Research On Defence Against Pollution Attacks In Network Coding

Network coding allows intermediate nodes in communication networks to en-code messages. The encoding operations at intermediate nodes can provide significant benefits to communication networks, such as increased throughput, reduced network congestion, higher reliability and robustness, lower power con-sumption, and optimized load balance of network.However, the inherent information-mixing nature of the network coding also makes the network-coding-based applications more susceptible to pollution attacks. In such an attack, an adversary may maliciously forge some messages and inject the polluted messages into the communication network. A small number of polluted messages can cause a large scale of pollution, which makes the sink nodes fail to correctly decode the messages. The pollution attacks can dramatically deplete network resources and significantly decrease network throughput. Moreover, intermediates nodes in the network waste a large num-ber of precious computing resources and bandwidth resources encoding and propagating the polluted messages.There are a great deal of problems pressing for solutions when we apply network coding to practical use. However, one of the most important problems should be the problem of defending against the pollution attacks and other at-tacks in network coding. Imagine if we cannot utilize network coding in a safe environment, then all of the advantages brought by network coding will become meaningless. In this dissertation, we investigate the problems of defending a-gainst pollution attacks, tag pollution attacks, and repetitive attacks in network coding, based on modern cryptographic approaches. The main results are given as follows:· An efficient hybrid cryptographic scheme for wireless sensor networks with network coding. Firstly, we analyze the advantages and disad-vantages of the public-key based schemes and the symmetric-key based schemes, pointing out the fact that existing authentication schemes ad-dressing this attack either burden the sensor node with a higher com-putation overhead, or fail to provide an efficient way to mitigate two recently reported attacks:tag pollution attacks and repetitive attack-s, which makes them inapplicable to wireless sensor networks (WSNs). Secondly, to overcome the deficiencies of prior authentication solutions, we propose an efficient hybrid cryptographic scheme for wireless sen-sor networks with network coding, which uses both homomorphic MAC and signature for packet authentication and combines the convenience of a public-key approach with the efficiency of a symmetric-key method. Compared to previous work, this new design brings us following primary properties:-It allows both intermediate nodes and recipient nodes to detect and resist the polluted packets that are forged from a normal pollution attack.-It is immediately suitable for the source node to distribute multi-ple generations using a single public key. Namely, it eliminates the need to redistribute the public keys when the source node begins to distribute a different generation.-It divides the verification process at a recipient node into two steps, which can greatly reduce the sensor nodes’computational overhead under a tag pollution or a repetitive attack.-It does not use any pairing operations in signature generation or verification.-It can be proven secure based on the "lower-level" cryptographic assumptions without random oracles. Finally, we conduct an experiment and proves that our hybrid scheme is much more efficient than existing solutions on verification efficiency under a tag pollution or a repetitive attack.· Signatures for multi-generation distribution with network coding. First-ly, we analyze and point out two potential disadvantages of prior ho-momorphic network coding signature schemes when these schemes are being implemented in practice. The first one is that it is incompetent to distribute a large-sized file that consists of multiple generations. The second one is that its public key has a large size, and changing the length of the file vectors to be sent will lead to a redistribution of the public key. Secondly, to overcome the deficiencies of prior solutions, we pro-pose an improved homomorphic signature scheme for multi-generation distribution with network coding and prove its secure in the random or-acle model. Our scheme has two main advantages as compared to prior work:-It is immediately suitable for the distribution of a large-sized file that consists of multiple generations.-It has a fixed small size public key, and when the length of the file vectors to be sent is changed, it eliminates the need to redistribute the public keys over the network.These significant improvements of previous schemes make our signature scheme more suitable in practice. Finally, we compare our signature scheme with previous signature schemes.