An Efficient Signature-Based Scheme for Securing Network Coding Against Pollution Attacks

Network coding provides the possibility to maximize network throughput and receives various applications in traditional computer networks, wireless sensor networks and peer-to-peer systems. However, the applications built on top of network coding are vulnerable to pollution attacks, in which the compromised forwarders can inject polluted or forged messages into networks. Existing schemes addressing pollution attacks either require an extra secure channel or incur high computation overhead. In this paper, we propose an efficient signature-based scheme to detect and filter pollution attacks for the applications adopting linear network coding techniques. Our scheme exploits a novel homomorphic signature function to enable the source to delegate its signing authority to forwarders, that is, the forwarders can generate the signatures for their output messages without contacting the source. This nice property allows the forwarders to verify the received messages, but prohibit them from creating the valid signatures for polluted or forged ones. Our scheme does not need any extra secure channels, and can provide source authentication and batch verification. Experimental results show that it can improve computation efficiency up to ten times compared to some existing one. In addition, we present an alternate lightweight scheme based on a much simpler linear signature function. This alternate scheme provides a tradeoff between computation efficiency and security.