| Network coding is allowed to encode the original packets received at the intermediate node,and then forward the encoding packet.The transmission gain of network is achieved at the cost of computation overhead.Because the intermediate nodes take part in the operation of encoding and decoding,the attacker may pollute the routine data packets when a small amount of pollution is added.Finally the original packets cannot be decoded at the receivers.Network coding development is restricted due to the secure problems faced.Now network coding is mainly confronted with pollution attacks and eavesdropping attacks,the traditional secure mechanisms is not suitable for network coding again.This thesis focuses on the secure network coding,and two secure schemes based on network coding are proposed to deal with network coding secure issues in the single-source multicast network environment.Firstly,in view of the secure problems that the wireless network is vulnerable to pollution attacks and the diverse attack ways,a secure network coding scheme based on Rivest Shamir Adleman(RSA)signature that can effectively resist multiple attacks is proposed.The two parameters of generation identifier and timestamp are introduced at the same time,combined with the RSA signature to against intra-generation pollution attacks,inter-generation pollution attacks and reply attacks in this scheme.Then it utilizes homomorphic nature to reduce system bandwidth consumption.Security analysis shows that this scheme can effectively improve the security of wireless networks when it in face of the attacks.The performance analysis shows that the scheme has a little more than in computational cost compared to other schemes,but it has obvious advantages in ensuring the security of the network.Secondly,Double Authenticated Network Coding Scheme(DANC)is proposed for the pollution attacks in the same generation and the collusion pollution attacks of the multi-node cooperation.The scheme randomizes the sent messages twice at the source that can achieve the effect of anti-eavesdrop attack.At the same time the message sent by the source is verified twice at the intermediate node.The first verification can filter out the illegal packet to save the network bandwidth.The second verification can determine whether the encoded data packet is contaminated in the network to save network resources.This thesis first proves the security of the scheme.Then the performance analysis shows that the scheme can achieve a reasonable balance in terms of computational complexity and security,and its security is better than other schemes. |
PDF Full Text Request