Design of Linear Network Coding for Secure Unicast Against Passive Attacks
|School||University of Science and Technology of China|
|Keywords||linear network coding random network coding finite field anonymous communication weakly secure information theoretically secure throughput capacity passive attack eavesdropping attack traffic analysis attack|
Network coding (NC) is a promising technology that can achieve the maximal throughput capacity of communication network. According to different encoding methods, network coding can be classified into linear network coding and nonlinear network coding. Because of the simplicity of the coding scheme, linear network coding has been widely used in the literature. Despite this salient feature, there are still many challenges to be addressed, and security is clearly one of the most important issues. Related works have shown that linear network coding not only can improve the network thoughput but also has many advantages to provide information security. Therefore, how to provide secure and effective data transmission using linear network coding is one important research issue.In this thesis, we foucs on providing secure and effective data transmission using linear network coding. Key problems are solved by integrating the topology formation and secure LNC design together. We further propose algorithms for topology formation and linear network coding design. We investigate two key aspects of secure data communication including confidentiality against eavesdropping attack and anonymity against traffic analysis attack, for wired networks. Particularly, we identify three important problems as our research targets: (1) design of linear network coding against eavesdropping under the requirements of weak security, (2) design of linear network coding against wiretapping under the requirements of information theoretical security, and (3) design of linear network coding for anonymous communication against traffic analysis attack. Main contributions of this thesis include:For confidentiality, we consider two secure requirements, i.e., weak security (WS) and information theoretical security (ITS), which are widely studied in the literature. Our contributions from this research include: we investigate the LNC design for secure unicast with multiple streams (SUMS) between the same source and destination pair. The objectives of our LNC design include a) satisfying different secure requirements, b) maximizing the transmission data rate, and c) minimizing the random symbol usage for requirements of ITS. To the best of the authors’knowledge, no previous work has been conducted to address the design of such secure LNC. To achieve such objectives, our designs integrate the topology formation and secure LNC design together to maximize the secure transmission rate under the internal eavesdropping attack. Specifically, we first formulate the secure unicast routing problem that maximizes the secure transmission rate under different secure requirements and prove that it is equivalent to a constrained network flow problem. Based on this fact, we then develop efficient algorithm that can find the unicast topology to fulfill the constraints. Based on the transmission topology, we then design a deterministic LNC which satisfies the aforementioned objectives and provide a constructive upper bound of the size of the finite field. Finally, in addition, we also study the potential of random LNC and derive the low bound of the probability that a random LNC satisfies different secure requirements.For anonymity, we consider anonymous communication with network coding. Specifically, we design a novel, simple, and effective linear network coding mechanism (ALNCode) to achieve flow untraceability in a communication network with multiple unicast flows. With solid theoretical analysis, we first show that LNC can be applied to thwart traffic analysis attacks without the need of encrypting GEVs. Our key idea is to mix multiple flows at their intersection nodes by generating downstream GEVs from the common basis of upstream GEVs belonging to multiple flows, in order to hide the correlation of upstream and downstream GEVs in each flow. We then design a deterministic LNC scheme to implement our idea, by which the downstream GEVs produced are guaranteed to obfuscate their correlation with the corresponding upstream GEVs. We also give extensive theoretical analysis on the intersection probability of GEV bases and the influential factors to the effectiveness of our scheme, as well as the algorithm complexity to support its efficiency.Research of linear network coding for secure data transmission not only provides theoretical basis for design of secure linear network coding but also have important significance in practical secure network coding.