Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010 SeungHoon Lee, Mario Gerla In collaboration with IBM researchers.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010 SeungHoon Lee, Mario Gerla In collaboration with IBM researchers."— Presentation transcript:

1 1 Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010 SeungHoon Lee, Mario Gerla In collaboration with IBM researchers

2 2  Improves throughput and reliability in disruptive MANETs  Packets mixed by intermediate nodes  Receivers still can recover original data under partial packet drop 2 Network Coding (NC) Decoding success pkt drop

3 3  Single Source PUSHES data to mobile nodes  Typically, real time stream (say, from a UAV); unicast or multicast  Errors/losses can be tolerated; latency requirements are strict  Stream can be directed to a selected set of destinations, or coalitions  A data file (say terrain file) is available at many mobile nodes (servers); multiple clients PULL the file from the servers in an asynchronous way, as they need  Non real time requirement  File integrity is important 3 Network Coding in Coalition Operations

4 4  Network Coding characteristics:  Small generation size (8 or 16 blocks) to meet latency constraints  High throughput to meet Quality of Service requirements  An incomplete generation is dropped after time-out  Redundancy control (at intermediate nodes)  Rate/congestion control via backpressure 4 Push Scenario

5  Network Coding characteristics:  Generation can be ENTIRE file, say up to 1000 blocks optionally, subdivided for O/H mitigation  Soldiers can pull from UAVs, trucks or other soldiers BitTorrent, CarTorrent type downloading  No delay or throughput constraints (DTN OK)  File integrity required security and protection from attacks is critical  Line O/H must be minimized (background process) 5 Pull Scenario

6  No pollution detection/prevention in conventional NC protocols  Internal/ external attacks possible  Even one invalid packet can disrupt the entire data  Homomorphic cryptography can protect NC However, Computation is cumbersome, discouraging implementations 6 Vulnerability of NC Decoding Failure Pollution Attack

7  Investigate the scalability of secure network coding based on homomorphic functions  We address PUSH scenario only (PULL is an extension)  Perform practical evaluation of the theoretical work [1] GKKR by TA2 researchers on secure network coding  Over the INTEGERS (as opposed to Galois field) 7 Objective of this work [1] R. Gennaro, J. Katz, H. Krawczyk, and T. Rabin. Secure network coding over the integers. In Public Key Cryptography, pages 142–160, 2010. Implementation of Secure NC (Linux) Experimental Measurement Qualnet Network Simulator

8 8 Implementation: NC + NSig Source Intermediate node Destination X1X1 X2X2 X3X3

9 9 Implementation: NC + NSig (1)NSig(): Computing signatures of each block *Only once at the beginning Source Intermediate node Destination X1X1 X2X2 X3X3 σ1σ1 σ2σ2 σ3σ3

10 10 Implementation: NC + NSig (1)NSig(): Computing signatures of each block *Only once at the beginning Source Intermediate node Destination + X1X1 X2X2 X3X3 e1e1 e2e2 e3e3 e 1 X 1 +e 2 X 2 +e 3 X 3 [e 1,e 2, e 3 ] σ1σ1 σ2σ2 σ3σ3 (2) encode(): Generating a coded block NC: Random linear network coding

11 11 Implementation: NC + NSig (1)NSig(): Computing signatures of each block *Only once at the beginning Source Intermediate node Destination x X1X1 X2X2 X3X3 e 1 X 1 +e 2 X 2 +e 3 X 3 [e 1,e 2, e 3 ] σ1σ1 σ2σ2 σ3σ3 (2) encode(): Generating a coded block NC: Random linear network coding (3) combine(): Combining signatures σ e1e1 e2e2 e3e3

12 12 Implementation: NC + NSig (1)NSig(): Computing signatures of each block *Only once at the beginning Source Intermediate node Destination x X1X1 X2X2 X3X3 e 1 X 1 +e 2 X 2 +e 3 X 3 [e 1,e 2, e 3 ] σ1σ1 σ2σ2 σ3σ3 (2) encode(): Generating a coded block NC: Random linear network coding (3) combine(): Combining signatures σ e1e1 e2e2 e3e3

13 13 Implementation: NC + NSig Source Intermediate node Destination e 1 X 1 +e 2 X 2 +e 3 X 3 [e 1,e 2, e 3 ] σ

14 14 Implementation: NC + NSig Source Intermediate node Destination e 1 X 1 +e 2 X 2 +e 3 X 3 [e 1,e 2, e 3 ] σ (1)vry_NC(): Checking linear independency (By Gaussian Elimination)

15 15 Implementation: NC + NSig Source Intermediate node Destination e 1 X 1 +e 2 X 2 +e 3 X 3 [e 1,e 2, e 3 ] σ (1)vry_NC(): Checking linear independency (By Gaussian Elimination) If independent, (2) vry_Sig(): Validating signatures

16 16 Implementation: NC + NSig Source Intermediate node Destination e 1 X 1 +e 2 X 2 +e 3 X 3 [e 1,e 2, e 3 ] σ (1)vry_NC(): Checking linear independency (By Gaussian Elimination) If independent, (2) vry_Sig(): Validating signatures If valid, store the coded block *If either verification fails, immediately drop.

17 17 Implementation: NC + NSig Source Intermediate node Destination e 1 X 1 +e 2 X 2 +e 3 X 3 [e 1,e 2, e 3 ] σ (1)vry_NC(): Checking linear independency (By Gaussian Elimination) If independent, (2) vry_Sig(): Validating signatures If valid, store the coded block *If either verification fails, immediately drop. Generate a new coded block by encode(data), combine(signatures)

18 18 Implementation: NC + NSig Source Intermediate node Destination e 1 X 1 +e 2 X 2 +e 3 X 3 [e 1,e 2, e 3 ] σ (1)vry_NC(), vry_Sig() If valid, store the coded block.

19 19 Implementation: NC + NSig Source Intermediate node Destination e 1 X 1 +e 2 X 2 +e 3 X 3 [e 1,e 2, e 3 ] σ (1)vry_NC(), vry_Sig() If valid, store the coded block. Once collect m blocks (valid & independent), (2) decode(): Recover the original data *m: # of blocks of data in the generation

20  Another way of Secure Network Coding instead of NSig (computing/validating signatures)  Hash Verification: verify multiple coded blocks with a single verification 20 Implementation: NC + NHash + X1X1 X2X2 X3X3 e1e1 e2e2 e3e3 e 1 X 1 +e 2 X 2 +e 3 X 3 [e 1,e 2, e 3 ] x encode() vry_Hash() If vry_Hash() passes, sends out the coded block

21  Hardware  Intel Core 2 Duo T9600 processor (2.8GHz, 6MB cache)  RAM: 2GB  Software  Linux platform  C++ / GMP library [2] (for cryptography implementation) 21 Experimental Setup (1) [2] The GNU Multiple Precision Arithmetic Library. http://gmplib.org/

22  A coded block fits into a single IP packet, thus Generation Size S decided by S/m + (m+n)*L*(8+log m) <= 1500*8 (1500Bytes: Size of IP packet)  m: # of blocks per generation, n: # of symbols per block  L: maximum hop counts  Size of e (RSA exponent) |e| > L * (log m + log 256 ) + |M| + log m  |M|: maximum symbol size of initial vector)  We use generation size:  10KB(m=8), 20KB(m=16)  Block Size: 1280Bytes  Symbol Sizes: 1280Bytes(n=1), 320Bytes(n=4) 22 Experimental Setup (2)

23 23 Experimental Results (1) vry_NC()  Processing delays are proportional to # of blocks  As downloaded more blocks, vry_NC() requires more delay for processing Gaussian elimination

24 24 Experimental Results (2)  Processing delays of vry_Sig() and vry_Hash() do not depend on m  The operations done with only a coded block being verified  In general, Secure NC operations require more delay than NC  0.015ms (vry_NC) vs 22.5ms (vry_Sig), m=8

25  Evaluate the performance in realistic network scenario (PUSH Model)  QualNet 3.9.5  Bandwidth: 2Mbps (broadcasting)  Data rate at source: 256Kbps  Network Topology (static topology)  1 Source/ 1 destination  Variable # of hops H  We compare four schemes  NC_Only: Plain NC  NC + Nsig  NC + Nhash  BFKW [3] : Previously proposed homomorphic signature schemes 25 Simulation Setup [3] D. Boneh, D. Freeman, J. Katz, and B. Waters. Signing a linear subspace: Signature schemes for network coding. In Public Key Cryptography (PKC), 2009.

26 26  Network Coding characteristics:  Small generation size (8 or 16 blocks) to meet latency constraints  High throughput to meet Quality of Service requirements  An incomplete generation is dropped after time-out  Redundancy control (at intermediate nodes)  Rate/congestion control via backpressure 26 Corridor Scenario

27 27 Simulation Results  Delay increases with more hops between Src/ Dst  NSig/NHash take less delay than BFKW

28 Conclusion 28  Studied feasibility of secure network coding schemes  Implemented the theoretical works and measured processing overhead from experiments  Integrated the experimental results into a packet-level network simulator, and evaluated the schemes in a realistic network scenario  Secure NC increases delay by only 30% with respect to plain NC  GKKR secure NC outperforms previously proposed BFKW  Ongoing work  Extend to PULL model (large generation)  Comparison with end-to-end coding schemes (Fountain/ Raptor codes)  Protected from internal attacks by conventional signatures  More dynamic network scenarios: node mobility, pollution attacks  Heterogeneous nodes(some cannot do Homomorphic operations)

29 Question & Answer 29 Thank You!

Download ppt "1 Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010 SeungHoon Lee, Mario Gerla In collaboration with IBM researchers."

Similar presentations

Signatures for Network Coding Denis Charles Kamal Jain Kristin Lauter Microsoft Research.

Signatures for Network Coding Denis Charles Kamal Jain Kristin Lauter Microsoft Research.
ACHIEVING NETWORK LEVEL PRIVACY IN WIRELESS SENSOR NETWORKS.

ACHIEVING NETWORK LEVEL PRIVACY IN WIRELESS SENSOR NETWORKS.
RIPPLE Authentication for Network Coding Yaping Li, The Chinese University of Hong Kong Hongyi Yao, Tsinghua University Minghua Chen, The Chinese University.

RIPPLE Authentication for Network Coding Yaping Li, The Chinese University of Hong Kong Hongyi Yao, Tsinghua University Minghua Chen, The Chinese University.
Analysis and Construction of Functional Regenerating Codes with Uncoded Repair for Distributed Storage Systems Yuchong Hu, Patrick P. C. Lee, Kenneth.

Analysis and Construction of Functional Regenerating Codes with Uncoded Repair for Distributed Storage Systems Yuchong Hu, Patrick P. C. Lee, Kenneth.
Henry C. H. Chen and Patrick P. C. Lee

Henry C. H. Chen and Patrick P. C. Lee
Umut Girit 200535027.  One of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer.

Umut Girit  One of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer.
CodeTorrent: Content Distribution using Network Coding in VANET Uichin Lee, JoonSang Park, Joseph Yeh, Giovanni Pau, Mario Gerla Computer Science Dept,

CodeTorrent: Content Distribution using Network Coding in VANET Uichin Lee, JoonSang Park, Joseph Yeh, Giovanni Pau, Mario Gerla Computer Science Dept,
Secure Content Delivery in Information-Centric Networks: Design, Implementation, and Analyses Computer Science Department New Mexico State University,

Secure Content Delivery in Information-Centric Networks: Design, Implementation, and Analyses Computer Science Department New Mexico State University,
Esma Yildirim Department of Computer Engineering Fatih University Istanbul, Turkey DATACLOUD 2013.

Esma Yildirim Department of Computer Engineering Fatih University Istanbul, Turkey DATACLOUD 2013.
Security Improvement for Ad Hoc Wireless Network Visal Kith ECE 695 05/05/2006.

Security Improvement for Ad Hoc Wireless Network Visal Kith ECE /05/2006.
Unicast Performance Analysis of Extended ODMRP in a Wired-to- Wireless Hybrid Ad-Hoc Network Sang Ho Bae Sungwook Lee Mario Gerla UCLA Computer Science.

Unicast Performance Analysis of Extended ODMRP in a Wired-to- Wireless Hybrid Ad-Hoc Network Sang Ho Bae Sungwook Lee Mario Gerla UCLA Computer Science.
Computer Science 1 ShapeShifter: Scalable, Adaptive End-System Multicast John Byers, Jeffrey Considine, Nicholas Eskelinen, Stanislav Rost, Dmitriy Zavin.

Computer Science 1 ShapeShifter: Scalable, Adaptive End-System Multicast John Byers, Jeffrey Considine, Nicholas Eskelinen, Stanislav Rost, Dmitriy Zavin.
Scalable Team Multicast in Wireless Ad hoc networks Exploiting Coordinated Motion Mario Gerla University of California, Los Angeles.

Scalable Team Multicast in Wireless Ad hoc networks Exploiting Coordinated Motion Mario Gerla University of California, Los Angeles.
Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.

Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.
Network Coding for Large Scale Content Distribution Christos Gkantsidis Georgia Institute of Technology Pablo Rodriguez Microsoft Research IEEE INFOCOM.

Network Coding for Large Scale Content Distribution Christos Gkantsidis Georgia Institute of Technology Pablo Rodriguez Microsoft Research IEEE INFOCOM.
Using Redundancy to Cope with Failures in a Delay Tolerant Network Sushant Jain, Michael Demmer, Rabin Patra, Kevin Fall Source: www.cs.utexas.edu/~lili/

Using Redundancy to Cope with Failures in a Delay Tolerant Network Sushant Jain, Michael Demmer, Rabin Patra, Kevin Fall Source:
Informed Content Delivery Across Adaptive Overlay Networks J. Byers, J. Considine, M. Mitzenmacher and S. Rost Presented by Ananth Rajagopala-Rao.

Informed Content Delivery Across Adaptive Overlay Networks J. Byers, J. Considine, M. Mitzenmacher and S. Rost Presented by Ananth Rajagopala-Rao.
GeoLANMAR Routing: Asymptotic Analysis in Large and Dense Networks Broadnets 2005 Boston, Oct 5, 2005 Mario Gerla, Biao Zhou (UCLA) F. de Rango, S. Marano.

GeoLANMAR Routing: Asymptotic Analysis in Large and Dense Networks Broadnets 2005 Boston, Oct 5, 2005 Mario Gerla, Biao Zhou (UCLA) F. de Rango, S. Marano.
On-The-Fly Verification of Rateless Erasure Codes Max Krohn (MIT CSAIL) Michael Freedman and David Mazières (NYU)

On-The-Fly Verification of Rateless Erasure Codes Max Krohn (MIT CSAIL) Michael Freedman and David Mazières (NYU)
QoS Constraint Routing Protocols for Mobile Ad Hoc

QoS Constraint Routing Protocols for Mobile Ad Hoc

Similar presentations

Ads by Google