信息网络安全 ›› 2015, Vol. 15 ›› Issue (6): 33-40.doi: 10.3969/j.issn.1671-1122.2015.06.006

• 技术研究 • 上一篇    下一篇

基于网络编码的同态HASH抗污染攻击系统研究

陈福臻1,2(), 程久军1,2, 廖竞学1,2, 邵剑雨1,2   

  1. 1.同济大学计算机科学与工程系,上海 201804
    2.同济大学嵌入式系统与服务计算教育部重点实验室,上海 201804
  • 收稿日期:2015-04-28 出版日期:2015-06-20 发布日期:2018-07-16
  • 作者简介:

    作者简介: 陈福臻(1990-),男,福建,硕士研究生,主要研究方向:移动互联网、信息安全、隐私保护;程久军(1974-),男,安徽,副教授,博士,主要研究方向:对等(P2P)网络、隐私保护、移动计算、物联网等;廖竞学(1991-),男,广西,硕士研究生,主要研究方向:移动互联网、车联网;邵剑雨(1992-),男,山东,硕士研究生,主要研究方向:移动互联网、物联网。

  • 基金资助:
    国家国际科技合作专项[2013DFM10100]

Research on Homomorphic HASH System for Anti-Pollution-Attack Based on Network Coding

Fu-zhen CHEN1,2(), Jiu-jun CHENG1,2, Jing-xue LIAO1,2, Jian-yu SHAO1,2   

  1. 1. Department of Computer Science & Engineering, Tongji University, Shanghai 201804, China;
    2. Key Laboratory of Embedded System and Service Computing of Ministry of Education, Tongji University, Shanghai 201804, China
  • Received:2015-04-28 Online:2015-06-20 Published:2018-07-16

摘要:

文章在已有的同态HASH签名基础上,为了解决网络编码传输过程中容易遭受污染攻击的问题,提出了一种新型的应用同态HASH函数的抗污染攻击系统,网络中的各个节点通过同步同态HASH函数的参数和原始消息分组的HASH值来对所收到的每个分组进行验证,只有通过验证的分组才会转发给下一个节点。该方案结合了针对源节点与目标节点端对端在线验证的安全ACK验证方案,从而能有效抵抗网络编码中的污染攻击。同时,为了有效降低网络编码中各节点的运算时间,文章提出了硬件加速的方法,利用FPGA开发板进行数据分组的验证以及编码操作,以提高系统的运行效率。该系统能够提高整体网络吞吐量,并确保被篡改的数据不会因为编码在整个网络中扩散,对于网络编码环境下的网络传输安全具有重要的作用。

关键词: 网络编码, 同态HASH, FPGA, 抗污染攻击

Abstract:

We bring forward an anti-pollution-attack system with homomorphism hash function based on the homomorphic signature, which is a valid way to solve the problem that the transmission of network coding is likely to be pollution-attacked. In that way, every node in the network will verify passing groups by a sync parameter of hash function and hash of original message groups which is received in advance. Only the verified packet will be forwarded to the next node. We also use an ACK authentication solution between source node and destination node to resist pollution-attack in network coding. Also, we propose the hardware accelerated to reduce the computing time of each node. We use FPGA board to verification of data packet and encoding operation, which can improve the efficiency of the system. Another advantage of our system is to improve the transmission of network and it will discard polluted data groups automatically. It plays an important role in security transportation of network coding.

Key words: network coding, homomorphic HASH, FPGA, anti-pollution-attack

中图分类号: