resilient network coding in the presence of eavesdropping byzantine adversaries michael langberg...
TRANSCRIPT
Resilient Network Coding in the Presence of Eavesdropping Byzantine Adversaries
Michael LangbergSidharth Jaggi
Open University of Israel
ISIT 2007
Tsinghua University
Hongyi
Yao
Proof incorrect!
2009
Network Codes Resilient to Eavesdropping andJamming
Michael
Langberg
Sidharth Jaggi
ORHow to share a secretwhen a (bad) person’s listeningand trying to fool the receiver
Open University of IsraelTsinghua
University
Hongyi
Yao
University of Campinas
Danilo
Silva
NetCod 2010
Multicast Network Model
ALL of Alice’sinformationdecodableEXACTLYbyEACH Bob
[ACLY00] With mixing, C = min{Ci} achievable
[LCY02],[KM01],[JCJ03],[HKMKE03] Simple (linear) distributed codes suffice
Existence proofs/Converses
Efficient random distributed schemes
Cryptographic schemes
Universal schemes
Privacy (Secrecy)
[CY02], …, [RS07], …
[FMSS04],… [OB08], … [SK08],…
Security (Error Correction)
[CY06]/[YC06], …, [M06], …
[JLKKHM07],… [CJL06], [GP06], [ZKMH07], …
[KK07], [SKK08]…
Background
Setup
1. Scheme A B C2. Network
C3. Data A4. Code C5. Bad links C6. Randomness A7. Transmission A B C8. Decode B
Eureka
Eavesdropped links ZI
Attacked links ZO
Who knows what
Stage
Privacy
Background Efficient algorithms [SK08] [JLKKHM07],
[SKK08] “Optimal” rates (Secrecy) C-ZI (Security) C-2ZO Poly-time Distributed End-to-end Packet-based Topology unknown a priori Information-theoretically secure, private
Privacy at rate C-ZI ([CY02],…)
ZI random symbols
C-ZI rate
Network coding + one-time pad
Optimal
ZI eavesdropped links
Security at rate C-2ZO (…,[SKK08])
Optimal rateR = C-2ZO
Error-correcting code
Network(Operator channel [KK07], Rank-metric codes [SKK08])
ZO corrupted links
Privacy + Security at rate C-2ZO-ZI
Optimal rate for zero-error codes
Network error-correcting codeRate C-2ZO
ZI random symbols
Overall rate C-2ZO-ZI
[NY09], [SK10]
ε-error?
Shared-secret Security at rate C-ZO
[JLKKHM07]
€
Y = TX + T 'Z = T T '[ ]X
Z
⎡
⎣ ⎢
⎤
⎦ ⎥
€
X
Z
⎡
⎣ ⎢
⎤
⎦ ⎥= T T '[ ]
−1Y
Invertible w.h.p. [HKMKE03]
C2 secret hashes of X
Linear list with C2 variables*
Secure transmission at rate C-ZO!
Secure + private transmission at rate C-ZO-ZI!
w.h.p., unique decoding!
* Different list-decoding used
Just one (secret) bit for Bob… [YSJL10]
€
0 →R
0
⎡
⎣ ⎢
⎤
⎦ ⎥
€
1→R
R'
⎡
⎣ ⎢
⎤
⎦ ⎥
€
} ZI} C − ZI
€
} ZI} C − ZI €
Decode(Y ) =0, rank(Y ) <C
1, rank(Y ) =C
⎧ ⎨ ⎩
Privacy: [SK08] (Only sees ZI links)
Security:
€
R
0
⎡
⎣ ⎢
⎤
⎦ ⎥→
R
R' '
⎡
⎣ ⎢
⎤
⎦ ⎥, only ZO <C − ZI packets
€
w.h.p. R
R'
⎡
⎣ ⎢
⎤
⎦ ⎥→
R' '
R' ' '
⎡
⎣ ⎢
⎤
⎦ ⎥, doesn't know R, R'