Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010
description
Transcript of Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010
![Page 1: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/1.jpg)
1
Quantitative Evaluation of Secure Network Coding
Dawn MeetingUCSC Nov 4, 2010
Quantitative Evaluation of Secure Network Coding
Dawn MeetingUCSC Nov 4, 2010
SeungHoon Lee, Mario GerlaIn collaboration with IBM researchers
![Page 2: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/2.jpg)
2
Improves throughput and reliability in disruptive MANETs
Packets mixed by intermediate nodes
Receivers still can recover original data under partial packet drop
2
Network Coding (NC)
Decoding success
pkt drop
![Page 3: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/3.jpg)
No pollution detection/prevention in conventional NC protocols
Internal/ external attacks possible
Even one invalid packet can disrupt the entire data
Homomorphic cryptography can protect NC
However,
Computation is cumbersome, discouraging implementations
6
Vulnerability of NC
Decoding Failure
Pollution Attack
![Page 4: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/4.jpg)
Investigate the scalability of secure network coding based on homomorphic functions
We address PUSH scenario only (PULL is an extension)
Perform practical evaluation of the theoretical work[1] GKKR by TA2 researchers on secure network coding
Over the INTEGERS (as opposed to Galois field)
7
Objective of this work
[1] R. Gennaro, J. Katz, H. Krawczyk, and T. Rabin. Secure network coding over the integers. In Public Key Cryptography, pages 142–160, 2010.
Implementationof Secure NC
(Linux)
Experimental Measurement
Qualnet Network Simulator
![Page 5: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/5.jpg)
8
Implementation: NC + NSig
Source Intermediate node Destination
X 1 X 2 X 3
![Page 6: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/6.jpg)
9
Implementation: NC + NSig
(1) NSig(): Computing signatures of each block*Only once at the beginning
Source Intermediate node Destination
X 1 X 2 X 3
σ 1 σ 2 σ 3
![Page 7: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/7.jpg)
10
Implementation: NC + NSig
(1) NSig(): Computing signatures of each block*Only once at the beginning
Source Intermediate node Destination
+
X 1 X 2 X 3
e1 e2 e3
e1X1+e2X2+e3X3[e1,e2,e3]
σ 1 σ 2 σ 3
(2) encode(): Generating a coded blockNC: Random linear network coding
![Page 8: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/8.jpg)
11
Implementation: NC + NSig
(1) NSig(): Computing signatures of each block*Only once at the beginning
Source Intermediate node Destination
x
X 1 X 2 X 3
e1X1+e2X2+e3X3[e1,e2,e3]
σ 1 σ 2 σ 3
(2) encode(): Generating a coded blockNC: Random linear network coding
(3) combine(): Combining signatures
σ
e1 e2 e3
![Page 9: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/9.jpg)
12
Implementation: NC + NSig
(1) NSig(): Computing signatures of each block*Only once at the beginning
Source Intermediate node Destination
x
X 1 X 2 X 3
e1X1+e2X2+e3X3[e1,e2,e3]
σ 1 σ 2 σ 3
(2) encode(): Generating a coded blockNC: Random linear network coding
(3) combine(): Combining signatures
σ
e1 e2 e3
![Page 10: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/10.jpg)
13
Implementation: NC + NSig
Source Intermediate node Destination
e1X1+e2X2+e3X3[e1,e2,e3] σ
![Page 11: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/11.jpg)
14
Implementation: NC + NSig
Source Intermediate node Destination
e1X1+e2X2+e3X3[e1,e2,e3] σ (1) vry_NC(): Checking linear independency(By Gaussian Elimination)
![Page 12: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/12.jpg)
15
Implementation: NC + NSig
Source Intermediate node Destination
e1X1+e2X2+e3X3[e1,e2,e3] σ (1) vry_NC(): Checking linear independency(By Gaussian Elimination)
If independent,(2) vry_Sig(): Validating signatures
![Page 13: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/13.jpg)
16
Implementation: NC + NSig
Source Intermediate node Destination
e1X1+e2X2+e3X3[e1,e2,e3] σ (1) vry_NC(): Checking linear independency(By Gaussian Elimination)
If independent,(2) vry_Sig(): Validating signatures
If valid, store the coded block*If either verification fails, immediately drop.
![Page 14: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/14.jpg)
17
Implementation: NC + NSig
Source Intermediate node Destination
e1X1+e2X2+e3X3[e1,e2,e3] σ (1) vry_NC(): Checking linear independency(By Gaussian Elimination)
If independent,(2) vry_Sig(): Validating signatures
If valid, store the coded block*If either verification fails, immediately drop.
Generate a new coded blockby encode(data), combine(signatures)
![Page 15: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/15.jpg)
18
Implementation: NC + NSig
Source Intermediate node Destination
e1X1+e2X2+e3X3[e1,e2,e3] σ (1) vry_NC(), vry_Sig()If valid, store the coded block.
![Page 16: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/16.jpg)
19
Implementation: NC + NSig
Source Intermediate node Destination
e1X1+e2X2+e3X3[e1,e2,e3] σ (1) vry_NC(), vry_Sig()If valid, store the coded block.
Once collect m blocks (valid & independent),(2) decode(): Recover the original data
*m: # of blocks of data in the generation
![Page 17: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/17.jpg)
Another way of Secure Network Coding
instead of NSig (computing/validating signatures)
Hash Verification:
verify multiple coded blocks with a single verification
20
Implementation: NC + NHash
+
X 1 X 2 X 3
e1 e2 e3
e1X1+e2X2+e3X3[e1,e2,e3] x
encode()vry_Hash() If vry_Hash() passes,
sends out the coded block
![Page 18: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/18.jpg)
Hardware Intel Core 2 Duo T9600 processor (2.8GHz, 6MB cache)
RAM: 2GB
Software Linux platform
C++ / GMP library[2] (for cryptography implementation)
21
Experimental Setup (1)
[2] The GNU Multiple Precision Arithmetic Library. http://gmplib.org/
![Page 19: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/19.jpg)
23
Experimental Results (1)
vry_NC()
Processing delays are proportional to # of blocksAs downloaded more blocks, vry_NC() requires more delay for processing Gaussian elimination
![Page 20: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/20.jpg)
24
Experimental Results (2)
Processing delays of vry_Sig() and vry_Hash() do not depend on mThe operations done with only a coded block being verified
In general, Secure NC operations require more delay than NC0.015ms (vry_NC) vs 22.5ms (vry_Sig), m=8
![Page 21: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/21.jpg)
Evaluate the performance in realistic network scenario (PUSH Model)
QualNet 3.9.5Bandwidth: 2Mbps (broadcasting)
Data rate at source: 256Kbps
Network Topology (static topology)1 Source/ 1 destination
Variable # of hops H
We compare four schemesNC_Only: Plain NC
NC + Nsig
NC + Nhash
BFKW[3]: Previously proposed homomorphic signature schemes
25
Simulation Setup
[3] D. Boneh, D. Freeman, J. Katz, and B. Waters. Signing a linear subspace: Signature schemesfor network coding. In Public Key Cryptography (PKC), 2009.
![Page 22: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/22.jpg)
27
Simulation Results
Delay increases with more hops between Src/ Dst NSig/NHash take less delay than BFKW
![Page 23: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/23.jpg)
Conclusion
28
Studied feasibility of secure network coding schemes Implemented the theoretical works and measured processing overhead from
experiments Integrated the experimental results into a packet-level network simulator,
and evaluated the schemes in a realistic network scenario Secure NC increases delay by only 30% with respect to plain NC GKKR secure NC outperforms previously proposed BFKW
Ongoing work Extend to PULL model (large generation) Comparison with end-to-end coding schemes (Fountain/ Raptor codes)
Protected from internal attacks by conventional signatures
More dynamic network scenarios: node mobility, pollution attacks Heterogeneous nodes(some cannot do Homomorphic operations)
![Page 24: Quantitative Evaluation of Secure Network Coding Dawn Meeting UCSC Nov 4, 2010](https://reader035.fdocuments.net/reader035/viewer/2022070411/568148af550346895db5c2ee/html5/thumbnails/24.jpg)
Question & Answer
29
Thank You!