secure network coding via filtered secret sharing
play

Secure Network Coding via Filtered Secret Sharing Jon Feldman, Tal - PowerPoint PPT Presentation

Jun 05, 2023 •625 likes •1.13k views

Secure Network Coding via Filtered Secret Sharing Jon Feldman, Tal Malkin, Rocco Servedio, Cliff Stein (Columbia University) jonfeld@ieor, tal@cs, rocco@cs, cliff@ieor .columbia.edu Feldman, Malkin, Servedio, Stein: Secure Network

  1. Secure Network Coding via Filtered Secret Sharing Jon Feldman, Tal Malkin, Rocco Servedio, Cliff Stein (Columbia University) jonfeld@ieor, tal@cs, rocco@cs, cliff@ieor .columbia.edu � ✁ Feldman, Malkin, Servedio, Stein: Secure Network Coding via Filtered Secret Sharing – p.1/21

  2. Network Coding and Security Network coding: new model of transmission... � ...how do we make it secure? ✁ 1. Cai and Yeung[02] wire-tap adversary: can look at any edges. ✂ ✁ Suff. conditions for secure multicast code. ✄ ✁ 2. Jain[04]: More precise cond. (one terminal). 3. Ho, Leong, Koetter, Médard, Effros, Karger [04]: Byzantine modification detection. Feldman, Malkin, Servedio, Stein: Secure Network Coding via Filtered Secret Sharing – p.2/21

  3. Network Coding and Security Network coding: new model of transmission... � ...how do we make it secure? ✁ 1. Cai and Yeung[02] wire-tap adversary: can look at any edges. ✂ ✁ Suff. conditions for secure multicast code. ✄ ✁ 2. Jain[04]: More precise cond. (one terminal). 3. Ho, Leong, Koetter, Médard, Effros, Karger [04]: Byzantine modification detection. This talk: precise analysis of wire-tap adversary, � balance between security, rate, edge bandwidth. Related: robustness [Koetter Médard 02]. � Feldman, Malkin, Servedio, Stein: Secure Network Coding via Filtered Secret Sharing – p.2/21

  4. Making our Example Secure ☎ � Use ☛ ✏ . � ✟ ☞ ✍ ✎ � ✁ ✂ ✂ ✡ ✄ ✠ ✌ ✌ Less ambitious goal: Send � one symbol to both � ✟ ✑ � � ✁ ✠ ✂ ✂ ✄ sinks. Choose randomly. ✟ � ✑ ✂ ✠ � � ✁ ✂ ✂ ✂ ✄ Can define symbols s.t. � any single wire-tapper learns nothing about , � ✂ ✂ both sinks can compute . � ✆ ✆ ✝ ✞ Feldman, Malkin, Servedio, Stein: Secure Network Coding via Filtered Secret Sharing – p.3/21

  5. Linear Multicast Network Coding (No Security) Given: Network ✁ ☎ , source , sinks � ✂ ✄ ✂ ✑ ☎ ✡ ✌ . min-cut value = . ✂ ✆ ✠ ✝ ✞ ✟ ✡ ☞ ✡ ☛ ☛ Goal: get message to every sink. ✟ ✍ � ✑ ✌ ✎ Feldman, Malkin, Servedio, Stein: Secure Network Coding via Filtered Secret Sharing – p.4/21

  6. Linear Multicast Network Coding (No Security) Given: Network ✁ ☎ , source , sinks � ✂ ✄ ✂ ✑ ☎ ✡ ✌ . min-cut value = . ✂ ✆ ✠ ✝ ✞ ✟ ✡ ☞ ✡ ☛ ☛ Goal: get message to every sink. ✟ ✍ � ✑ ✌ ✎ Network code: � ✁ ✄ Define coding vectors for each edge. ✟ ✍ ✁ ✑ � ✂ ✎ ✁ ✄ Edge carries symbol . ✁ ✌ � ✂ ☎ Feldman, Malkin, Servedio, Stein: Secure Network Coding via Filtered Secret Sharing – p.4/21

  7. Linear Multicast Network Coding (No Security) Given: Network ✁ ☎ , source , sinks � ✂ ✄ ✂ ✑ ☎ ✡ ✌ . min-cut value = . ✂ ✆ ✠ ✝ ✞ ✟ ✡ ☞ ✡ ☛ ☛ Goal: get message to every sink. ✟ ✍ � ✑ ✌ ✎ Network code: � ✁ ✄ Define coding vectors for each edge. ✟ ✍ ✁ ✑ � ✂ ✎ ✁ ✄ Edge carries symbol . ✁ ✌ � ✂ ☎ Feasibility of transmission: � ✁ ✄ ☛ ✁ ✄ ✏ (i) Every spanned by (or ). � � � � � ✁ ✁ ☎ ✡ ✂ ✌ ✌ Feldman, Malkin, Servedio, Stein: Secure Network Coding via Filtered Secret Sharing – p.4/21

  8. Linear Multicast Network Coding (No Security) Given: Network ✁ ☎ , source , sinks � ✂ ✄ ✂ ✑ ☎ ✡ ✌ . min-cut value = . ✂ ✆ ✠ ✝ ✞ ✟ ✡ ☞ ✡ ☛ ☛ Goal: get message to every sink. ✟ ✍ � ✑ ✌ ✎ Network code: � ✁ ✄ Define coding vectors for each edge. ✟ ✍ ✁ ✑ � ✂ ✎ ✁ ✄ Edge carries symbol . ✁ ✌ � ✂ ☎ Feasibility of transmission: � ✁ ✄ ☛ ✁ ✄ ✏ (i) Every spanned by (or ). � � � � � ✁ ✁ ☎ ✡ ✂ ✌ ✌ Recoverability at sinks: � ☛ ✁ ✄ ✏ (ii) For all , the vectors span . ✆ ✟ ✍ ✆ ✆ ✑ � ✁ ✂ ✌ ✎ Feldman, Malkin, Servedio, Stein: Secure Network Coding via Filtered Secret Sharing – p.4/21

  9. Wire-Tap Model, Randomness at the Source Adversary has access to any set of edges, ✂ � knows symbol transmitted along edge, � knows network code, topology, � has unlimited computational power. � Feldman, Malkin, Servedio, Stein: Secure Network Coding via Filtered Secret Sharing – p.5/21

  10. Wire-Tap Model, Randomness at the Source Adversary has access to any set of edges, ✂ � knows symbol transmitted along edge, � knows network code, topology, � has unlimited computational power. � Source allowed to generate random symbols ( ). � ✂ (Jain [04]: random bits at intermediate nodes) ✁ Feldman, Malkin, Servedio, Stein: Secure Network Coding via Filtered Secret Sharing – p.5/21

  11. Wire-Tap Model, Randomness at the Source Adversary has access to any set of edges, ✂ � knows symbol transmitted along edge, � knows network code, topology, � has unlimited computational power. � Source allowed to generate random symbols ( ). � ✂ (Jain [04]: random bits at intermediate nodes) ✁ Task: design function ✁ ☎ at source, coding � � ✌ ✁ ✂ ✡ ✌ vectors on edges s.t.: Coding vectors satisfy feasibility, ✁ Information recoverable at each sink, ✁ ✁ Information secure against adversary. ✁ ✁ Feldman, Malkin, Servedio, Stein: Secure Network Coding via Filtered Secret Sharing – p.5/21

  12. Wire-Tap Model, Randomness at the Source Adversary has access to any set of edges, ✂ � knows symbol transmitted along edge, � knows network code, topology, � has unlimited computational power. � Source allowed to generate random symbols ( ). � ✂ (Jain [04]: random bits at intermediate nodes) ✁ Task: design function ✁ ☎ at source, coding � � ✌ ✁ ✂ ✡ ✌ vectors on edges s.t.: Coding vectors satisfy feasibility, ✁ Information recoverable at each sink, ✁ ✁ Information secure against adversary. ✁ ✁ Goal: information-theoretic security. � Feldman, Malkin, Servedio, Stein: Secure Network Coding via Filtered Secret Sharing – p.5/21

  13. Security, Rate and Bandwidth We study possible trade-offs between security, rate � and bandwidth: Security = = # edges tapped . ✂ ✠ � ✞ ✟ ✡ ☞ ✡ ☛ ☛ Rate = = # information symbols multicast. ✆ Edge Bandwidth = , where symbols in . ✁ ✟ ✂ ✄ ☎ ✎ Feldman, Malkin, Servedio, Stein: Secure Network Coding via Filtered Secret Sharing – p.6/21

  14. Security, Rate and Bandwidth We study possible trade-offs between security, rate � and bandwidth: Security = = # edges tapped . ✂ ✠ � ✞ ✟ ✡ ☞ ✡ ☛ ☛ Rate = = # information symbols multicast. ✆ Edge Bandwidth = , where symbols in . ✁ ✟ ✂ ✄ ☎ ✎ Easy to show: . ✂ ✆ � � ✞ ✄ Feldman, Malkin, Servedio, Stein: Secure Network Coding via Filtered Secret Sharing – p.6/21

  15. Security, Rate and Bandwidth We study possible trade-offs between security, rate � and bandwidth: Security = = # edges tapped . ✂ ✠ � ✞ ✟ ✡ ☞ ✡ ☛ ☛ Rate = = # information symbols multicast. ✆ Edge Bandwidth = , where symbols in . ✁ ✟ ✂ ✄ ☎ ✎ Easy to show: . ✂ ✆ � � ✞ ✄ ✂ ✂ ✄ ✁ ✆ Cai and Yeung [02]: If , can send ✂ � ✆ � ☎ ✞ ✡ ✄ ☎ symbols securely. ✂ ✂ ✄ ✁ ✆ Construction time . ✁ ✝ ☎ Feldman, Malkin, Servedio, Stein: Secure Network Coding via Filtered Secret Sharing – p.6/21

  16. Our Results If you give up a little capacity, bandwidth � requirement reduced significantly: ☎ ✄ ✞ ✂ Thm: For any , if ✁ ✁ , can send ✍ ✄ � � ☎ � ☎ ✆ ✝ symbols securely. ✂ ✆ ✞ � ✡ ✄ Algorithm: poly-time, secure w.h.p. ✁ ☎ ✄ ✞ ✂ If ✁ ✁ ✁ ☎ , only need . ✂ ✟ ✄ ✁ � ✎ ☎ ☎ ✆ ✡ ✝ Feldman, Malkin, Servedio, Stein: Secure Network Coding via Filtered Secret Sharing – p.7/21

  17. Our Results If you give up a little capacity, bandwidth � requirement reduced significantly: ☎ ✄ ✞ ✂ Thm: For any , if ✁ ✁ , can send ✍ ✄ � � ☎ � ☎ ✆ ✝ symbols securely. ✂ ✆ ✞ � ✡ ✄ Algorithm: poly-time, secure w.h.p. ✁ ☎ ✄ ✞ ✂ If ✁ ✁ ✁ ☎ , only need . ✂ ✟ ✄ ✁ � ✎ ☎ ☎ ✆ ✡ ✝ If you do not give up capacity, then bandwidth � might have to be large: Thm: If , then there are examples ✂ ✆ ✞ ✡ ✄ where all solutions (using this method) must � ☎ have ✁ ✁ . ✄ ☎ Feldman, Malkin, Servedio, Stein: Secure Network Coding via Filtered Secret Sharing – p.7/21

  18. Relation w/ Cai & Yeung Core Lemma of Cai and Yeung: If one can � construct a matrix with certain independence properties relative to the coding vectors, then the network code can be altered to achieve security. Feldman, Malkin, Servedio, Stein: Secure Network Coding via Filtered Secret Sharing – p.8/21

Recommend

Homomorphic Secret Sharing II Homomorphic Secret Sharing for Branching Programs Under DDH Ele:e

Homomorphic Secret Sharing II Homomorphic Secret Sharing for Branching Programs Under DDH Ele:e

Homomorphic Secret Sharing II Homomorphic Secret Sharing for Branching Programs Under DDH Ele:e Boyle Niv Gilboa Yuval Ishai IDC BGU Technion & UCLA Secure ComputaGon Approaches Classical

342 views • 33 slides
Secret Sharing and Visual Cryptography Outline Secret Sharing Visual Secret Sharing

Secret Sharing and Visual Cryptography Outline Secret Sharing Visual Secret Sharing

Secret Sharing and Visual Cryptography Outline Secret Sharing Visual Secret Sharing Constructions Moir Cryptography Issues Secret Sharing Secret Sharing Threshold Secret Sharing (Shamir, Blakely 1979) Motivation

1.32k views • 62 slides
Network Coding Network Coding Jie Gao Existing network Existing network Independent data

Network Coding Network Coding Jie Gao Existing network Existing network Independent data

Network Coding Network Coding Jie Gao Existing network Existing network Independent data stream sharing the same network resources Packets over the Internet Signals in a phone network An analog: cars sharing a highway.

1.01k views • 46 slides
Advanced Tools from Modern Cryptography Lecture 3 Secret-Sharing (ctd.) Secret-Sharing Last

Advanced Tools from Modern Cryptography Lecture 3 Secret-Sharing (ctd.) Secret-Sharing Last

Advanced Tools from Modern Cryptography Lecture 3 Secret-Sharing (ctd.) Secret-Sharing Last time (n,t) secret-sharing (n,n) via additive secret-sharing Shamir secret-sharing for general (n,t) Shamir secret-sharing is a linear

611 views • 14 slides
Secret Sharing See: Shamir, How to Share a Secret , CACM, Vol. 22, No. 11, November 1979, pp.

Secret Sharing See: Shamir, How to Share a Secret , CACM, Vol. 22, No. 11, November 1979, pp.

Secret Sharing See: Shamir, How to Share a Secret , CACM, Vol. 22, No. 11, November 1979, pp. 612613 Eli Biham - May 3, 2005 c 497 Secret Sharing (17) How to Keep a Secret Key Securely Information can be secured by encryption under a

597 views • 23 slides
and Web Applications 06 Secure Coding Alexandros Labrinidis University of Pittsburgh Secure

and Web Applications 06 Secure Coding Alexandros Labrinidis University of Pittsburgh Secure

CS 1655 / Spring 2010 Secure Data Management and Web Applications 06 Secure Coding Alexandros Labrinidis University of Pittsburgh Secure Coding From: Secure Coding: Principles and Practices by Mark G. Graff & Kenneth R. Van Wyk

753 views • 17 slides
Breaking the Circuit-Size Barrier in Secret Sharing Tianren Liu Vinod Vaikuntanathan MIT MIT

Breaking the Circuit-Size Barrier in Secret Sharing Tianren Liu Vinod Vaikuntanathan MIT MIT

Breaking the Circuit-Size Barrier in Secret Sharing Tianren Liu Vinod Vaikuntanathan MIT MIT 50th ACM Symposium on Theory of Computing June 27, 2018 Secret Sharing [Blakley79,Shamir79,Ito-Saito-Nishizeki87] Secret Secret Sharing

790 views • 75 slides
Secret Sharing Using Non-Commutative Groups Bren Cavallo The Graduate Center, CUNY 5/30/2013

Secret Sharing Using Non-Commutative Groups Bren Cavallo The Graduate Center, CUNY 5/30/2013

Secret Sharing Using Non-Commutative Groups Bren Cavallo The Graduate Center, CUNY 5/30/2013 Outline 1. Introduction 2. Shamir Secret Sharing and Habeeb-Kahrobaei-Shpilrain secret sharing 3. Adjustments to HKS secret sharing and analysis

444 views • 27 slides
Today. Polynomials. Secret Sharing. A secret! I have a secret! A number from 0 to 10. What is

Today. Polynomials. Secret Sharing. A secret! I have a secret! A number from 0 to 10. What is

Today. Polynomials. Secret Sharing. A secret! I have a secret! A number from 0 to 10. What is it? Any one of you knows nothing! Any two of you can figure it out! Example Applications: Nuclear launch: need at least 3 out of 5 people to

513 views • 23 slides
Homomorphic Secret Sharing for Low Degree Polynomials Russell W. F. Lai, Giulio Malavolta , and

Homomorphic Secret Sharing for Low Degree Polynomials Russell W. F. Lai, Giulio Malavolta , and

Homomorphic Secret Sharing for Low Degree Polynomials Russell W. F. Lai, Giulio Malavolta , and Dominique Schrder Friedrich-Alexander University Erlangen-Nrnberg Homomorphic Secret Sharing A secret-sharing scheme allows a client to share his

247 views • 14 slides
Homomorphic Secret Sharing Ele2e Boyle Niv Gilboa Yuval Ishai IDC BGU

Homomorphic Secret Sharing Ele2e Boyle Niv Gilboa Yuval Ishai IDC BGU

Homomorphic Secret Sharing Ele2e Boyle Niv Gilboa Yuval Ishai IDC BGU Technion & UCLA PrimiLves AssumpLons 1970 PKE 1980 Signatures ZK OT Factoring Discrete Log 1990 Secure ComputaLon 2000

1.12k views • 64 slides
Towards Breaking the Exponential Barrier for General Secret Sharing Tianren Liu Vinod

Towards Breaking the Exponential Barrier for General Secret Sharing Tianren Liu Vinod

Towards Breaking the Exponential Barrier for General Secret Sharing Tianren Liu Vinod Vaikuntanathan Hoeteck Wee MIT MIT CNRS and ENS May 6, 2018 Secret Sharing [Blakley79,Shamir79,Ito-Saito-Nishizeki87] Secret s { 0 , 1 }

1.02k views • 85 slides
CS 166: Information Security Secret Sharing, Random Numbers, and Information Hiding Prof. Tom

CS 166: Information Security Secret Sharing, Random Numbers, and Information Hiding Prof. Tom

CS 166: Information Security Secret Sharing, Random Numbers, and Information Hiding Prof. Tom Austin San Jos State University Secret Sharing: Motivation Goal: make secret available, but make it hard to peek. Divide secret among

731 views • 48 slides
On the Local Leakage Resilience of Linear Secret Sharing Schemes Linear Secret Sharing Schemes

On the Local Leakage Resilience of Linear Secret Sharing Schemes Linear Secret Sharing Schemes

On the Local Leakage Resilience of Linear Secret Sharing Schemes Linear Secret Sharing Schemes Akshay Degwekar (MIT) Joint with Fabrice Benhamouda (IBM Research), Yuval Ishai (Technion) and Tal Rabin (IBM Research) Leakage attacks can be

547 views • 30 slides
CCN & Network Coding Cedric Westphal Huawei and UCSC ICN & Network Coding - RFC7933

CCN & Network Coding Cedric Westphal Huawei and UCSC ICN & Network Coding - RFC7933

CCN & Network Coding Cedric Westphal Huawei and UCSC ICN & Network Coding - RFC7933 9.5. Network Coding for Video Distribution in ICN An interesting research area for combining heterogeneous sources is to use network coding

248 views • 10 slides
Securing Secret Sharing Against Leakage and Tampering Ashutosh Kumar Based on joint works with

Securing Secret Sharing Against Leakage and Tampering Ashutosh Kumar Based on joint works with

Securing Secret Sharing Against Leakage and Tampering Ashutosh Kumar Based on joint works with Vipul Goyal, Raghu Meka, and Amit Sahai Secret Sharing secret s n s 1 s i Correctness: Any out of parties can

1.72k views • 144 slides
A Latin square autotopism secret sharing scheme Talk by Rebecca J. Stones Co-authors: Ming Su,

A Latin square autotopism secret sharing scheme Talk by Rebecca J. Stones Co-authors: Ming Su,

A Latin square autotopism secret sharing scheme Talk by Rebecca J. Stones Co-authors: Ming Su, Xiaoguang Liu, Gang Wang, (Nankai University) and Sheng Lin (Tianjin University of Technology). September 12, 2014 Secret sharing schemes Secret

1.43k views • 86 slides
Achieving Correctness in Fair Rational Secret Sharing Sourya Joyee De & Asim K Pal

Achieving Correctness in Fair Rational Secret Sharing Sourya Joyee De & Asim K Pal

Achieving Correctness in Fair Rational Secret Sharing Sourya Joyee De & Asim K Pal sjoyeede@gmail.com,asim@iimcal.ac.in Indian Institute of Management Calcutta 12th International Conference on Cryptology and Network Security November 20,

417 views • 22 slides
Fault-Tolerant and Secure Data Transmission Using Random Linear Network Coding Pouya Ostovari

Fault-Tolerant and Secure Data Transmission Using Random Linear Network Coding Pouya Ostovari

Fault-Tolerant and Secure Data Transmission Using Random Linear Network Coding Pouya Ostovari and Jie Wu Computer & Information Sciences Temple University Center for Networked Computing http://www.cnc.temple.edu Agenda Introduction

398 views • 19 slides
Successive Network Coding (SNC): A Mitigating Mechanism Against Eavesdropping Attacks In Network

Successive Network Coding (SNC): A Mitigating Mechanism Against Eavesdropping Attacks In Network

Successive Network Coding (SNC): A Mitigating Mechanism Against Eavesdropping Attacks In Network Coding Based Systems Vahid N. Talooki, University of Aveiro, Portugal Network Coding (NC) allows intermediate nodes not only to store and forward

307 views • 4 slides
Berkeley CS276 & MIT 6.875 Secret sharing and applications Lecturer: Raluca Ada Popa

Berkeley CS276 & MIT 6.875 Secret sharing and applications Lecturer: Raluca Ada Popa

Berkeley CS276 & MIT 6.875 Secret sharing and applications Lecturer: Raluca Ada Popa Starting to record Nuclear launch codes A judge, president and general receive shares ! , " , # of a secret from a

473 views • 35 slides
Lecture 11 Vector Linear Network Coding Vector Linear Network Coding Outline Fundamentals for

Lecture 11 Vector Linear Network Coding Vector Linear Network Coding Outline Fundamentals for

Introduction to Network Coding Tuvi Etzion Lecture 11 Vector Linear Network Coding Vector Linear Network Coding Outline Fundamentals for vector network coding The combination network Vector network code vs. scalar network code 2 Multicast

657 views • 32 slides
SECRET i. Is it the SECRET 2 - SECURITY RUN:2t1A.1.444 1. Is it the present British

SECRET i. Is it the SECRET 2 - SECURITY RUN:2t1A.1.444 1. Is it the present British

COPY SECRET SECURITY INFORAI 718 CIWULE -- SUDJECT :uestions for Presentation toL_ London, England TO: Info:L 1. Per reference a, it is requested that you secure answers to the following questions fropel Are there any basic

385 views • 11 slides
Today. Secret Sharing. Polynomials A polynomial P ( x ) = a d x d + a d 1 x d 1 +

Today. Secret Sharing. Polynomials A polynomial P ( x ) = a d x d + a d 1 x d 1 +

Today. Secret Sharing. Polynomials A polynomial P ( x ) = a d x d + a d 1 x d 1 + a 0 . is specified by coefficients a d ,... a 0 . Share secret among n people. Polynomials. P ( x ) contains point ( a , b ) if b = P ( a ) .

221 views • 8 slides

More recommend