. We then present three such LT-based coding schemes that achieve resilience to adversarial corruptions via judicious use of simple cryptographic tools while maintaining very fast encoding/decoding times. One variant Falcon code works well with small messages (100s of KB to 10s of MB) but two alternative scalable versions are designed to handle much larger inputs (e.g., messages that are several GBs in size). Our schemes are provably secure against computational adversaries in the standard model. We analyze our new schemes and show that Falcon codes are both asymptotically and practically efficient.

[1]  Michael Luby,et al.  LT codes , 2002, The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings..

[2]  Michael Luby,et al.  A digital fountain approach to reliable distribution of bulk data , 1998, SIGCOMM '98.

[3]  L. Tippett Statistical Tables: For Biological, Agricultural and Medical Research , 1954 .

[4]  Michael Langberg,et al.  Private codes or succinct random codes that are (almost) perfect , 2004, 45th Annual IEEE Symposium on Foundations of Computer Science.

[5]  Daniel J. Bernstein,et al.  The Salsa20 Family of Stream Ciphers , 2008, The eSTREAM Finalists.

[6]  Daniel Wichs,et al.  Efficient Non-Malleable Codes and Key Derivation for Poly-Size Tampering Circuits , 2016, IEEE Transactions on Information Theory.

[7]  Thomas Stockhammer,et al.  RaptorQ Forward Error Correction Scheme for Object Delivery , 2011, RFC.

[8]  Richard J. Lipton,et al.  A New Approach To Information Theory , 1994, STACS.

[9]  Hugo Krawczyk,et al.  Secret Sharing Made Short , 1994, CRYPTO.

[10]  Burton S. Kaliski,et al.  PKCS #5: Password-Based Cryptography Specification Version 2.0 , 2000, RFC.

[11]  Hugo Krawczyk Distributed fingerprints and secure information dispersal , 1993, PODC '93.

[12]  Zhenyu Yang,et al.  LT codes-based secure and reliable cloud storage service , 2012, 2012 Proceedings IEEE INFOCOM.

[13]  Refik Molva,et al.  Efficient Multicast Packet Authentication , 2003, NDSS.

[14]  Adrian Perrig,et al.  Distillation Codes and Applications to DoS Resistant Multicast Authentication , 2004, NDSS.

[15]  Devavrat Shah,et al.  Spinal codes , 2012, CCRV.

[16]  Roberto Tamassia,et al.  Multicast authentication in fully adversarial networks , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[17]  Venkatesan Guruswami,et al.  Codes for Computationally Simple Channels: Explicit Constructions with Optimal Rate , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.

[18]  Reihaneh Safavi-Naini,et al.  Proofs of Retrievability via Fountain Code , 2012, FPS.

[19]  Venkatesan Guruswami,et al.  Non-malleable Coding against Bit-Wise and Split-State Tampering , 2014, TCC.

[20]  Jonathan S. Yedidia,et al.  Rateless Codes on Noisy Channels , 2004 .

[21]  Devavrat Shah,et al.  Rateless spinal codes , 2011, HotNets-X.

[22]  Makoto Matsumoto,et al.  SIMD-Oriented Fast Mersenne Twister: a 128-bit Pseudorandom Number Generator , 2008 .

[23]  Elaine Shi,et al.  Practical dynamic proofs of retrievability , 2013, CCS.

[24]  Rafail Ostrovsky,et al.  Private Locally Decodable Codes , 2007, ICALP.

[25]  D. Newman The Double Dixie Cup Problem , 1960 .

[26]  P. Maymounkov Online codes , 2002 .

[27]  Huaxiong Wang,et al.  Rateless Codes for the Multicast Stream Authentication Problem , 2006, IWSEC.

[28]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[29]  R. A. Fisher,et al.  Statistical Tables for Biological, Agricultural and Medical Research , 1956 .

[30]  Adam D. Smith Scrambling adversarial errors using few random bits, optimal information reconciliation, and better private codes , 2007, SODA '07.

[31]  Michael Mitzenmacher,et al.  Verification-based decoding for packet-based low-density parity-check codes , 2005, IEEE Transactions on Information Theory.

[32]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[33]  Ari Juels,et al.  Proofs of retrievability: theory and implementation , 2009, CCSW '09.

[34]  Ari Juels,et al.  HAIL: a high-availability and integrity layer for cloud storage , 2009, CCS.

[35]  Silvio Micali,et al.  Optimal Error Correction Against Computationally Bounded Noise , 2005, TCC.

[36]  David Mazières,et al.  On-the-fly verification of rateless erasure codes for efficient content distribution , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[37]  Rafail Ostrovsky,et al.  Locally Updatable and Locally Decodable Codes , 2014, TCC.

[38]  Ted Krovetz,et al.  UMAC: Message Authentication Code using Universal Hashing , 2006, RFC.

[39]  Thomas Stockhammer,et al.  Raptor Forward Error Correction Scheme for Object Delivery , 2007, RFC.