• Title/Summary/Keyword: Secure Network Coding

Search Result 10, Processing Time 0.018 seconds

New Secure Network Coding Scheme with Low Complexity (낮은 복잡도의 보안 네트워크 부호화)

  • Kim, Young-Sik
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.38A no.4
    • /
    • pp.295-302
    • /
    • 2013
  • In the network coding, throughput can be increased by allowing the transformation of the received data at the intermediate nodes. However, the adversary can obtain more information at the intermediate nodes and make troubles for decoding of transmitted data at the sink nodes by modifying transmitted data at the compromised nodes. In order to resist the adversary activities, various information theoretic or cryptographic secure network coding schemes are proposed. Recently, a secure network coding based on the cryptographic hash function can be used at the random network coding. However, because of the computational resource requirement for cryptographic hash functions, networks with limited computational resources such as sensor nodes have difficulties to use the cryptographic solution. In this paper, we propose a new secure network coding scheme which uses linear transformations and table lookup and safely transmits n-1 packets at the random network coding under the assumption that the adversary can eavesdrop at most n-1 nodes. It is shown that the proposed scheme is an all-or-nothing transform (AONT) and weakly secure network coding in the information theory.

Practical Schemes for Tunable Secure Network Coding

  • Liu, Guangjun
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.9 no.3
    • /
    • pp.1193-1209
    • /
    • 2015
  • Network coding is promising to maximize network throughput and improve the resilience to random network failures in various networking systems. In this paper, the problem of providing efficient confidentiality for practical network coding system against a global eavesdropper (with full eavesdropping capabilities to the network) is considered. By exploiting a novel combination between the construction technique of systematic Maximum Distance Separable (MDS) erasure coding and traditional cryptographic approach, two efficient schemes are proposed that can achieve the maximum possible rate and minimum encryption overhead respectively on top of any communication network or underlying linear network code. Every generation is first subjected to an encoding by a particular matrix generated by two (or three) Vandermonde matrices, and then parts of coded vectors (or secret symbols) are encrypted before transmitting. The proposed schemes are characterized by tunable and measurable degrees of security and also shown to be of low overhead in computation and bandwidth.

Homomorphic Subspace MAC Scheme for Secure Network Coding

  • Liu, Guangjun;Wang, Xiao
    • ETRI Journal
    • /
    • v.35 no.1
    • /
    • pp.173-176
    • /
    • 2013
  • Existing symmetric cryptography-based solutions against pollution attacks for network coding systems suffer various drawbacks, such as highly complicated key distribution and vulnerable security against collusion. This letter presents a novel homomorphic subspace message authentication code (MAC) scheme that can thwart pollution attacks in an efficient way. The basic idea is to exploit the combination of the symmetric cryptography and linear subspace properties of network coding. The proposed scheme can tolerate the compromise of up to r-1 intermediate nodes when r source keys are used. Compared to previous MAC solutions, less secret keys are needed for the source and only one secret key is distributed to each intermediate node.

Efficient Post-Quantum Secure Network Coding Signatures in the Standard Model

  • Xie, Dong;Peng, HaiPeng;Li, Lixiang;Yang, Yixian
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.5
    • /
    • pp.2427-2445
    • /
    • 2016
  • In contrast to traditional "store-and-forward" routing mechanisms, network coding offers an elegant solution for achieving maximum network throughput. The core idea is that intermediate network nodes linearly combine received data packets so that the destination nodes can decode original files from some authenticated packets. Although network coding has many advantages, especially in wireless sensor network and peer-to-peer network, the encoding mechanism of intermediate nodes also results in some additional security issues. For a powerful adversary who can control arbitrary number of malicious network nodes and can eavesdrop on the entire network, cryptographic signature schemes provide undeniable authentication mechanisms for network nodes. However, with the development of quantum technologies, some existing network coding signature schemes based on some traditional number-theoretic primitives vulnerable to quantum cryptanalysis. In this paper we first present an efficient network coding signature scheme in the standard model using lattice theory, which can be viewed as the most promising tool for designing post-quantum cryptographic protocols. In the security proof, we propose a new method for generating a random lattice and the corresponding trapdoor, which may be used in other cryptographic protocols. Our scheme has many advantages, such as supporting multi-source networks, low computational complexity and low communication overhead.

Power Splitting-based Analog Network Coding for Improving Physical Layer Security in Energy Harvesting Networks (에너지 하베스팅 네트워크에서 물리계층 보안을 향상시키기 위한 파워 분할 기반의 아날로그 네트워크 코딩)

  • Lee, Kisong;Choi, Hyun-Ho
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.21 no.10
    • /
    • pp.1849-1854
    • /
    • 2017
  • Recently, RF energy harvesting, in which energy is collected from the external RF signals, is considered as a promising technology to resolve the energy shortage problem of wireless sensors. In addition, it is important to guarantee secure communication between sensors for implementing Internet-of-Things. In this paper, we propose a power splitting-based network analog coding for maximizing a physical layer security in 2-hop networks where the wireless-powered relay can harvest energy from the signals transmitted by two sources. We formulate systems where two sources, relay, and eavesdropper exist, and find an optimal power splitting ratio for maximizing the minimum required secrecy capacity using an exhaustive search. Through simulations under various environments, it is demonstrated that the proposed scheme improves the minimum required secrecy capacity by preventing the eavesdropper from overhearing source signals, compared to the conventional scheme.

A Study on Security Enhancement for the Use and Improvement of Blockchain Technology (보안성 강화를 위한 블록체인기술의 활용과 개선방안 연구)

  • Seung Jae Yoo
    • Convergence Security Journal
    • /
    • v.23 no.1
    • /
    • pp.63-68
    • /
    • 2023
  • In this study, in relation to blockchain protocol and network security, we study the configuration of blockchain and encryption key management methods on smart contracts so that we can have a strong level of response to MITM attacks and DoS/DDoS attacks. It is expected that the use of blockchain technology with enhanced security can be activated through respond to data security threats such as MITM through encryption communication protocols and enhanced authentication, node load balancing and distributed DDoS attack response, secure coding and vulnerability scanning, strengthen smart contract security with secure consensus algorithms, access control and authentication through enhanced user authentication and authorization, strengthen the security of cores and nodes, and monitoring system to update other blockchain protocols and enhance security.

A Countermeasure against the Abatement Attack to the Security Server (중간자공격을 이용한 보안서버 무효화공격에 대한 대응법)

  • Cho, Seong-Min;Lee, Hoon
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.20 no.1
    • /
    • pp.94-102
    • /
    • 2016
  • In this work we propose a new method to countermeasure against the abatement attack to the security server that is induced by man-in-the-middle attack. To that purpose, we first investigate the state of the art in the current research about the abatement attack. After that, we propose a new countermeasure method that can cope with the unresolved problems in the current method, which can cover diverse types of network.

A Study of Pre-inspection for Information Security in Information System (정보시스템의 정보보호를 위한 사전점검에 관한 연구)

  • Lee, Keun-Ho
    • Journal of Digital Convergence
    • /
    • v.12 no.2
    • /
    • pp.513-518
    • /
    • 2014
  • According to the development of IT technology, various new technologies are being produced. As the complexity of the information system like using the network and convergence devices is increasing, threat and vulnerability against various security problems are increasing even though new IT services provide the convenience of users' accessibility to services. In order to secure the safety of information system, the weakness is being removed through the information protection vulnerability analysis starting from information and communication service construction stage and the system is being prepared for pre-inspection activities about whether the information protection measures were established and applied. In this paper, introduction and current status of each country about advanced check-up systems in the information system are to be identified. Progress direction about the advanced pre-inspection system which is driven by Korea Internet Security Agency and its activation plan to secure the safety are to be suggested.

Design and Implementation of the Electronic Payment Protocol for Digital Merchandise (디지털 상품 거래를 위한 전자지불 프로토콜 설계 및 구현)

  • Park Sei-Seung;Han Jae-Kyun
    • Journal of Korea Multimedia Society
    • /
    • v.8 no.7
    • /
    • pp.988-999
    • /
    • 2005
  • As the Internet continues to have the commercial trade changed, the method of payment is one of critical components to conduct successful businesses through the internet. An electronic cash has all of the characteristics of a traditional commodity cash and ensures the security for all transactions. Accordingly an internet billing system based on the electronic cash is expected as the secure and efficient payment method for the future electronic commerces. The digital contents such as digital merchandise and services have the characteristic that both the delivery of merchandise and the payment of money can be accomplished on the same network and are helpful to idealize the design of the electronic commerce system. In this paper, Anonymity got to be possible by using a virtual ID in the process of payment, the payment steps were decreased by being processed on the same network, and the efficiency and the security were guaranteed by decreasing the frequency of the coding and communication.

  • PDF

A Study on Quality Assurance of Embedded Software Source Codes for Weapon Systems by Improving the Reliability Test Process (신뢰성 시험 프로세스 개선을 통한 무기체계 내장형 소프트웨어 소스코드 품질확보에 관한 연구)

  • Kwon, Kyeong Yong;Joo, Joon Seok;Kim, Tae Sik;Oh, Jin Woo;Baek, Ji Hyun
    • Journal of KIISE
    • /
    • v.42 no.7
    • /
    • pp.860-867
    • /
    • 2015
  • In the defense field, weapon systems are increasing in importance, as well as the weight of the weapon system embedded software development as an advanced technology. As the development of a network-centric warfare has become important to secure the reliability and quality of embedded software in modern weapons systems in battlefield situations. Also, embedded software problems are transferred to the production stage in the development phase and the problem gives rise to an enormous loss at the national level. Furthermore, development companies have not systematically constructed a software reliability test. This study suggests that approaches about a qualityverification- system establishment of embedded software, based on a variety of source code reliability test verification case analysis.