network coding and information security n.
Skip this Video
Loading SlideShow in 5 Seconds..
Network Coding and Information Security PowerPoint Presentation
Download Presentation
Network Coding and Information Security

Network Coding and Information Security

191 Vues Download Presentation
Télécharger la présentation

Network Coding and Information Security

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University

  2. Outline • Introduction to Network Coding • The Max-flow Bound • Secure Network Coding • Concluding Remarks

  3. Introduction toNetwork Coding

  4. A Network Coding Example The Butterfly Network

  5. b1 b2 b1 b2 b1 b2 b1 b2 b1 b2 b1 b2 b1 b1+b2 b2 b2 b1 b1+b2 b1+b2

  6. A Network Coding Example with Two Sources

  7. b1 b2 b1 b2 b1+b2 b2 b2 b2 b1 b1 b1 b1+b2 b1+b2 b2 b1

  8. b1 b2 b1 t = 1 b2 t = 2 b1+b2 b1+b2 t = 3 Wireless/Satellite Application 50% saving for downlink bandwidth!

  9. Two Themes of Network Coding • When there is 1 source to be multicast in a network, store-and-forward may fail to optimize bandwidth. • When there are 2 or more independent sources to be transmitted in a network (even for unicast), store-and-forward may fail to optimize bandwidth. In short, Information is NOT a commodity!

  10. Model of a Point-to-Point Network • A network is represented by a directed graph G = (V,E) with node set V and edge (channel) set E. • A symbol from an alphabet F can be transmitted on each channel. • There can be multiple edges between a pair of nodes.

  11. Single-Source Network Coding • The source node S generates an information vector x = (x1 x2 … xk)  Fk. • What is the condition for a node T to be able to receive the information vector x? • Max-Flow Bound. If maxflow(T) < k, then T cannot possibly receive x.

  12. The Basic Results • If network coding is allowed, a node T can receive the information vector x iff maxflow(T) ≥k i.e., the max-flow bound can be achieved simultaneously by all such nodes T. (ACLY00) • Moreover, this can be achieved by linear network coding for a sufficiently large base field. (LYC03, KM03)

  13. Secure Network Coding Cai and Y, 2002 (discussed with Ueli Maurer, ISIT 2000)

  14. Problem Formulation • The underlying model is the same as network multicast using network coding except that some sets of channels can be wiretapped. • Let A be a collection of subsets of the edge set E. • A subset in A is called a wiretap set. • Each wiretap set may be fully accessed by a wiretapper. • No wiretapper can access more than one wiretap set. • The network code needs to be designed in a way such that no matter which wiretap set the wiretapper has access to, the multicast message is information-theoretically secure.

  15. Our Coding Scheme • The multicast message is (s,w), where • s is the secure message • w is the randomness • Both s and w are generated at the source node.

  16. A Example of a Secure Network Code

  17. s-w s+w s+w s-w s-w w s+w • One of the 3 red channels can be wiretapped • s is the secure message • w is the randomness w w

  18. Another Example of Secure Network Coding The (1,2)-threshold Secret Sharing Scheme

  19. w s-w s+w • One of the 3 red channels can be wiretapped • s is the secure message • w is the randomness

  20. Construction of Secure Network Codes • Let n = minT maxflow(T). • We have obtained a sufficient condition under which a secure linear network code can be constructed. • In particular, if Aconsists of all the r-subsets of E, where r < n, then we can construct a secure network code with multicast message (s,w) such that |s|=n-r and |w|=r. • For this case, the condition is also necessary. • Interpretation: For a sink node T, if r channels in the network are wiretapped, the number of “secure paths” from the source node to T is still at least n-r. So n-r symbols can go through securely.

  21. Global Encoding Kernels of a Linear Network Code • Recall that x = (x1 x2 … xk) is the multicast message. • For each channel e, assign a column vector fe such that the symbol sent on channel e is x fe. The vector fe is called the global encoding kernel of channel e. • The global encoding kernel of a channel is analogous to a column in the generator matrix of a classical block code. • The global encoding kernel of an output channel at a node must be a linear combination of the global encoding kernels of the input channels.

  22. An Example k = 2, let x = (b1, b2)

  23. b1 b2 b1 b2 b1 b1+b2 b2 b1+b2 b1+b2

  24. Idea of Code Construction • Start with a linear network code for multicasting n symbols. • For all wiretap set A A, let fA = { fe : e  A }, the set of global encoding kernels of the channels in A. • Let dim(span(fA))  r for all A A. [sufficient condition] • When the base field F is sufficiently large, we can find b1, b2, …, bn-r Fn such that b1, b2, …, bn-r are linearly independent of fA for allA A.

  25. Let the multicast message be (s,w), with |s| = n-r and |w| = r. • Take a suitable linear transformation of the given linear network code to obtain the desired secure network code.

  26. Recent Work (Cai and Y, ISIT 2007) • We obtained a necessary and sufficient condition for the security of linear network codes. • This condition applies in the cases when • There are more than one information source nodes in the network. • The random keys are not uniformly distributed. • This condition also shows that the security of a linear network code does not depend on the source distribution.

  27. Resources • Network Coding Homepage • R. W. Yeung, S.-Y. R. Li, N. Cai and Z. Zhang, Network Coding Theory, now Publishers, 2005 (Foundation and Trends in Communications and Information Theory). • N. Cai and R. W. Yeung, “Secure network coding,” preprint.

  28. Concluding Remarks • Secure network coding is a generalization of both (regular) network coding and secret sharing. • The subject is still in its infancy, and a lot of basic questions are yet to be answered.