SinPack: A Security Protocol for Preventing Pollution Attacks in Network-Coded Content Distribution Networks

SinPack: A Security Protocol for Preventing Pollution Attacks in Network-Coded Content Distribution Networks

We present SinPack, a security protocol for preventing packet pollution attacks in network-coded content distribution networks. SinPack employs a homomorphically-addressable Bloom filter data structure to enforce the integrity of network-coded packets all the way from source to destination. Using a...

Full description

Saved in:
Bibliographic Details
Published in:2010 IEEE Global Telecommunications Conference GLOBECOM 2010 pp. 1 - 6
Main Authors: Itani, W, Ghali, César, El Hajj, A, Kayssi, A, Chehab, A
Format: Conference Proceeding
Language:English
Published: IEEE 01-12-2010
Subjects:
Encryption
Filtering theory
Network coding
Peer to peer computing
Pollution
Routing protocols
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:We present SinPack, a security protocol for preventing packet pollution attacks in network-coded content distribution networks. SinPack employs a homomorphically-addressable Bloom filter data structure to enforce the integrity of network-coded packets all the way from source to destination. Using a Bloom filter "amortizes" the functionality of traditional cryptographic integrity verification constructs (Message Authentication Codes, hash trees, digital signatures, etc) in a relatively small-sized data structure. This aids in reducing network traffic and, more significantly, allows the incremental integrity verification of out of order network packets. The novel homomorphic Bloom filter construction permits intermediate routers and destination end systems to verify the integrity of source packets even after being network-coded by routers. This methodology avoids the need to establish expensive and intricate trust relationships among the different network routers and ensures the authenticity of the integrity structures using a single source public-key operation. Moreover, SinPack not only allows the content downloader to immediately verify the integrity of coded packets, but also provides this capability to any intermediate router on the path to the destination. This helps in eliminating polluted packets in the network upstream closest to the source of attack and as a result contributes to a great reduction in bogus network traffic and hence sizeable energy savings.
ISBN:1424456363
9781424456369
ISSN:1930-529X
2576-764X
DOI:10.1109/GLOCOM.2010.5684305