A Secure and Robust Authentication Scheme against Pollution Attacks

The pollution attacks are amplified by the network coding process, resulting in a greater damage than under traditional routing. In this paper, this issue is handled by designing an unconditionally secure authentication code suitable for multicast network coding, where the keying material is initially computed and distributed by a trusted authority to the destinations and intermediate nodes. The proposed scheme allows not only destinations, but also intermediate nodes, to verify the integrity and origin of the packets received without having to decode, and thus detect and discard the malicious messages in transit that fail the verification. This way, the pollution is canceled out before reaching the destinations. Systems exploiting network coding to increase their throughput suffer greatly from pollution attacks, which consist of injecting malicious packets in the network. The proposed scheme is robust against pollution attacks from outsiders, as well as coalitions of malicious insider nodes, which have the ability to perform the integrity check, but instead get corrupted and use their knowledge to themselves attack the network. We analyze the performance of the scheme in terms of both throughput and good put.