[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN114430320B - Network coding method for preventing eavesdropping attack and pollution attack - Google Patents

Network coding method for preventing eavesdropping attack and pollution attack Download PDF

Info

Publication number
CN114430320B
CN114430320B CN202111432346.5A CN202111432346A CN114430320B CN 114430320 B CN114430320 B CN 114430320B CN 202111432346 A CN202111432346 A CN 202111432346A CN 114430320 B CN114430320 B CN 114430320B
Authority
CN
China
Prior art keywords
pseudo
random
matrix
key
submatrix
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111432346.5A
Other languages
Chinese (zh)
Other versions
CN114430320A (en
Inventor
舒红章
滕海
王冲
尤龙
王艳广
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Aerospace Science And Technology Network Information Development Co ltd
Original Assignee
Aerospace Science And Technology Network Information Development Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Aerospace Science And Technology Network Information Development Co ltd filed Critical Aerospace Science And Technology Network Information Development Co ltd
Priority to CN202111432346.5A priority Critical patent/CN114430320B/en
Publication of CN114430320A publication Critical patent/CN114430320A/en
Application granted granted Critical
Publication of CN114430320B publication Critical patent/CN114430320B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The specification discloses a network coding method for anti-eavesdropping attacks and pollution attacks, which comprises the following steps: generating an encryption matrix, a key matrix, a pseudorandom vector, a first pseudorandom function, a second pseudorandom function, a third pseudorandom function, a fourth pseudorandom function, a key matrix and an inner product of the key matrix and new information of the theta generation; transmitting the key matrix, the first pseudo-random function, the fourth pseudo-random function, the first pseudo-random number and the pseudo-random vector to the source node; transmitting one of a row of the key matrix, a fourth pseudo-random function and a pseudo-random vector to the intermediate node; and transmitting the key matrix, the pseudo-random vector, the first pseudo-random function, the second pseudo-random function, the third pseudo-random function and the fourth pseudo-random function to each information sink node. Therefore, the constant zero-space inner product can be utilized to simultaneously prevent pollution attack and track malicious pollution nodes, and the encryption matrix can be hidden in the element sum of the product matrix of the key submatrix and the generation information signature submatrix to prevent eavesdropping attack.

Description

Network coding method for preventing eavesdropping attack and pollution attack
Technical Field
The document relates to the technical field of communication, in particular to a network coding method for preventing eavesdropping attacks and pollution attacks.
Background
The network coding innovates the traditional network data storing and forwarding mode, allows the intermediate node to forward the recoded data packet, and can enable the network throughput to reach the maximum flow-minimum cut, but the network node is easy to suffer from security attack due to the recoding characteristic of the network coding, and mainly has pollution attack and eavesdropping attack. If pollution attack is not prevented, pollution can spread in the network, so that the information sink node can not decode the data packet correctly, and even the network is paralyzed; if the eavesdropping attack is not prevented, the important original information of the network can be leaked. The pollution prevention attack mainly comprises schemes based on error correction codes, pollution attack detection or malicious pollution node positioning. The anti-eavesdropping attacks mainly comprise an r-security network coding scheme, a strong r-security network coding scheme and a weak security network coding scheme.
The existing network coding schemes are single in most of anti-attack schemes, have only one function of anti-eavesdrop attacks and anti-pollution attacks, and even many schemes are only simple in preventing a certain type of attacks in pollution attacks, such as one of inter-generation pollution and tag pollution, do not have the anti-eavesdrop attacks, and are high in safety risk in practical application.
Disclosure of Invention
The specification provides a network coding method for preventing eavesdropping attacks and pollution attacks, which is used for solving the problem that most of anti-attack schemes in network coding schemes are single.
In a first aspect, embodiments of the present disclosure provide a network coding method for anti-eavesdropping attacks and pollution attacks, including:
The key distribution center generates an encryption matrix, a key matrix, a pseudo-random vector, a first pseudo-random function, a second pseudo-random function, a third pseudo-random function, a fourth pseudo-random function, a key matrix and an inner product of the key matrix and new theta information based on the selected finite field;
The key distribution center transmits the key matrix, the first pseudo-random function, the fourth pseudo-random function, the first pseudo-random number and the pseudo-random vector to a source node; transmitting one k j of a row Γ j of the key matrix, the fourth pseudo-random function, and the pseudo-random vector to an intermediate node; transmitting the key matrix, the pseudo-random vector, the first pseudo-random function, the second pseudo-random function, the third pseudo-random function, the fourth pseudo-random function to each sink node;
The source node determines a first signature submatrix based on a second key submatrix in the key matrix and the first pseudo-random number; generating a second signature submatrix based on the key matrix, information obtained by adding coding coefficients after encryption of the original information of the theta generation, and the inner product of the key matrix and new information of the theta generation; generating new information based on the information added with the coding coefficient after the original information of the theta generation is encrypted, a first signature submatrix and a second signature submatrix, coding the new information into a data packet, and sending the data packet to a downstream node, wherein the inner product of the key matrix and the new information of the theta generation is equal to the product of a first pseudo-random function and a second pseudo-random function, and the key matrix and the new information of the theta generation are matrices with the same row elements;
The intermediate node verifies the correctness of the data packet based on gamma j, the fourth pseudo-random function and k j, and recodes the data packet and sends the recoded data packet to a downstream node when the data packet passes verification;
The information sink node verifies the data packet based on the key matrix, the second pseudo-random function, the third pseudo-random function, the fourth pseudo-random function and the pseudo-random vector, and tracks malicious pollution nodes when the data packet fails verification; if the data packet passes the verification, decoding the data packet based on the first pseudo-random function.
Optionally, the generating, based on the selected finite field, an encryption matrix, a key matrix, a pseudorandom vector, a first pseudorandom function, a second pseudorandom function, a third pseudorandom function, a fourth pseudorandom function, a key matrix, and an inner product of the key matrix and new information of the θ generation includes:
selecting a first pseudorandom number p, a second pseudorandom number lambda 2 and a third pseudorandom number lambda 3 from the finite field;
Generating m-1 mutually different pseudo random numbers P 1,p2,...,pm-1 based on P and a first pseudo random function, and generating an m multiplied by m encryption matrix P based on P 1,p2,...,pm-1;
Generating m-1 mutually different pseudo random numbers lambda 2122,...,λ2(m-1) based on lambda 2, and generating a second key submatrix gamma 2 of r multiplied by m based on lambda 2122,...,λ2(m-1), wherein r is larger than m, and r is the number of intermediate nodes;
Generating r-1 mutually different pseudo random numbers lambda 3132,...,λ3(r-1) based on lambda 3, and generating a third key submatrix gamma 3 of r x r order based on lambda 3132,...,λ3(r-1);
Randomly generating a first key submatrix Γ 1 of order r× (m+n) based on the finite field;
Based on Γ 1、Γ2 and Γ 3, a key matrix Γ is generated.
Optionally, the generating, based on the selected finite field, an encryption matrix, a key matrix, a pseudorandom vector, a first pseudorandom function, a second pseudorandom function, a third pseudorandom function, a fourth pseudorandom function, a key matrix, and an inner product of the key matrix and new information of the θ generation includes:
randomly selecting r values from the finite field to generate the pseudo-random vector K;
generating an r x m order matrix Each element is the same and is constantF 1 is the second pseudo-random function, and id θ is the number of the theta generation original message;
Generating a j row and a j column of a matrix beta θθ,jj=F2(kj,idθ),βθ,jj with different r-order diagonal elements, which are not zero and are 0, beta θ, and F 2 is the third pseudo-random function;
generating an r x m order matrix The elements of the same row of Y θ are the same and are
yθ,j=F3(F1(kj,idθ),F2(kj,idθ))=F1(kj,idθ)F2(kj,idθ),F3 Is a fourth pseudo-random function.
Optionally, the determining the first signature sub-matrix based on the second key sub-matrix in the key matrix and the first pseudo-random number includes:
the first signature submatrix σ θ,1 is determined by the following formula:
Order the Then∑xij=p;
Wherein X is m×m order matrix, and X ij is the element of the ith row and jth column in X.
Optionally, the determining the first signature sub-matrix based on the second key sub-matrix in the key matrix and the first pseudo-random number includes:
the first signature submatrix σ θ,1 is determined by the following formula:
Order the Then
Optionally, the generating a second signature submatrix based on the key matrix, the information after the original information of the theta generation is encrypted and the information after the coding coefficient is added, and an inner product of the key matrix and the new information of the theta generation includes:
Source node pair theta generation original information Encryption to obtain
For a pair ofAdding coding coefficient I to obtain
Based on the first signature submatrix sigma θ,1, the first key submatrix, the second key submatrix, the third key submatrix,And determining a second signature submatrix by the inner product of the key matrix and the theta new information;
And adding a signature based on the first signature submatrix and the second signature submatrix to obtain new information.
Optionally, the generating new information based on the information after the coding coefficient is added after the original information of the theta generation is encrypted, the first signature submatrix and the second signature submatrix includes:
New information U θ,0=[Uθ σθ,1 σθ,2 ], and satisfies
Optionally, the verifying the correctness of the data packet based on Γ j, the fourth pseudo-random function, and k j includes:
Verification
Whether or not to establish;
if so, the data packet is verified and received; otherwise, judging that the data packet is polluted and discarding;
Wherein U θ,(i-1)d represents the packet vector received by N j from the input link d, and as follows, as well as, as follows, the symbol ". Ij.gtoreq.1 and is an odd number.
Optionally, the verifying the data packet based on the key matrix, the second pseudo-random function, the third pseudo-random function, the fourth pseudo-random function, and the pseudo-random vector, and tracking a malicious pollution node when the data packet is not verified, includes:
The information sink node verifies the received data packet U θ,(2(r+h))d
If not, judging that the data packet is polluted, failing to pass the verification, discarding, otherwise, receiving;
when the packet is not validated, pass F 2(kj,idθ), j=1,..r determines β θ;
At all of
In the method, the node corresponding to the established row key calculation is the malicious pollution node.
Optionally, the decoding the data packet based on the first pseudo random function includes:
Based on Obtaining p= Σx ij, and obtaining P by using P and a first pseudo-random function;
based on P, obtaining original information Or alternatively
Based onObtaining
In a second aspect, embodiments of the present disclosure further provide a network coding system for anti-eavesdropping attacks and pollution attacks, including: the system comprises a key distribution center, a source node, an intermediate node and a sink node, wherein:
the key distribution center is used for generating an encryption matrix, a key matrix, a pseudo-random vector, a first pseudo-random function, a second pseudo-random function, a third pseudo-random function, a fourth pseudo-random function, a key matrix and an inner product of the key matrix and theta generation new information based on the selected finite field;
The key distribution center is further configured to send the key matrix, the first pseudo-random function, the fourth pseudo-random function, a first pseudo-random number, and the pseudo-random vector to a source node; transmitting one k j of a row Γ j of the key matrix, the fourth pseudo-random function, and the pseudo-random vector to an intermediate node; transmitting the key matrix, the pseudo-random vector, the first pseudo-random function, the second pseudo-random function, the third pseudo-random function, the fourth pseudo-random function to each sink node;
The source node is configured to determine a first signature submatrix based on a second key submatrix in the key matrix and the first pseudo-random number; generating a second signature submatrix based on the key matrix, information obtained by adding coding coefficients after encryption of the original information of the theta generation, and the inner product of the key matrix and new information of the theta generation; generating new information based on the information added with the coding coefficient after the original information of the theta generation is encrypted, a first signature submatrix and a second signature submatrix, coding the new information into a data packet, and sending the data packet to a downstream node, wherein the inner product of the key matrix and the new information of the theta generation is equal to the product of a first pseudo-random function and a second pseudo-random function, and the key matrix and the new information of the theta generation are matrices with the same row elements;
The intermediate node is configured to verify correctness of the data packet based on Γ j, the fourth pseudo-random function, and k j, and recode the data packet and send the recoded data packet to a downstream node when the data packet passes verification;
the information sink node is used for verifying the data packet based on the key matrix, the second pseudo-random function, the third pseudo-random function, the fourth pseudo-random function and the pseudo-random vector, and tracking a malicious pollution node when the data packet fails verification; if the data packet passes the verification, decoding the data packet based on the first pseudo-random function.
Optionally, the key distribution center is specifically configured to:
selecting a first pseudorandom number p, a second pseudorandom number lambda 2 and a third pseudorandom number lambda 3 from the finite field;
Generating m-1 mutually different pseudo random numbers P 1,p2,...,pm-1 based on P and a first pseudo random function, and generating an m multiplied by m encryption matrix P based on P 1,p2,...,pm-1;
Generating m-1 mutually different pseudo random numbers lambda 2122,...,λ2(m-1) based on lambda 2, and generating a second key submatrix gamma 2 of r multiplied by m based on lambda 2122,...,λ2(m-1), wherein r is larger than m, and r is the number of intermediate nodes;
Generating r-1 mutually different pseudo random numbers lambda 3132,...,λ3(r-1) based on lambda 3, and generating a third key submatrix gamma 3 of r x r order based on lambda 3132,...,λ3(r-1);
Randomly generating a first key submatrix Γ 1 of order r× (m+n) based on the finite field;
Based on Γ 1、Γ2 and Γ 3, a key matrix Γ is generated.
Optionally, the key distribution center is specifically configured to:
randomly selecting r values from the finite field to generate the pseudo-random vector K;
generating an r x m order matrix Each element is the same and is constantF 1 is the second pseudo-random function, and id θ is the number of the theta generation original message;
Generating a j row and a j column of a matrix beta θθ,jj=F2(kj,idθ),βθ,jj with different r-order diagonal elements, which are not zero and are 0, beta θ, and F 2 is the third pseudo-random function;
generating an r x m order matrix The elements of the same row of Y θ are the same and are
yθ,j=F3(F1(kj,idθ),F2(kj,idθ))=F1(kj,idθ)F2(kj,idθ),F3 Is a fourth pseudo-random function.
Optionally, the source node is specifically configured to:
the first signature submatrix σ θ,1 is determined by the following formula:
Order the Then∑xij=p;
Wherein X is m×m order matrix, and X ij is the element of the ith row and jth column in X.
Optionally, the source node is specifically configured to:
the first signature submatrix σ θ,1 is determined by the following formula:
Order the Then
Optionally, the source node is specifically configured to:
Source node pair theta generation original information Encryption to obtain
For a pair ofAdding coding coefficient I to obtain
Based on the first signature submatrix sigma θ,1, the first key submatrix, the second key submatrix, the third key submatrix,And determining a second signature submatrix by the inner product of the key matrix and the theta new information;
And adding a signature based on the first signature submatrix and the second signature submatrix to obtain new information.
Optionally, the source node is specifically configured to:
New information U θ,0=[Uθ σθ,1 σθ,2 ], and satisfies
Optionally, the intermediate node is specifically configured to:
Verification
Whether or not to establish;
if so, the data packet is verified and received; otherwise, judging that the data packet is polluted and discarding;
Wherein U θ,(i-1)d represents the packet vector received by N j from the input link d, and as follows, as well as, as follows, the symbol ". Ij.gtoreq.1 and is an odd number.
Optionally, the sink node is specifically configured to:
The information sink node verifies the received data packet U θ,(2(r+h))d
If not, judging that the data packet is polluted, failing to pass the verification, discarding, otherwise, receiving;
when the packet is not validated, pass F 2(kj,idθ), j=1,..r determines β θ;
At all of
In the method, the node corresponding to the established row key calculation is the malicious pollution node.
Optionally, the sink node is specifically configured to:
Based on Obtaining p= Σx ij, and obtaining P by using P and a first pseudo-random function;
based on P, obtaining original information Or alternatively
Based onObtaining
The above-mentioned at least one technical scheme that this description embodiment adopted can reach following beneficial effect:
not only is the inner product of a constant zero space utilized to prevent inter-generation pollution attacks, tag pollution attacks and malicious pollution nodes from being tracked, but also matrix encryption is used for non-coding coefficient information, and an interception attack can be prevented by hiding an encryption matrix in the element sum of a product matrix of a key submatrix and a generation information signature submatrix.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this specification, illustrate embodiments of the application and together with the description serve to explain the application and do not constitute a limitation on the application. In the drawings:
fig. 1 is a schematic flow chart of a network coding method based on an anti-eavesdropping attack and a pollution attack according to an embodiment of the present disclosure;
fig. 2 is a schematic diagram of a KDC distribution key, a pseudorandom function, a pseudorandom vector, and a pseudorandom number according to an embodiment of the present disclosure.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the technical solutions of the present application will be clearly and completely described below with reference to specific embodiments of the present application and corresponding drawings. It will be apparent that the described embodiments are only some, but not all, embodiments of the application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
The following describes in detail the technical solutions provided by the embodiments of the present application with reference to the accompanying drawings.
Fig. 1 is a flow chart of a network coding method based on an anti-eavesdropping attack and a pollution attack according to an embodiment of the present disclosure, referring to fig. 1, the method may specifically include the following steps:
step 102, the key distribution center generates an encryption matrix, a key matrix, a pseudo-random vector, a first pseudo-random function, a second pseudo-random function, a third pseudo-random function, a fourth pseudo-random function, a key matrix and an inner product of the key matrix and new theta information based on the selected finite field;
Wherein the key matrix comprises a first key submatrix Γ 1, a second key submatrix Γ 2, and a third key submatrix Γ 3;
Step 102 may specifically be:
Selecting a large prime number q, determining a finite field F q, and taking a larger value under the conditions that other parameters can be solved, and system calculation and communication cost are reasonable; selecting a first pseudorandom number p, a second pseudorandom number lambda 2 and a third pseudorandom number lambda 3 from the finite field; Generating m-1 mutually different pseudo random numbers P 1,p2,...,pm-1 based on P and a first pseudo random function F 0, and generating an m multiplied by m order vandermonde determinant as a P encryption matrix based on P 1,p2,...,pm-1; Generating m-1 mutually different pseudo-random numbers lambda 2122,...,λ2(m-1) on a pseudo-random number generator based on lambda 2, generating an m x m order vandermonde determinant gamma 2(m×m) based on lambda 2122,...,λ2(m-1), Based on Γ 2(m×m), generating a second key submatrix Γ 2 of r×m order, wherein r is greater than m, and r is the number of intermediate nodes; generating r-1 mutually different pseudo-random numbers λ 3132,...,λ3(r-1) on a pseudo-random number generator based on λ 3, and generating a third key submatrix Γ 3 of the r×r order vandermonde determinant based on λ 3132,...,λ3(r-1); Randomly generating a first key submatrix Γ 1 of order r× (m+n) based on the finite field; Based on Γ 1、Γ2 and Γ 3, a key matrix is generated, and Γ 123 may specifically be composed into an r× (2m+n+r) order key matrix Γ= [ Γ 1Γ2Γ3 ].
Randomly selecting r values from the finite field to generate the pseudo-random vector k= (K 1,k2,...,kr); generating an r x m order matrix Each element is the same and is constantF 1 is the second pseudo-random function, and id θ is the number of the theta generation original message; generating a j row and a j column of a matrix beta θθ,jj=F2(kj,idθ),βθ,jj with different r-order diagonal elements, which are not zero and are 0, beta θ, and F 2 is the third pseudo-random function; generating an r x m order matrixThe elements of the same row of Y θ are the same and are
yθ,j=F3(F1(kj,idθ),F2(kj,idθ))=F1(kj,idθ)F2(kj,idθ),F3 F 3 is also id θ, a fourth pseudo-random function,Is a non-homomorphic encryption function of (a).
Wherein,
104, The key distribution center transmits the key matrix, the first pseudo-random function, the fourth pseudo-random function, the first pseudo-random number and the pseudo-random vector to the source node; transmitting one k j of a row Γ j of the key matrix, the fourth pseudo-random function, and the pseudo-random vector to an intermediate node; transmitting the key matrix, the pseudo-random vector, the first pseudo-random function, the second pseudo-random function, the third pseudo-random function, the fourth pseudo-random function to each sink node;
the KDC distributes the key, the pseudorandom function, the pseudorandom vector or the pseudorandom number to the corresponding node through the secure channel, and specifically, see fig. 2, which shows a diagram of the KDC distribution key Γ, Γ j, the pseudorandom number p, the pseudorandom function F 0、F1、F2、F3, the pseudorandom vector K, and the pseudorandom number K j.
The KDC sends a key matrix Γ, a pseudo-random function F 0、F3, a pseudo-random number p and a pseudo-random vector K to the source node, and is used for encrypting the original data or generating a signature; transmitting a row Γ j of Γ and a pseudo-random function F 3, a pseudo-random number k j to an intermediate node j for verifying the correctness of the data packet;
The key matrix Γ, the pseudorandom vector K and the pseudorandom functions F 0、F1、F2、F3,Γ、F1、F2、F3, K are sent to each sink node for verifying the data packet, tracking the malicious contaminating nodes, F 0 for decrypting the data packet. The pseudo random number p and the pseudo random function F 0 keep secret for the intermediate node; the information sink node can calculate P and P by using the data packet, Γ and F 0; the embedded pseudo random function F 1、F2,F1、F2 in the F 3 keeps the source node and the intermediate node secret.
Step 106, the source node determines a first signature submatrix based on a second key submatrix in the key matrix and the first pseudo-random number; generating a second signature submatrix based on the key matrix, information added with the coding coefficient after the original information of the theta generation is encrypted, and an inner product of the key matrix and new information of the theta generation, generating new information based on the information added with the coding coefficient after the original information of the theta generation is encrypted, a first signature submatrix and a second signature submatrix, encoding the new information into a data packet, and sending the data packet to a downstream node, wherein the inner product of the key matrix and the new information of the theta generation is equal to a product of a first pseudo-random function and a second pseudo-random function, and is a matrix with the same row elements;
the following steps for encrypting, signing and encoding the data packet by the source node are explained:
(1) Source node S is opposite to the original information of the theta generation Encryption to obtain
(2) Source node S givesAdding coding coefficient I into
(3) The source node S generates an m multiplied by m order signature sigma θ,1 which is marked as a first signature submatrix
1) Implementation 1 (optimum)
Order theWherein X is m×m order matrix, and X ij is the element of the ith row and jth column in X
Sigma x ij =p, better hiding p, thus hiding the encryption matrix in the sum of elements of the product matrix of the key submatrix and the generation information signature submatrix
2) Implementation 2
Order the
(4) The source node S generates an r multiplied by r order signature sigma θ,2 which is marked as a second signature submatrix
The embodiment is further based on the first signature submatrix sigma θ,1, the first key submatrix, the second key submatrix, the third key submatrix,And determining a second signature submatrix by an inner product of the key matrix and the theta new information, wherein the specific calculation mode comprises the following steps of:
(5) The source node S adds a signature to generate new information U θ,0=[Uθ σθ,1 σθ,2 which can prevent pollution and eavesdropping
U θ,0=[Uθ σθ,1 σθ,2 meets the following requirements
(6) Source node S codes U θ,0 to obtain U θ,1e
U θ,1e=αUθ,0,α=(α1 α2 …αm), where e represents an output link, α is the locally encoded vector of the randomly selected link e, and then U θ,1e is sent to the downstream node.
Step 108, the intermediate node verifies the correctness of the data packet based on Γ j, the fourth pseudo-random function and k j, and recodes the data packet and sends the recoded data packet to a downstream node when the data packet passes verification;
the verification and recoding process of the data packet is described below:
(1) The intermediate node N j verifies the data packet, and can prevent pollution
Intermediate node N j may pass verification
(U θ,(i-1)d indicates whether the data packet vector received by N j from the input link d is true or not, and judges whether the data packet is polluted (including inter-generation pollution, label pollution and the like), if yes, discarding, otherwise accepting. Wherein, the probability of passing verification is extremely low for the forged data packet of the common label pollution class, the forged data packet is discarded when not passing the verification, and the data packet is polluted between generationsThe verification formula is specifically as follows:
wherein, the ". Is an operator of any one of addition, subtraction, multiplication and division, i.e The probability of passing the verification is also extremely low and is discarded without passing.
(2) Intermediate node N j recoding data packet
Intermediate node N j(Nj, N (i-1)/2, where i is 1 or more and i is an odd number), recodes the matrix U θ,(i-1) of received packetsPseudo-random number vector η= (η 1 η2 …ηl), i is the number of input links, U θ,(i-1)d represents the packet vector received by intermediate node N j from input link d, U θ,ie represents the packet vector output by intermediate node N j from output link e, and η is the locally encoded vector of randomly selected link e.
Step 110, the information sink node verifies the data packet based on the key matrix, the second pseudo-random function, the third pseudo-random function, the fourth pseudo-random function and the pseudo-random vector, and tracks malicious pollution nodes when the data packet fails verification; if the data packet passes the verification, decoding the data packet based on the first pseudo-random function.
The following describes the packet verification and decoding process of the sink node:
(1) The information sink node R h validates the data packet to prevent pollution
For the received data packet U θ,(2(r+h))d, the sink node R h may select a row Γ j in Γ, through verificationI.e.
Whether the data packet U (2(r+h))d is polluted or not is judged, if yes, the data packet U (2(r+h))d is discarded, and if not, the data packet U (2(r+h))d is accepted. Verifying the specific mode in the same way as the step 108; wherein r is the number of intermediate nodes, and h is the number of sink nodes.
(2) If the verification of the data packet is not passed, the information sink node R h tracks the malicious pollution node
First F 2(kj,idθ), j=1,.. r to find β θ in all
In the method, the nodes corresponding to the established row key calculation are malicious pollution nodes, and the nodes corresponding to the unsatisfied row key calculation are honest nodes, so that the malicious pollution nodes can be tracked and shielded.
(3) If the data packet passes the verification, the information sink node decodes the data packet to prevent eavesdropping
1) Implementation 1 (optimum)
I.e.
The information sink node r selects m linearly independent data packet vectors from the received data packet vectors of the theta generation to form a data matrix U θ,2(r+h),Uθ,2(r+h), which can satisfy the formula:
W is the global coding coefficient matrix of U θ,2(r+h), the first m columns of U θ,2(r+h).
The information sink node r is inverted by W to obtain W -1, U θ,0=W-1Uθ,2(r+h) is further obtained, U θ is further obtained by U θ,0, and thenCan then be obtainedP= Σx ij, then P 1,p2,...,pm-1 is obtained by using pseudo-random function F 0, then P is obtained, and then the original information can be obtained
A few malicious intermediate nodes can decode U θ,But can not obtainBecause the probability of obtaining the whole gamma 2(m×m) through a few keys is low, the probability of obtaining X is also low, the probability of obtaining P is lower, and the original information is eavesdroppedThe probability of success is low, so that malicious intermediate nodes can be prevented from successfully eavesdropping on the original information with extremely high probability.
2) Implementation 2
I.e.
The information sink node r selects m linearly independent data packet vectors from the received data packet vectors of the theta generation to form a data matrix U θ,2(r+h),Uθ,2(r+h), which can satisfy the formula:
W is the global coding coefficient matrix of U θ,2(r+h), the first m columns of U θ,2(r+h).
The information sink node r is inverted by W to obtain W -1, U θ,0=W-1Uθ,2(r+h) is further obtained, U θ is further obtained by U θ,0, and thenAnd then the original information can be obtained
A few malicious intermediate nodes can decode U θ,But can not obtainBecause the probability of obtaining the whole gamma 2(m×m) through a few keys is low, the probability of obtaining P is also low, and the original information is eavesdroppedThe probability of success is also low, so that malicious intermediate nodes can be prevented from successfully eavesdropping on the original information with high probability.
Compared with the existing most network coding security schemes, the scheme has more and more comprehensive functions, can resist inter-generation pollution, tag pollution attack, locate pollution attack sources and also can resist eavesdropping attack.
Compared with the existing anti-pollution attack and intermediate node collusion attack positioning scheme, the key matrix Γ keeps unchanged the probability of all lines being guessed on the basis that information is not disclosed (collusion is not generated), the probability of each generation of information being successfully forged is reduced to 1/q m of the comparison scheme, and inter-generation pollution attack and eavesdropping attack can be prevented.
Moreover, compared with the existing homomorphic MAC security network coding scheme based on the null space, the pseudo random number calculation cost is reduced to be the scheme under the condition of small increase of communication cost and other calculation costAnd can also locate malicious pollution attack nodes and prevent eavesdropping attack.
In the scheme, the probability of successful pollution attack between the generations of downstream tau intermediate nodes by each malicious intermediate node is 1/q τ+1, and the probability of successful pollution attack between the generations of information sink nodes is 1/q.
In summary, according to the scheme, on one hand, the constant zero-space inner product used by the predecessor is utilized, and meanwhile, the inter-generation pollution attack, the tag pollution attack and the malicious pollution node tracking are prevented, and specifically:
The key distribution center KDC does not change the generated key matrix, uses a non-homomorphic encryption pseudo-random function of a generation identifier, generates different pseudo-random values for each generation identifier, is used as different zero-space constant products of the key matrix and information to be signed, is used for signature and verification of different generation information, can prevent malicious intermediate nodes from forging data packet values meeting verification requirements of the zero-space constant products which are calculated by the homomorphic encryption function according to different generation data packets and the zero-space constant products, and can prevent inter-generation pollution;
The intermediate node and the information sink node can detect the correctness of the data packet by utilizing the zero space constant product, and the label pollution is prevented;
the information sink node can also determine whether the relation between the calculated product value of each row of keys of the key matrix and the information and the zero space constant product is correct or not to locate the nodes with pollution among generations and malicious pollution caused by labels.
On the other hand, the scheme also well merges the information encryption and decryption method, and can prevent eavesdropping attack:
The non-coding coefficient information is matrix-encrypted, with little effort to conceal the encryption matrix in the sum of the elements of the product matrix of the key sub-matrix and the generation information signature sub-matrix. The information source node and the information destination node can obtain an information encryption matrix by utilizing the key submatrix, the signature submatrix and the corresponding pseudo-random generating function, decrypt the information, and the intermediate node cannot obtain the key submatrix and the corresponding pseudo-random generating function, so that the information encryption matrix cannot be obtained, and original information cannot be eavesdropped.
Based on the same invention, this document also provides a network coding system based on anti-eavesdropping attacks and pollution attacks, see fig. 2, which may include: the system comprises a key distribution center, a source node, an intermediate node and a sink node, wherein:
the key distribution center is used for generating an encryption matrix, a key matrix, a pseudo-random vector, a first pseudo-random function, a second pseudo-random function, a third pseudo-random function, a fourth pseudo-random function, a key matrix and an inner product of the key matrix and theta generation new information based on the selected finite field;
The key distribution center is further configured to send the key matrix, the first pseudo-random function, the fourth pseudo-random function, a first pseudo-random number, and the pseudo-random vector to a source node; transmitting one k j of a row Γ j of the key matrix, the fourth pseudo-random function, and the pseudo-random vector to an intermediate node; transmitting the key matrix, the pseudo-random vector, the first pseudo-random function, the second pseudo-random function, the third pseudo-random function, the fourth pseudo-random function to each sink node;
The source node is configured to determine a first signature submatrix based on a second key submatrix in the key matrix and the first pseudo-random number; generating a second signature submatrix based on the key matrix, information obtained by adding coding coefficients after encryption of the original information of the theta generation, and the inner product of the key matrix and new information of the theta generation; generating new information based on the information added with the coding coefficient after the original information of the theta generation is encrypted, a first signature submatrix and a second signature submatrix, coding the new information into a data packet, and sending the data packet to a downstream node, wherein the inner product of the key matrix and the new information of the theta generation is equal to the product of a first pseudo-random function and a second pseudo-random function, and the key matrix and the new information of the theta generation are matrices with the same row elements;
The intermediate node is used for verifying the correctness of the data packet based on the gamma j, the fourth pseudo-random function and the k j, recoding the data packet and sending the recoded data packet to a downstream node when the data packet passes the verification, and discarding the polluted data packet when the data packet does not pass the verification, so that pollution spreading and system paralysis caused by the participation of the polluted data packet in recoding of the downstream node are avoided, and pollution attack is well prevented;
The information sink node is used for verifying the data packet based on a key matrix, the second pseudo-random function, the third pseudo-random function, the fourth pseudo-random function and the pseudo-random vector, discarding the pollution data packet which is not verified in the data packet, avoiding that the original information caused by the participation of the pollution data packet in the information decoding can not be correctly decoded, well preventing pollution attack, tracking malicious pollution nodes when the data packet is not verified, notifying a system to shield the malicious pollution nodes, and terminating the pollution attack from the root; if the data packet passes verification, the data packet is decoded based on the first pseudo-random function, and the intermediate node can decode the information encrypted by the original information similar to the information sink node, but the probability of obtaining a complete encryption matrix is very low as the information sink node, and the probability of decrypting the original information is very low, so that eavesdropping attack is well prevented.
Optionally, the key distribution center is specifically configured to:
selecting a first pseudorandom number p, a second pseudorandom number lambda 2 and a third pseudorandom number lambda 3 from the finite field;
Generating m-1 mutually different pseudo random numbers P 1,p2,...,pm-1 based on P and a first pseudo random function, and generating an m multiplied by m encryption matrix P based on P 1,p2,...,pm-1;
Generating m-1 mutually different pseudo random numbers lambda 2122,...,λ2(m-1) based on lambda 2, and generating a second key submatrix gamma 2 of r multiplied by m based on lambda 2122,...,λ2(m-1), wherein r is larger than m, and r is the number of intermediate nodes;
Generating r-1 mutually different pseudo random numbers lambda 3132,...,λ3(r-1) based on lambda 3, and generating a third key submatrix gamma 3 of r x r order based on lambda 3132,...,λ3(r-1);
Randomly generating a first key submatrix Γ 1 of order r× (m+n) based on the finite field;
Based on Γ 1、Γ2 and Γ 3, a key matrix Γ is generated.
Optionally, the key distribution center is specifically configured to:
randomly selecting r values from the finite field to generate the pseudo-random vector K;
generating an r x m order matrix Each element is the same and is constantF 1 is the second pseudo-random function, and id θ is the number of the theta generation original message;
Generating a j row and a j column of a matrix beta θθ,jj=F2(kj,idθ),βθ,jj with different r-order diagonal elements, which are not zero and are 0, beta θ, and F 2 is the third pseudo-random function;
generating an r x m order matrix The elements of the same row of Y θ are the same and are
yθ,j=F3(F1(kj,idθ),F2(kj,idθ))=F1(kj,idθ)F2(kj,idθ),F3 Is a fourth pseudo-random function.
Optionally, the source node is specifically configured to:
the first signature submatrix σ θ,1 is determined by the following formula:
Order the Then∑xij=p;
Wherein X is m×m order matrix, and X ij is the element of the ith row and jth column in X.
Optionally, the source node is specifically configured to:
the first signature submatrix σ θ,1 is determined by the following formula:
Order the Then
Optionally, the source node is specifically configured to:
Source node pair theta generation original information Encryption to obtain
For a pair ofAdding coding coefficient I to obtain
Based on the first signature submatrix sigma θ,1, the first key submatrix, the second key submatrix, the third key submatrix,And determining a second signature submatrix by the inner product of the key matrix and the theta new information;
And adding a signature based on the first signature submatrix and the second signature submatrix to obtain new information.
Optionally, the source node is specifically configured to:
New information U θ,0=[Uθ σθ,1 σθ,2 ], and satisfies
Optionally, the intermediate node is specifically configured to:
Verification
Whether or not to establish;
if so, the data packet is verified and received; otherwise, judging that the data packet is polluted and discarding;
Wherein U θ,(i-1)d represents the packet vector received by N j from the input link d, and as follows, as well as, as follows, the symbol ". Ij.gtoreq.1 and is an odd number.
Optionally, the sink node is specifically configured to:
The information sink node verifies the received data packet U θ,(2(r+h))d
If not, judging that the data packet is polluted, failing to pass the verification, discarding, otherwise, receiving;
when the packet is not validated, pass F 2(kj,idθ), j=1,..r determines β θ;
At all of
In the method, the node corresponding to the established row key calculation is the malicious pollution node.
Optionally, the sink node is specifically configured to:
Based on Obtaining p= Σx ij, and obtaining P by using P and a first pseudo-random function;
based on P, obtaining original information Or alternatively
Based onObtaining
On one hand, the system utilizes the constant zero space inner product which is less used, and simultaneously prevents inter-generation pollution attack, label pollution attack and tracks malicious pollution nodes; on the other hand, the scheme also well merges the information encryption and decryption method, and can prevent eavesdropping attack.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The foregoing is merely exemplary of the present application and is not intended to limit the present application. Various modifications and variations of the present application will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. which come within the spirit and principles of the application are to be included in the scope of the claims of the present application.

Claims (1)

1. A network coding method for anti-eavesdropping attacks and pollution attacks, comprising:
The key distribution center generates an encryption matrix, a key matrix, a pseudo-random vector, a first pseudo-random function, a second pseudo-random function, a third pseudo-random function, a fourth pseudo-random function, a key matrix and an inner product of the key matrix and new theta information based on the selected finite field;
The key distribution center transmits the key matrix, the first pseudo-random function, the fourth pseudo-random function, the first pseudo-random number and the pseudo-random vector to a source node; transmitting one k j of a row Γ j of the key matrix, the fourth pseudo-random function, and the pseudo-random vector to an intermediate node; transmitting the key matrix, the pseudo-random vector, the first pseudo-random function, the second pseudo-random function, the third pseudo-random function, the fourth pseudo-random function to each sink node;
The source node determines a first signature submatrix based on a second key submatrix in the key matrix and the first pseudo-random number; generating a second signature submatrix based on the key matrix, information obtained by adding coding coefficients after encryption of the original information of the theta generation, and the inner product of the key matrix and new information of the theta generation; generating new information based on the information added with the coding coefficient after the original information of the theta generation is encrypted, a first signature submatrix and a second signature submatrix, coding the new information into a data packet, and sending the data packet to a downstream node, wherein the inner product of the key matrix and the new information of the theta generation is equal to the product of a first pseudo-random function and a second pseudo-random function, and the key matrix and the new information of the theta generation are matrices with the same row elements;
The intermediate node verifies the correctness of the data packet based on gamma j, the fourth pseudo-random function and k j, and recodes the data packet and sends the recoded data packet to a downstream node when the data packet passes verification;
The information sink node verifies the data packet based on the key matrix, the second pseudo-random function, the third pseudo-random function, the fourth pseudo-random function and the pseudo-random vector, and tracks malicious pollution nodes when the data packet fails verification; if the data packet passes the verification, decoding the data packet based on the first pseudo-random function;
The generating, based on the selected finite field, an encryption matrix, a key matrix, a pseudorandom vector, a first pseudorandom function, a second pseudorandom function, a third pseudorandom function, a fourth pseudorandom function, a key matrix, and an inner product of the key matrix and new information of the theta generation includes:
selecting a first pseudorandom number p, a second pseudorandom number lambda 2 and a third pseudorandom number lambda 3 from the finite field;
Generating m-1 mutually different pseudo random numbers P 1,p2,...,pm-1 based on P and a first pseudo random function, and generating an m multiplied by m encryption matrix P based on P 1,p2,...,pm-1;
Generating m-1 mutually different pseudo random numbers lambda 2122,...,λ2(m-1) based on lambda 2, and generating a second key submatrix gamma 2 of r multiplied by m based on lambda 2122,...,λ2(m-1), wherein r is larger than m, and r is the number of intermediate nodes;
generating r-1 mutually different pseudo random numbers lambda 3132,...,λ3(r-1) based on lambda 3, and generating a third key submatrix gamma 3 of r x r order based on lambda 3132,...,λ3(r-1);
Randomly generating a first key submatrix Γ 1 of order r× (m+n) based on the finite field;
generating a key matrix Γ based on Γ 1、Γ2 and Γ 3;
The generating, based on the selected finite field, an encryption matrix, a key matrix, a pseudorandom vector, a first pseudorandom function, a second pseudorandom function, a third pseudorandom function, a fourth pseudorandom function, a key matrix, and an inner product of the key matrix and new information of the theta generation includes:
randomly selecting r values from the finite field to generate the pseudo-random vector K;
generating an r x m order matrix Each element is the same and isA constant, F 1 is the second pseudo-random function, and id θ is the number of the original information of the theta generation;
Generating a j row and a j column of a matrix beta θθ,jj=F2(kj,idθ),βθ,jj with different r-order diagonal elements, which are not zero and are 0, beta θ, and F 2 is the third pseudo-random function;
generating an r x m order matrix The elements in the same row of Y θ are the same, yθ,j=F3(F1(kj,idθ),F2(kj,idθ))=F1(kj,idθ)F2(kj,idθ),F3 is a fourth pseudo-random function, and k j is a pseudo-random number;
Wherein said determining a first signature sub-matrix based on a second key sub-matrix in said key matrix and said first pseudo-random number comprises:
the first signature submatrix σ θ,1 is determined by the following formula:
Order the Then
Wherein X is m×m order matrix, and X ij is the element of the ith row and the jth column in X;
Wherein said determining a first signature sub-matrix based on a second key sub-matrix in said key matrix and said first pseudo-random number comprises:
the first signature submatrix σ θ,1 is determined by the following formula:
Order the Then
The generating a second signature submatrix based on the key matrix, the information added with the coding coefficient after the original information of the theta generation is encrypted, and the inner product of the key matrix and the new information of the theta generation comprises the following steps:
Source node pair theta generation original information Encryption to obtain
For a pair ofAdding coding coefficient I to obtain
Based on the first signature submatrix sigma θ,1, the first key submatrix, the second key submatrix, the third key submatrix,And determining a second signature submatrix by the inner product of the key matrix and the theta new information;
The generating new information based on the information after the theta generation original information is encrypted and the coding coefficient is added, the first signature submatrix and the second signature submatrix comprises the following steps:
New information U θ,0=[Uθ σθ,1 σθ,2 ], and satisfies
Wherein verifying correctness of the data packet based on Γ j, the fourth pseudo-random function, and k j comprises:
Verification
Whether or not to establish;
if so, the data packet is verified and received; otherwise, judging that the data packet is polluted and discarding;
Wherein U θ,(i-1)d represents a data packet vector received by N j from an input link d, represents any one of an operator of addition, subtraction, multiplication and division, and i is more than or equal to 1 and is an odd number;
Wherein said validating said data packet based on said key matrix, said second pseudo-random function, said third pseudo-random function, said fourth pseudo-random function, and said pseudo-random vector, and tracking a malicious contaminating node when the data packet is not validated, comprises:
The information sink node verifies the received data packet U θ,(2(r+h))d
If not, judging that the data packet is polluted, failing to pass the verification, discarding, otherwise, receiving;
when the packet is not validated, by F 2(kj,idθ), j=1, …, r determines β θ;
At all of
The node corresponding to the established row key calculation is a malicious pollution node;
wherein said decoding of the data packet based on said first pseudo-random function comprises:
Based on Obtaining p=Σx ij, and obtaining P by using P and a first pseudo-random function; based on P, obtaining original informationOr alternatively
Based onObtaining
CN202111432346.5A 2021-11-29 2021-11-29 Network coding method for preventing eavesdropping attack and pollution attack Active CN114430320B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111432346.5A CN114430320B (en) 2021-11-29 2021-11-29 Network coding method for preventing eavesdropping attack and pollution attack

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111432346.5A CN114430320B (en) 2021-11-29 2021-11-29 Network coding method for preventing eavesdropping attack and pollution attack

Publications (2)

Publication Number Publication Date
CN114430320A CN114430320A (en) 2022-05-03
CN114430320B true CN114430320B (en) 2024-10-11

Family

ID=81311959

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111432346.5A Active CN114430320B (en) 2021-11-29 2021-11-29 Network coding method for preventing eavesdropping attack and pollution attack

Country Status (1)

Country Link
CN (1) CN114430320B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009177255A (en) * 2008-01-21 2009-08-06 Ricoh Co Ltd Image processing system and image processing device
CN107154855A (en) * 2017-06-23 2017-09-12 南京邮电大学 The anti-omnipotent attack secure network coding method signed based on homomorphism linear subspaces

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101267277B (en) * 2008-04-30 2012-08-08 西安电子科技大学 Theft-prevention and pollution prevention network coding method
CN101714910B (en) * 2009-11-20 2012-10-24 西安电子科技大学 Anti-pollution network encoding method based on probability detection
CN103746770A (en) * 2013-12-20 2014-04-23 浙江工业大学 Message authentication code and probability secret key distribution mechanism-based anti-pollution network coding method
CN110166247B (en) * 2019-05-06 2022-03-04 湖北工业大学 Network coding signature method capable of preventing pollution attack and positioning intermediate node collusion attack

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009177255A (en) * 2008-01-21 2009-08-06 Ricoh Co Ltd Image processing system and image processing device
CN107154855A (en) * 2017-06-23 2017-09-12 南京邮电大学 The anti-omnipotent attack secure network coding method signed based on homomorphism linear subspaces

Also Published As

Publication number Publication date
CN114430320A (en) 2022-05-03

Similar Documents

Publication Publication Date Title
CN109672518B (en) Node data processing of quantum attack resistant blockchains
Hashemi et al. DarKnight: An accelerated framework for privacy and integrity preserving deep learning using trusted hardware
Everspaugh et al. Key rotation for authenticated encryption
Chikouche et al. A privacy-preserving code-based authentication protocol for Internet of Things
Neish et al. Quantum‐resistant authentication algorithms for satellite‐based augmentation systems
Kumar et al. A review and analysis of secure and lightweight ECC‐based RFID authentication protocol for Internet of Vehicles
Megias et al. Privacy-aware peer-to-peer content distribution using automatically recombined fingerprints
Wang et al. Cloud-based federated boosting for mobile crowdsensing
Nosouhi et al. Weak-key analysis for BIKE post-quantum key encapsulation mechanism
Harmalkar et al. A survey of post quantum key encapsulation mechanism
Yang et al. Lattice klepto revisited
CN114430320B (en) Network coding method for preventing eavesdropping attack and pollution attack
Zeng et al. An IND-CCA2 secure post-quantum encryption scheme and a secure cloud storage use case
CN118677611A (en) Quantum attack resistant threshold public key encryption system and method
Chen et al. Controlled SWAP attack and improved quantum encryption of arbitrated quantum signature schemes
Zhang et al. Universal secure error-correcting (SEC) schemes for network coding via McEliece cryptosystem based on QC-LDPC codes
CN117254927A (en) Public key encryption method and system for preventing leakage and hiding attribute based on edge calculation
Liang et al. RESH: A Secure Authentication Algorithm Based on Regeneration Encoding Self‐Healing Technology in WSN
Liu et al. Attribute‐Based Fully Homomorphic Encryption Scheme from Lattices with Short Ciphertext
Yang et al. Identity‐Based Unidirectional Collusion‐Resistant Proxy Re‐Encryption from U‐LWE
Tan et al. A secure cloud-assisted certificateless group authentication scheme for VANETs in big data environment
Schröder A novel timing side-channel assisted key-recovery attack against HQC
Sun et al. IoV‐SDCM: An IoV Secure Data Communication Model Based on Network Encoding and Relay Collaboration
Thanalakshmi et al. A new code‐based designated verifier signature scheme
González de la Torre et al. About the Fujisaki-Okamoto transformation in the code-based algorithms of the NIST post-quantum call

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant