Presentation is loading. Please wait.

Presentation is loading. Please wait.

RIPPLE Authentication for Network Coding Yaping Li, The Chinese University of Hong Kong Hongyi Yao, Tsinghua University Minghua Chen, The Chinese University.

Published byLydia Danford Modified over 10 years ago

Similar presentations

Presentation on theme: "RIPPLE Authentication for Network Coding Yaping Li, The Chinese University of Hong Kong Hongyi Yao, Tsinghua University Minghua Chen, The Chinese University."— Presentation transcript:

1 RIPPLE Authentication for Network Coding Yaping Li, The Chinese University of Hong Kong Hongyi Yao, Tsinghua University Minghua Chen, The Chinese University of Hong Kong Sidharth Jaggi, The Chinese University of Hong Kong Alon Rosen, Herzliya Interdisciplinary Center, Israel 1

2 Network Coding Network coding Maximize network throuput Distributed solutions with low complexity Robust to packet loss and network failure Practical benifits What if some nodes are malicious? 2

3 Pollution Attacks 3 BA M F D E S Snowball effect

4 Taxonomy of Existing Solutions 4 End-to-endIn-network Public key based Symmetric key based ([Yu09, Agrawal09]) Only c-collusion resistant Vulnerable to a new tag pollution attack

5 New Tag Pollution Attacks 5 BA M F D E S ?? ?? ?? ???? Goal: Immediate detection Snowball effect ?? ??

6 Threat Model Attackers can Observe, inject, modify, delay, drop packets Launch tag pollution attacks Collude arbitrarily Attackers limitations Polynomial time bounded No access to randomness used by source 6

7 Design Goals Authentication scheme In-network Low complexity Arbitrary collusion resistant Tag pollution resistant (immediate detection) 7

8 Homomorphic MAC Message Authentication Code (MAC) Keyed hash function (symmetric key) Homomorphic MAC Create a new tag from old ones without key 8 M

9 RIPPLE, Illustrated When to disclose a key? How to authenticate a key? How to prevent tag pollution attacks? S BA C D 9 Level 1 Level 2 Level 3 Level: length of the longest path to the source

10 Our Homomorphic MAC Provably resistant to tag pollution and arbitrary collusion 10

11 Tag Pollution Attack Resistant 11 BA M F D E S ? ? Immediate detection Achieved! ? ?

12 When to Disclose a Key? Time One way key Chains 12 Use time to create asymmetry (TESLA, [PERRIG02])

13 How to Authenticate a Key? Source: Create a one way key chain per level Difficult to compute from Use in reverse order of generation Sign, denote Nodes: Authenticate given is valid if is authentic and 13

14 Performance Analysis Settings: A network of 10k nodes, Maximum 16 levels Packet size 1024 bytes Generation size 32 packets Number of parents per node 6 GNU/Linux with 2.33GHz Intel Core 2 Duo processors Number of Tags/level SecurityComputational Overhead (ns)Packet Overhead MACVerify and CombineTag size (bytes) 161.74.016 4246.824.064 14

15 Conclusion RIPPLE: Authentcation scheme for NC Has low complexity Tolerates arbitrary collusion Resists tag pollution attacks 15

16 Thanks! 16

Download ppt "RIPPLE Authentication for Network Coding Yaping Li, The Chinese University of Hong Kong Hongyi Yao, Tsinghua University Minghua Chen, The Chinese University."

Similar presentations

Signatures for Network Coding Denis Charles Kamal Jain Kristin Lauter Microsoft Research.

Signatures for Network Coding Denis Charles Kamal Jain Kristin Lauter Microsoft Research.
1 Security for Ad Hoc Network Routing. 2 Ad Hoc Networks Properties Mobile Wireless communication Medium to high bandwidth High variability of connection.

1 Security for Ad Hoc Network Routing. 2 Ad Hoc Networks Properties Mobile Wireless communication Medium to high bandwidth High variability of connection.
Slide 1 Insert your own content. Slide 2 Insert your own content.

Slide 1 Insert your own content. Slide 2 Insert your own content.
Performance in Decentralized Filesharing Networks Theodore Hong Freenet Project.

Performance in Decentralized Filesharing Networks Theodore Hong Freenet Project.
Security Issues In Mobile IP

Security Issues In Mobile IP
For APNOMS 2003 1 Managing Pervasive Computing and Ubiquitous Communications Challenges Ahead Graham Chen.

For APNOMS Managing Pervasive Computing and Ubiquitous Communications Challenges Ahead Graham Chen.
1 CompChall: Addressing Password Guessing Attacks IAS, ITCC-2005, April 2005 CompChall: Addressing Password Guessing Attacks By Vipul Goyal OSP Global.

1 CompChall: Addressing Password Guessing Attacks IAS, ITCC-2005, April 2005 CompChall: Addressing Password Guessing Attacks By Vipul Goyal OSP Global.
1 The Pollution Attack in P2P Live Video Streaming: Measurement Results and Defenses Prithula Dhungel Xiaojun Hei Keith W. Ross Nitesh Saxena Polytechnic.

1 The Pollution Attack in P2P Live Video Streaming: Measurement Results and Defenses Prithula Dhungel Xiaojun Hei Keith W. Ross Nitesh Saxena Polytechnic.
0 - 0.

0 - 0.
DIVIDING INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.

DIVIDING INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.
MULTIPLYING MONOMIALS TIMES POLYNOMIALS (DISTRIBUTIVE PROPERTY)

MULTIPLYING MONOMIALS TIMES POLYNOMIALS (DISTRIBUTIVE PROPERTY)
SUBTRACTING INTEGERS 1. CHANGE THE SUBTRACTION SIGN TO ADDITION

SUBTRACTING INTEGERS 1. CHANGE THE SUBTRACTION SIGN TO ADDITION
MULT. INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.

MULT. INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.
Addition Facts 1 - 20.

Addition Facts
Giuseppe Bianchi Lecture 6.1: Extras: Merkle Trees.

Giuseppe Bianchi Lecture 6.1: Extras: Merkle Trees.
Correctness of Gossip-Based Membership under Message Loss Maxim GurevichIdit Keidar Technion.

Correctness of Gossip-Based Membership under Message Loss Maxim GurevichIdit Keidar Technion.
Compressing Forwarding Tables Ori Rottenstreich (Technion, Israel) Joint work with Marat Radan, Yuval Cassuto, Isaac Keslassy (Technion, Israel) Carmi.

Compressing Forwarding Tables Ori Rottenstreich (Technion, Israel) Joint work with Marat Radan, Yuval Cassuto, Isaac Keslassy (Technion, Israel) Carmi.
TCP Probe: A TCP with Built-in Path Capacity Estimation Anders Persson, Cesar Marcondes, Ling-Jyh Chen, Li Lao, M. Y. Sanadidi, Mario Gerla Computer Science.

TCP Probe: A TCP with Built-in Path Capacity Estimation Anders Persson, Cesar Marcondes, Ling-Jyh Chen, Li Lao, M. Y. Sanadidi, Mario Gerla Computer Science.
1 Directed Depth First Search Adjacency Lists A: F G B: A H C: A D D: C F E: C D G F: E: G: : H: B: I: H: F A B C G D E H I.

1 Directed Depth First Search Adjacency Lists A: F G B: A H C: A D D: C F E: C D G F: E: G: : H: B: I: H: F A B C G D E H I.
Past Tense Probe. Past Tense Probe Past Tense Probe – Practice 1.

Past Tense Probe. Past Tense Probe Past Tense Probe – Practice 1.

Similar presentations

Ads by Google