共查询到15条相似文献,搜索用时 171 毫秒
1.
2.
3.
针对污染和重放攻击提出一个新的多源网络编码签名算法,利用同态加密算法构造签名方案来抵御污染攻击,通过引入消息代的序号,防止了代间的重放攻击,并且采用线性计算方法来减少节点的验证时间,降低了对结点计算能力的要求,特别适合于无线传感器网络或自组织网络. 相似文献
4.
由于网络编码极易遭受污染攻击的破坏,文中基于RSA问题的难解性提出了一种适用于多源网络编码同态签名方案,以应对污染攻击和重放攻击.该方案能够阻止恶意修改的数据分组,被污染的数据分组会被验证者丢弃,从而保证了系统的安全性.由于方案是为多源网络编码设计的,不需要额外的安全信道,且采用线性计算,大大降低了对结点计算能力的要求,节省了结点的验证时间.此外,通过引入消息代序号,该方案可以防止代间重放攻击. 相似文献
5.
为提高无线网络抗污染攻击性能,提出一种基于消息认证混合同态签名的无线网络抗污染攻击方案。首先,采用有向多重图的源节点、非源节点集和链路集对无线网络编码过程进行模型构建,并考虑数据污染攻击和标签污染攻击2种类型的污染攻击建立网络抗污染模型;其次,利用MACs和D-MACs以及Sign同态签名方案,建立混合型的同态签名方案,实现对抗污染攻击模型的消息验证过程的改进,保证了每个MAC编码数据包内容的完整性,并提升了算法的执行效率;最后,通过在基于ASNC机制的实验模拟环境下,对所提算法在被污染节点百分比、流量累积分布和计算效率3个指标中的实验对比,验证了所提算法的性能优势。 相似文献
6.
7.
8.
9.
网络编码技术对于提高网络吞吐量、均衡网络负载、提高带宽利用率、增强网络的鲁棒性等方面都有明显的优势,但是无法直接抵抗污染攻击.最近,学者提出了基于同态哈希函数的签名方案,可以较好检测污染攻击,但是很难定位被污染的节点.本文结合两者的优势提出了一个基于数字签名的网络编码方案,该方案不仅能够抵抗污染攻击,而且能有效地确定出攻击源的位置,从而降低污染攻击对网络造成的影响,并提升网络的健壮性. 相似文献
10.
当前针对污染攻击的解决方案需要公钥基础设施支持,但这对于移动Ad hoc网络而言并不可取,因此提出了无需公钥基础设施的网络编码方案。所提方案允许数据包相互验证,从而使中间节点可判断这些包是否可以未经源验证即可共同编码。分析和比较了其他签名方案,表明无需公钥的网络编码签名功能足以防止污染攻击。 相似文献
11.
It has been proven that network coding can provide significant benefits to networks. However, network coding is very vulnerable to pollution attacks. In recent years, many schemes have been designed to defend against these attacks, but as far as we know almost all of them are inapplicable for multi-source network coding system. This paper proposed a novel homomorphic signature scheme based on bilinear pairings to stand against pollution attacks for multi-source network coding, which has a broader application background than single-source network coding. Our signatures are publicly verifiable and the public keys are independent of the files so that our scheme can be used to authenticate multiple files without having to update public keys. The signature length of our proposed scheme is as short as the shortest signatures of a single-source network coding. The verification speed of our scheme is faster than those signature schemes based on elliptic curves in the single-source network. 相似文献
12.
The network coding based applications are vulnerable to possible malicious pollution attacks. Signature schemes have been well-recognized as the most effective approach to address this security issue. However, existing homomorphic signature schemes for network coding either incur high transmission/computation overhead, or are vulnerable to random forgery attacks. In this paper, we propose a novel dynamic-identity based signature scheme for network coding by signing linear vector subspaces. The scheme can rapidly detect/drop the packets that are generated from pollution attacks, and efficiently thwart random forgery attack. By employing fast packet-based and generation-based batch verification approaches, a forwarding node can verify multiple received packets synchronously with dramatically reduced total verification cost. In addition, the proposed scheme provides one-way identity authentication without requiring any extra secure channels or separate certificates, so that the transmission cost can be significantly reduced. Simulation results demonstrate the practicality and efficiency of the proposed schemes. 相似文献
13.
网络编码理论的提出在提高网络吞吐量、构建网络的鲁棒性等方面都有着明显的优势,但是极易受到污染攻击。很多学者提出了使用同态函数的性质来构造安全方案,能够有效地抵抗污染攻击。但是很少能够确定出污染攻击所发生的网络节点。针对确定污染攻击所发生的节点问题,设计出一个基于同态哈希函数的签名方案,能够抵抗污染攻击并有效地确定出攻击所发生的节点位置。 相似文献
14.
Heng He Ruixuan Li Zhiyong Xu Weijun Xiao 《Peer-to-Peer Networking and Applications》2014,7(4):572-589
Network coding has been demonstrated to be able to improve the performance of P2P content distribution. However, it is vulnerable to pollution attacks where malicious peers can flood the network with corrupted blocks easily, leading to substantial performance degradation. Moreover, existing corruption detection schemes for network coding are not well suited to P2P systems. Effective scheme to detect the corruption and identify the attacker is required to thwart such attacks. In this paper, we propose an efficient ECC-based mechanism for securing network coding-based P2P content distribution, namely ESNC, which includes an efficient network coding signature scheme and an identity-based malicious peer identification scheme. The two schemes cooperate to thwart pollution attacks on network coding effectively in P2P networks, not only detecting corrupted blocks on-the-fly efficiently, but also precisely identifying all the malicious peers quickly. ESNC is mainly based on elliptic curve cryptography (ECC) and can provide high level of security. It incurs significantly less computation and communication overheads than other comparable state-of-the-art schemes for P2P systems. ESNC can work with arbitrary topologies, as it is the case in P2P networks. Security analysis demonstrates that ESNC can resist hash collision attacks, signature forgery attacks, and collusion attacks with arbitrary number of colluding malicious peers. Simulation results show that ESNC effectively limits the corruption spread and identifies all the malicious peers in a short time under different practical settings. 相似文献
15.
Alireza Esfahani Georgios Mantas Jonathan Rodriguez José Carlos Neves 《International Journal of Information Security》2017,16(6):627-639
Recent research efforts have shown that wireless networks can benefit from network coding (NC) technology in terms of bandwidth, robustness to packet losses, delay and energy consumption. However, NC-enabled wireless networks are susceptible to a severe security threat, known as data pollution attack, where a malicious node injects into the network polluted packets that prevent the destination nodes from decoding correctly. Due to recoding, occurred at the intermediate nodes, according to the core principle of NC, the polluted packets propagate quickly into other packets and corrupt bunches of legitimate packets leading to network resource waste. Hence, a lot of research effort has been devoted to schemes against data pollution attacks. Homomorphic MAC-based schemes are a promising solution against data pollution attacks. However, most of them are susceptible to a new type of pollution attack, called tag pollution attack, where an adversary node randomly modifies tags appended to the end of the transmitted packets. Therefore, in this paper, we propose an efficient homomorphic message authentication code-based scheme, called HMAC, providing resistance against data pollution attacks and tag pollution attacks in NC-enabled wireless networks. Our proposed scheme makes use of three types of homomorphic tags (i.e., MACs, D-MACs and one signature) which are appended to the end of the coded packet. Our results show that the proposed HMAC scheme is more efficient compared to other competitive tag pollution immune schemes in terms of complexity, communication overhead and key storage overhead. 相似文献