Presentation is loading. Please wait.

Presentation is loading. Please wait.

On-the-fly Verification of Erasure-Encoded File Transfers Mike Freedman & Max Krohn NYU Dept of Computer Science.

Published byTylor Colleton Modified over 9 years ago

Similar presentations

Presentation on theme: "On-the-fly Verification of Erasure-Encoded File Transfers Mike Freedman & Max Krohn NYU Dept of Computer Science."— Presentation transcript:

1 On-the-fly Verification of Erasure-Encoded File Transfers Mike Freedman & Max Krohn NYU Dept of Computer Science

2 Downloading Large Files From P2P Networks  For large files, transfer times are much bigger than average node uptimes.  Some files are very popular: multiple sources and multiple requesting nodes.  Is it possible to have multicast, even though sources and receivers frequently enter and leave the network.

3 Solution: Rateless Erasure Codes Source (S1) Receiver (R1) Source (S2)Source (S3)Source (S4)

4 Solution: Rateless Erasure Codes Source (S1) Receiver (R1) Source (S2)Source (S3)Source (S4) Wants file F

5 Mutli-Sourced Downloads Source (S1) Receiver (R1) Source (S2)Source (S3)Source (S4)

6 Mutli-Sourced Downloads Source (S1) Receiver (R1) Source (S2)Source (S3)Source (S4)   

7 Receiver (R3)Receiver (R4) Receiver (R3) “Overlapping Multicast Trees” Source (S1)Source (S2)Source (S3)Source (S4) Receiver (R2) Receiver (R1) 

8 Resuming Truncated Downloads Source (S1) Receiver (R1)Receiver (R2)

9 Resuming Truncated Downloads Source (S1) Receiver (R1)Receiver (R2)

10 Resuming Truncated Downloads Source (S1) Receiver (R1)Receiver (R2) 

11 Threat Model KaZaa eDonkey 2000 Gnutella Morpheus

12 Threat Model KaZaa eDonkey 2000 Gnutella Morpheus

13 Threat Model KaZaa eDonkey 2000 Gnutella Morpheus

14 Threat Model KaZaa eDonkey 2000 Gnutella Morpheus

15 Bogus Data Attack KaZaa eDonkey 2000 Gnutella Morpheus

16 Unwanted Data Attack KaZaa eDonkey 2000 Gnutella Morpheus

17 Attacking Erasure Encoded Transfers Source (S1) Receiver (R1) Source (S2)Source (S3)Source (S4)

18 Attacking Erasure Encoded Transfers Source (S1) Receiver (R1) Source (S2)Source (S3)Source (S4)

19 Erasure Encoding of Files …

20 Easily Verifiable…. …

21 …but Not on the Fly Source (S1) Receiver (R1) Source (S2)Source (S3)Source (S4)

22 What Happened?  R1 received checkblock c from S4. S4 claims: blah

23 What Happened?  R1 received checkblock c from S4. S4 claims:  R1 knows: But how can R1 verify c? Wouldn’t it be nice if: Not true for SHA1!

24 What Happened?  R1 received checkblock c from S4. S4 claims:  R1 knows:  But how can R1 verify c? Wouldn’t it be nice if: Not true for SHA1!

25 What Happened?  R1 received checkblock c from S4. S4 claims:  R1 knows:  But how can R1 verify c?  Wouldn’t it be nice if: Not true for SHA1!

26 What Happened?  R1 received checkblock c from S4. S4 claims:  R1 knows:  But how can R1 verify c?  Wouldn’t it be nice if:  Not true for SHA1!

27 A Homomorphic Hashing Scheme  Assume file block size of 8kB  Pick large prime (about 1024 bits) and small prime (about 256 bits) that divides, and 256 generators of order q:  Writes the file F as matrix, elements in

28 How To Hash  The hash of a message or check block is an element in :

29 How To Hash  The hash of a message or check block is an element in :  The hash of the entire file is an n-element vector of the hashes of the blocks:

30 The Only Important Slide implies that Why?

31 How To Encode  Checkblocks are constructed using modular addition over.  To generate a checkblock, pick a set And compute

32 How To Verify Given the correct hash: And a check block: verify that:  Note: LHS computation is expensive!

33 Success! Source (S1) Receiver (R1) Source (S2)Source (S3)Source (S4)

34 Analysis + Security of the hash function based on hardness of the discrete log. − Hashes are big (1/256 the size of the file), but we can apply this process recursively. + Our paper details a batched, probabilistic verification scheme that drastically reduces exponentiations. + Verifying rate is 40x faster than download rates on a T1.

Download ppt "On-the-fly Verification of Erasure-Encoded File Transfers Mike Freedman & Max Krohn NYU Dept of Computer Science."

Similar presentations

Signatures for Network Coding Denis Charles Kamal Jain Kristin Lauter Microsoft Research.

Signatures for Network Coding Denis Charles Kamal Jain Kristin Lauter Microsoft Research.
What is RAID Redundant Array of Independent Disks.

What is RAID Redundant Array of Independent Disks.
On the Amortized Complexity of Zero-Knowledge Proofs Ronald Cramer, CWI Ivan Damgård, Århus University.

On the Amortized Complexity of Zero-Knowledge Proofs Ronald Cramer, CWI Ivan Damgård, Århus University.
CSC 774 Advanced Network Security

CSC 774 Advanced Network Security
P2P data retrieval DHT (Distributed Hash Tables) Partially based on Hellerstein’s presentation at VLDB2004.

P2P data retrieval DHT (Distributed Hash Tables) Partially based on Hellerstein’s presentation at VLDB2004.
Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan MIT and Berkeley presented by Daniel Figueiredo Chord: A Scalable Peer-to-peer.

Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan MIT and Berkeley presented by Daniel Figueiredo Chord: A Scalable Peer-to-peer.
Henry C. H. Chen and Patrick P. C. Lee

Henry C. H. Chen and Patrick P. C. Lee
Nattee Niparnan. Recall  Complexity Analysis  Comparison of Two Algos  Big O  Simplification  From source code  Recursive.

Nattee Niparnan. Recall  Complexity Analysis  Comparison of Two Algos  Big O  Simplification  From source code  Recursive.
Network Coding in P2P-Systems Christian Ortolf. Overview ● Introduction ● Galois fields ● Encoding/Decoding of Files ● Gain – Coupon Collector's problem.

Network Coding in P2P-Systems Christian Ortolf. Overview ● Introduction ● Galois fields ● Encoding/Decoding of Files ● Gain – Coupon Collector's problem.
SIA: Secure Information Aggregation in Sensor Networks Bartosz Przydatek, Dawn Song, Adrian Perrig Carnegie Mellon University Carl Hartung CSCI 7143: Secure.

SIA: Secure Information Aggregation in Sensor Networks Bartosz Przydatek, Dawn Song, Adrian Perrig Carnegie Mellon University Carl Hartung CSCI 7143: Secure.
Introduction to Computer Security Programming Assignment #2 Onsite Test.

Introduction to Computer Security Programming Assignment #2 Onsite Test.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.

Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.
Network Coding for Large Scale Content Distribution Christos Gkantsidis Georgia Institute of Technology Pablo Rodriguez Microsoft Research IEEE INFOCOM.

Network Coding for Large Scale Content Distribution Christos Gkantsidis Georgia Institute of Technology Pablo Rodriguez Microsoft Research IEEE INFOCOM.
Informed Content Delivery Across Adaptive Overlay Networks J. Byers, J. Considine, M. Mitzenmacher and S. Rost Presented by Ananth Rajagopala-Rao.

Informed Content Delivery Across Adaptive Overlay Networks J. Byers, J. Considine, M. Mitzenmacher and S. Rost Presented by Ananth Rajagopala-Rao.
CNS2010handout 10 :: digital signatures1 computer and network security matt barrie.

CNS2010handout 10 :: digital signatures1 computer and network security matt barrie.
FRIENDS: File Retrieval In a dEcentralized Network Distribution System Steven Huang, Kevin Li Computer Science and Engineering University of California,

FRIENDS: File Retrieval In a dEcentralized Network Distribution System Steven Huang, Kevin Li Computer Science and Engineering University of California,
Introduction to Modern Cryptography, Lecture ?, 2005 Broadcast Encryption, Traitor Tracing, Watermarking.

Introduction to Modern Cryptography, Lecture ?, 2005 Broadcast Encryption, Traitor Tracing, Watermarking.
Announcements: 1. Class cancelled tomorrow 2. HW7 due date moved to Thursday. Questions? This week: Birthday attacks, Digital signatures Birthday attacks,

Announcements: 1. Class cancelled tomorrow 2. HW7 due date moved to Thursday. Questions? This week: Birthday attacks, Digital signatures Birthday attacks,

Similar presentations

Ads by Google