network coding and information security raymond w. yeung the chinese university of hong kong joint...
TRANSCRIPT
![Page 1: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/1.jpg)
Network Coding and Information Security
Raymond W. YeungThe Chinese University of Hong Kong
Joint work with
Ning Cai, Xidian University
![Page 2: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/2.jpg)
Outline
• Introduction to Network Coding• The Max-flow Bound• Secure Network Coding• Concluding Remarks
![Page 3: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/3.jpg)
Introduction toNetwork Coding
![Page 4: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/4.jpg)
A Network Coding Example
The Butterfly Network
![Page 5: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/5.jpg)
b1 b2
b1
b1b1
b2
b2
b2
b2
b1
b1 b2
b1
b1
b2
b2b1+b2
b1+b2b1+b2
![Page 6: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/6.jpg)
A Network Coding Example
with Two Sources
![Page 7: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/7.jpg)
b1b2
b1 b2
b1 b2 b2b1
b1 b2
b2b1
b1+b2
b1+b2
b1+b2
![Page 8: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/8.jpg)
Wireless/Satellite Application
b1 b2
t = 1b1
t = 2
t = 3b1+b2
b2
b1+b2
50% saving for downlink bandwidth!
![Page 9: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/9.jpg)
Two Themes of Network Coding
• When there is 1 source to be multicast in a network, store-and-forward may fail to optimize bandwidth.
• When there are 2 or more independent sources to be transmitted in a network (even for unicast), store-and-forward may fail to optimize bandwidth.
In short, Information is NOT a commodity!
![Page 10: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/10.jpg)
Model of a Point-to-Point Network
• A network is represented by a directed graph G = (V,E) with node set V and edge (channel) set E.
• A symbol from an alphabet F can be transmitted on each channel.
• There can be multiple edges between a pair of nodes.
![Page 11: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/11.jpg)
Single-Source Network Coding
• The source node S generates an information vector
x = (x1 x2 … xk) Fk.• What is the condition for a node T to be able to
receive the information vector x?• Max-Flow Bound. If maxflow(T) < k, then T
cannot possibly receive x.
![Page 12: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/12.jpg)
The Basic Results
• If network coding is allowed, a node T can receive the information vector x iff
maxflow(T) ≥ki.e., the max-flow bound can be achieved simultaneously by all such nodes T. (ACLY00)
• Moreover, this can be achieved by linear network coding for a sufficiently large base field. (LYC03, KM03)
![Page 13: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/13.jpg)
Secure Network Coding
Cai and Y, 2002(discussed with Ueli Maurer, ISIT 2000)
![Page 14: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/14.jpg)
Problem Formulation
• The underlying model is the same as network multicast using network coding except that some sets of channels can be wiretapped.
• Let A be a collection of subsets of the edge set E.• A subset in A is called a wiretap set.• Each wiretap set may be fully accessed by a wiretapper.• No wiretapper can access more than one wiretap set.• The network code needs to be designed in a way such
that no matter which wiretap set the wiretapper has access to, the multicast message is information-theoretically secure.
![Page 15: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/15.jpg)
Our Coding Scheme
• The multicast message is (s,w), where• s is the secure message
• w is the randomness
• Both s and w are generated at the source node.
![Page 16: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/16.jpg)
A Example of a Secure Network Code
![Page 17: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/17.jpg)
s-w s+w
s-w
s-w
s+w
s+ww
wwOne of the 3 One of the 3 red channelsred channels can can be wiretappedbe wiretappeds is the secure messages is the secure messagew is the randomnessw is the randomness
![Page 18: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/18.jpg)
Another Example of Secure Network Coding
The (1,2)-threshold Secret Sharing Scheme
![Page 19: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/19.jpg)
wws+ws+w
s-ws-w
One of the 3 One of the 3 red channelsred channels can can be wiretappedbe wiretappeds is the secure messages is the secure messagew is the randomnessw is the randomness
![Page 20: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/20.jpg)
Construction of Secure Network Codes
• Let n = minT maxflow(T).• We have obtained a sufficient condition under which a
secure linear network code can be constructed. • In particular, if A consists of all the r-subsets of E, where r <
n, then we can construct a secure network code with multicast message (s,w) such that |s|=n-r and |w|=r.
• For this case, the condition is also necessary.• Interpretation: For a sink node T, if r channels in the network
are wiretapped, the number of “secure paths” from the source node to T is still at least n-r. So n-r symbols can go through securely.
![Page 21: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/21.jpg)
Global Encoding Kernels of a Linear Network Code
• Recall that x = (x1 x2 … xk) is the multicast message.
• For each channel e, assign a column vector fe such that the symbol sent on channel e is x fe. The vector fe is called the global encoding kernel of channel e.
• The global encoding kernel of a channel is analogous to a column in the generator matrix of a classical block code.
• The global encoding kernel of an output channel at a node must be a linear combination of the global encoding kernels of the input channels.
![Page 22: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/22.jpg)
An Example
k = 2, let x = (b1, b2)
![Page 23: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/23.jpg)
b1 b2
b1
b1
b2
b2b1+b2
b1+b2b1+b2
1
0
1
0
0
1
1
1
1
1
1
1
1
0
0
1
0
1
![Page 24: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/24.jpg)
Idea of Code Construction
• Start with a linear network code for multicasting n symbols.
• For all wiretap set A A, let fA = { fe : e A }, the set of global encoding kernels of the channels in A.
• Let dim(span(fA)) r for all A A. [sufficient condition]
• When the base field F is sufficiently large, we can find b1, b2, …, bn-r Fn such that
b1, b2, …, bn-r are linearly independent of fA
for all A A.
![Page 25: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/25.jpg)
• Let the multicast message be (s,w), with |s| = n-r and |w| = r.
• Take a suitable linear transformation of the given linear network code to obtain the desired secure network code.
![Page 26: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/26.jpg)
Recent Work (Cai and Y, ISIT 2007)
• We obtained a necessary and sufficient condition for the security of linear network codes.
• This condition applies in the cases when • There are more than one information source
nodes in the network.• The random keys are not uniformly distributed.
• This condition also shows that the security of a linear network code does not depend on the source distribution.
![Page 27: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/27.jpg)
Resources
• Network Coding Homepage
http://www.networkcoding.info• R. W. Yeung, S.-Y. R. Li, N. Cai and Z. Zhang,
Network Coding Theory, now Publishers, 2005 (Foundation and Trends in Communications and Information Theory).
• N. Cai and R. W. Yeung, “Secure network coding,” preprint.
![Page 28: Network Coding and Information Security Raymond W. Yeung The Chinese University of Hong Kong Joint work with Ning Cai, Xidian University](https://reader035.vdocument.in/reader035/viewer/2022070408/56649e625503460f94b5d636/html5/thumbnails/28.jpg)
Concluding Remarks
• Secure network coding is a generalization of both (regular) network coding and secret sharing.
• The subject is still in its infancy, and a lot of basic questions are yet to be answered.