Download presentation
Presentation is loading. Please wait.
Published byGerard Oliver Modified over 9 years ago
1
On Detecting Pollution Attacks in Inter-Session Network Coding Anh Le, Athina Markopoulou University of California, Irvine
2
Linear Inter-Session Network Coding Anh Le, UC Irvine, Inter-Session Pollution Detection 2 S1S1 S2S2 R2R2 R1R1 A B x 1 +x 2 x2x2 x2x2 x1x1 x1x1 x2x2 x2x2 x1x1 x1x1 x2x2 x2x2 x1x1 x1x1 x2x2 x2x2 x1x1 x1x1 Multiple sources Packets from different sources may be (linearly) coded together
3
Pollution Attacks in Inter-Session Coding Malicious Intermediate Nodes 3 S1S1 S2S2 R2R2 R1R1 A B x2x2 x2x2 x1x1 x1x1 x2x2 x2x2 y y y y x1x1 x1x1 x1x1 x1x1 x2x2 x2x2 Can be detected by existing intra-session approaches y y Anh Le, UC Irvine, Inter-Session Pollution Detection
4
Homomorphic MAC-Based Detection No Pollution 4 S1S1 S2S2 R2R2 R1R1 A B x 1, t 1 x 2,t 2 x 1, t 1 x 2,t 2 x 1, t 1 x 1 +x 2, t 1 +t 2 Anh Le, UC Irvine, Inter-Session Pollution Detection
5
Homomorphic MAC-Based Detection Attack Case 5 S1S1 S2S2 R2R2 R1R1 A B x 1, t 1 x 2,t 2 x 1, t 1 x 2,t 2 x 1, t 1 x 1 +x’ 2, t Anh Le, UC Irvine, Inter-Session Pollution Detection
6
Pollution Attacks in Inter-Session Coding 6 S1S1 S2S2 R2R2 R1R1 A B x' 2 x1x1 x1x1 x1x1 x1x1 x2x2 x2x2 Malicious sources Inconsistent source packets New and main challenge in inter-session pollution The main focus of the paper x1x1 x1x1 x 1 +x 2 Anh Le, UC Irvine, Inter-Session Pollution Detection
7
Intra-Session MAC-Based Detection Failed for Malicious Sources 7 S1S1 S2S2 R2R2 R1R1 A B x 1, t 1 x 2, t 2 Anh Le, UC Irvine, Inter-Session Pollution Detection x' 2, t’ 2 x’ 2, t’ 2 x 1 +x 2, t 1 +t 2
8
Prior Work on Inter-Session Pollution Defense 8 Homomorphic signature for Detection [Agrawal, PKC ’10] Expensive computation Large signature Signature-based Identification [Dong, WiNC ‘09] Anh Le, UC Irvine, Inter-Session Pollution Detection
9
1.Background and Motivation oInter-Session Pollution Attacks oMain Challenges 2.Prior Work 3.InterMac Detection (more in the paper: Hash and SpaceMac based Detection) 4.Evaluation 5.Conclusion Outline 9 Anh Le, UC Irvine, Inter-Session Pollution Detection
10
InterMac: Threat Model 10 S - 1 sources may be malicious Intermediate nodes may be malicious Receivers are trusted Anh Le, UC Irvine, Inter-Session Pollution Detection
11
Main Challenge and Key Observation 11 Main Challenge: Malicious sources Sources must generate tags using different keys S1S1 S2S2 R2R2 R1R1 A B x1x1 x1x1 x2x2 x2x2 Anh Le, UC Irvine, Inter-Session Pollution Detection
12
Overview of InterMac 12 Homomorphic (MAC) for inter-session network coding – Each source generate MAC tags using different keys – The tags are still combinable without knowing the key Anh Le, UC Irvine, Inter-Session Pollution Detection
13
13 InterMac Detection Main technique Anh Le, UC Irvine, Inter-Session Pollution Detection x 2, t 2 =x 2 ·k 2 S1S1 S2S2 R2R2 R1R1 A B k1k1 k1k1 k 1, k 2 x 1, t 1 =x 1 ·k 1 k2k2 k2k2 k 1, k 2 x 1 +x 2, t 1 +t 2 Verify: (x 1 + x 2 ) (k 1 + k 2 ) = t 1 + t 2 x 1 k 1 + x 2 k 2 + x 1 k 2 + x 2 k 1 = t 1 + t 2 Inner Product Homomorphic MAC [Le, NetCod ’10] [Li, INFOCOM ’10] Inner Product Homomorphic MAC [Le, NetCod ’10] [Li, INFOCOM ’10] Main technique: Orthogonality of k i and x j
14
InterMac Construction 14 Anh Le, UC Irvine, Inter-Session Pollution Detection Inner Product Homomorphic MAC [Le, NetCod ’10] [Li, INFOCOM ’10] Inner Product Homomorphic MAC [Le, NetCod ’10] [Li, INFOCOM ’10] Multiple Keys Using a Trusted Controller: k i · x j = 0 Using a Trusted Controller: k i · x j = 0
15
InterMac: Security Game 15 Anh Le, UC Irvine, Inter-Session Pollution Detection S1S1 S2S2 R2R2 R1R1 A B x 1, t 1 x 2,t 2 (id i, V i ) V i : committed source space (id*, y *, t * ) Tags of basis vectors of V i S-1 keys of V i Adversary Challenger
16
Security of InterMac Anh Le - UCI - NC Pollution Defense16
17
Basic Key Generation in InterMac 17 k 1, k 2 x1x1 x2x2 commit x 1 commit x 2 C k 1, p 1 k 2, p 2 (x 1 | p 1 ) · k 2 = 0 (x 2 | p 2 ) · k 1 = 0 S1S1 S2S2 Send (x 1 | p 1 ) Send (x 2 | p 2 ) Anh Le, UC Irvine, Inter-Session Pollution Detection Key Property: Orthogonality of k i and (x j | p j )
18
Efficient Key Generation in InterMac 18 k 1 = ( ḵ 1 | k’ 1 ) k 2 = ( ḵ 2 | k’ 2 ) x1x1 x2x2 commit Enc(x 1 · ḵ 2 ) commit Enc(x 2 · ḵ 1 ) k 1, p 1 k 2, p 2 (x 1 · ḵ 2 ) + p 1 k’ 2 = 0 Enc( ḵ 2 ) Enc( ḵ 1 ) C S1S1 S2S2 (x 2 · ḵ 1 ) + p 2 k’ 1 = 0 Bandwidth Efficiency: Sending Enc. of a single symbol instead of a full vector Anh Le, UC Irvine, Inter-Session Pollution Detection
19
x2x2 x2x2 k 1, k 2 19 S1S1 S2S2 R2R2 R1R1 A B InterMac Detection Illustration C Gen k 1, p 1 k 2, p 2 p 1, t 1 p 1 +p’ 2, t 1 +t’ 2 p' 2, t’ 2 (p 1 +p’ 2 ) dropped because p’ 2 not orthogonal to k 1 ! (p 1 k 1 +p’ 2 k 2 +p’ 2 k 1 ) ≠ t 1 +t’ 2 (p 1 +p’ 2 ) dropped because p’ 2 not orthogonal to k 1 ! (p 1 k 1 +p’ 2 k 2 +p’ 2 k 1 ) ≠ t 1 +t’ 2 p2, t2p2, t2 p2, t2p2, t2 now what S 2 sends must be orthogonal to k 1 Anh Le, UC Irvine, Inter-Session Pollution Detection x1x1 x1x1 k 1, k 2
20
1.Background and Motivation oInter-Session Pollution Attacks oMain Challenges 2.Prior Work 3.InterMac Detection 4.Evaluation 5.Conclusion Outline 20 Anh Le, UC Irvine, Inter-Session Pollution Detection
21
21 InterMac Performance Evaluation Bandwidth Overhead [27] Agrawal et al. [PKC ‘10] [20] Zhang et al. [INFOCOM ‘11] Anh Le, UC Irvine, Inter-Session Pollution Detection
22
22 InterMac Performance Evaluation Computation Overhead [27] Agrawal et al. [PKC ‘10] [20] Zhang et al. [INFOCOM ‘11] Anh Le, UC Irvine, Inter-Session Pollution Detection
23
o Inter-session: Malicious sources o InterMac: First multi-key MAC scheme for inter-session Each source signs using its own key Still homomorphic o In-network detection based on InterMac 100 times faster than [PKC ‘10] 5 times less bandwidth than [PKC ’10] Require a trusted controller ( [PKC ’10] does not ) o More in the paper: Hash and SpaceMac-based detection Conclusion 23 Anh Le, UC Irvine, Inter-Session Pollution Detection
24
24 Links: Network Coding Security: http://www.ics.uci.edu/~anhml/projects.html#nc-security http://www.ics.uci.edu/~anhml/projects.html#nc-security UC Irvine Networking Group – Network Coding Project: http://odysseas.calit2.uci.edu/doku.php/public:network-coding http://odysseas.calit2.uci.edu/doku.php/public:network-coding Anh Le, UC Irvine, Inter-Session Pollution Detection
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.