Embed Size (px)
DESCRIPTION
Secure Network Coding and its Application. Yongdae Kim University of Minnesota. Organization. Introduction to Network Coding Practical Network Coding Secure Network Coding Structured File Sharing Conclusion. Network Coding: What is it?. B. Traditional Coding/Routing - PowerPoint PPT Presentation
Citation preview
Secure Network Coding and its
Application
Yongdae KimUniversity of Minnesota
OrganizationIntroduction to Network CodingPractical Network CodingSecure Network CodingStructured File SharingConclusion
Network Coding: What is it? Traditional Coding/Routing
Coding is done on End-to-End bases. Intermediate nodes forward data blindly.
Network CodingAllowing intermediate nodes to manipulate information
Information flowing out of a node is a function of information coming into the node
Originally developed for wireless multicast Very popular in wireless/sensor networks Relatively much less attention in P2P
A B C
f (A,B,C)
A? B? C?
A B C
Linear Network Coding InformationPackets are vectors over finite field
with a fixed dimension
EncodingOutgoing packets are linear
combination of incoming packets
DecodingSolving a linear equation
Linear Network Coding: Equation
Setup Information (Data)a file
Setup Information (Data)a filem original blocks (vectors)
x1 x2 … xi … … xm
Setup Information (Data)a filem original blocks (vectors)n elements in a block
x1 x2 … xi … … xm
n dimension(xi1, xi2, …, xij, …, xin)
Setup Information (Data)m augmented vector (coded block)m+n elements in an augmented vector
x1
x2
x3
x4
x5
x1
x2
x3
x4
x5
1000001000001000001000001
yj30102
Example: m=5
BitTorrent: How it works?
Seed
Seed
1
2
5
3
4
…
…
…
…
…
…
…
…
1
3
Network Coding for P2P Benefits: Most blocks are useful!
Solving New Peer Disadvantage in BitTorrent New peer can download one block for free
Solving Rare Block Problem All blocks have to be downloaded in BitTorrent Churn may result in rare block problem Taking long time to finish
As a result, potentially almost all nodes can finish at the same time!
ApplicationsFile sharing, Software update, streaming, CDN, P2P TV
Network Coding for P2P Problems
Resource Overhead Encoding: Pout = S ai Pi, ai is an random in Fp
Decoding: Solving linear equation: O(n3) DVD: 4.3 GB Can’t fit everything in memory Requires random disc I/O
Pollution Attack Intermediate node has no way to verify if the incoming
packet is linear combination of the original block Corrupted packets can be easily propagated
Solving Resource OverheadIncremental Encoding
Solving Resource OverheadIncremental Encoding: Linear Dependency
Secure Network CodingThreatPollution AttacksGeneral (traditional) hashes do NOT work Corrupted packet can be mixed with others
Corrupted data can easily be propagated
ProblemCan we verify the integrity of a network-coded block?Or can we verify if a received block is legitimately
mixed before decoding a file?
Secure Network Coding: possible solutions
Homomorphic HashFind homomorphic hash function h such that:
h(x+y) = h(x) h(y) If hash of each block can be securely distributed, the receiver
can verify the integrity of a linearly transformed block.
Homomorphic signatureFind homomorphic signature function s such that
s(x+y) = s(x) s(y)Verification: v(linearly transformed block, signature) returns
true or false.
Ours: Signature GenerationPrivate key(s1, …, …, sm+n)
Public keyp, q, g, (gs1, gs2 ,…, …, gsm+n)
Signature generation at a sourcenetwork-coded block v =(v1, v2, …,…, vm+n)signature σ= s1v1+s2v2 + … + sm+nvm+n
Signature aggregation at intermediate nodesnew block w’ = a1w1+ … + akwk new signature s(w’) = a1s1+ … + aksk
Ours: signature verificationPublic Keyp, q, (gs1, gs2 ,…, …, gsm+n)
network-coded blockv =(v1, v2, …,…, vm+n)
Compute d = (gs1)v1 (gs2)v2 … (gsm+n)vm+n
verify: d ?= gs
ComparisonKrohn’s Ours Etc
Type Hash SignatureGenerators n m+n# of hash/signature
m m
Signing cost n modexp m+n multPrecomputation n modexp N/A h(xi) = P n
j=1 gjxi j
Robust Channel Needed N/A Delivery of h(xi)Aggregation N/A Linear
combinationVerification m+n
modexpm+n+1 modexp
Batch VerificationFor each block, verify signaturesProblemA single block verification takes 13 seconds.
Solution? PipeliningWhile downloading/uploading verify signature.
Downloading time of a block: 7 seconds.
Solutions? BatchingVerify linearly combined blocks before sending it out.
Batch Verification
Structured File SharingTo improve mixingSetupPeers form a DHT. Nodes choose their partners from their routing
tables.
Data TransferA source randomly distributes blocks to nodes. A node exchange blocks with partners starting from
closest partners.
Simulation Result (No Churn)
ConclusionNetwork codingHave not fully investigatedMainly by researchers in coding and networking
independently
Many problems remaining before large deployment
