Secure Network Coding And Its Applications

Currently, the information transmission over the mainstream communicationsystems is almost used “store-and-forward” routing mode. However, network codinghas changed the people’s inherent awareness of the traditional pattern. By allowingintermediate nodes to perform some kind of encoding operations to the received packets,network coding has realized a more efficient use of network resources, and alsoachieved some advantages that traditional routing mechanisms cannot match. So far,network coding has been receiving wide attention from scholars.As we all know, information security has been a hot research orientation in thefield of communication. In network coded communication system, the characteristic ofinformation mixing during the transmission using network coding brings a lot ofproblems and challenges in respect to security, the main reason is that traditionalsecurity solutions cannot be directly used in the network coding environment. Hence,how to design security policies for network coding to meet various security conditionsand also provide efficient data transmission is an important research topic. Around thebasic idea that combining the inherent characteristics of linear network coding with theclassic cryptographic primitives, this dissertation mainly studies how to open doors toprovide efficient security mechanism and strategy for the network coding transmission.The author’s major contributions are outlined as follows:1. In order to address the drawbacks (such as highly complicated key distributionand vulnerable security against collusion) in existing symmetric cryptography-basedsolutions against pollution attacks for network coding systems, a novel homomorphicsubspace message authentication code (MAC) scheme is proposed to thwart pollutionattacks in an efficient way. By further exploiting the combination of the symmetriccryptography with linear subspace properties of network coding, the proposal cantolerate the compromise of up to r-1intermediate nodes when r source keys are used. Inaddition, the proposal can effectively simplify the key distribution procedure to defeatcollusion attacks.2. Using a dynamic public key technique, a novel homomorphic signature schemefor network coding is proposed for each generation authentication without updating theinitial secret key used. The scheme cannot only resist intra-generation pollution attackseffectively, but also prevent against inter-generation pollution attacks in an efficient way. Besides, the communication overhead of the scheme is also small and the key size isindependent of the size of the transmitting files.3. In order to reduce the security overhead of these solutions for securing networkcoding, a novel secure network coding paradigm is presented relying on two typicalnetwork coding models: Single Generation Mixing Network Coding (SGMNC) andMultiple Generation Mixing Network Coding (MGMNC). This method is then appliedto secure MGMNC seamlessly by further exploiting the algebraic structure of networkcoding. The proposals have properties of low-complexity security, small bandwidthconsumption, and high efficiency in integrating with the existing security techniqueseffectively.4. An efficient scheme without minimum bandwidth usage is proposed for theapplications with general security requirement. Also, the lightweight and securityenhanced versions are then presented for resource-constrained networks andenvironments with higher security requirements respectively. All proposals are shown tohave properties of lower security complexity and smaller bandwidth usage compared tothe existing solutions. The proposals can be easy to achieve flexible levels of securityfor various applications.5. With the purpose to protect scalable video streaming with hierarchical securitylevels, a secure network coding scheme for scalable video multicast againstKnown-Plaintext Attacks (KPAs) is proposed for heterogeneous networks using littlepartial randomization to every video streaming. The proposal achieves scalability insecurity levels, capability against the known-plaintext attacking which is the maindrawback of the existing schemes. Moreover, the scheme is also characterized by lowcommunication overhead that is about half of the existing schemes. In addition, animproved network encoder is proposed to improve network throughput in scalable videotransmission.