Transcript Network Coding Theory

Secure Error-Correcting (SEC)
Network Codes
Raymond W. Yeung
Institute of Network Coding &
Department of Information Engineering
The Chinese University of Hong Kong
Joint work with Chi-kin Ngai, Kenneth Shum, and Shenghao Yang
Outline
•
•
•
•
Network error-correcting codes
Secure network codes
Secure error-correcting (SEC) network codes
Concluding Remarks
Network Error-Correcting
Codes
Point-to-Point Error Correction
in a Network
• Classical error-correcting codes are devised for point-topoint communications.
• Such codes are applied to networks on a link-by-link basis.
Channel
Decoder
Channel
Decoder
Network
Encoder
Channel
Encoder
A Motivation for
Network Error Correction
• Observation Only the receiving nodes have to know the
message transmitted; the immediate nodes don’t.
• In general, channel coding and network coding do not need to
be separated 
Network Error Correction
• Network error correction generalizes classical point-to-point
error correction.
Network
Codec
Singleton Bound for Network Error Correction
(Cai and Y 02, 06)
• A d-error-correcting network code can correct any d errors in the
networks at all the sink nodes.
• m = minT maxflow(T)
• r = rate of a network error-correcting code
• Singleton bound: r ≤ m – 2d
• The tightness of the Network Singleton bound is achievable by
linear network error-correcting codes!
• This implies that for large base fields, only linear transformations
need to be performed at the intermediate nodes! No decoding
needed.
Sphere Packing

dmin






Malicious Injection of Errors
• Malicious nodes in the network may inject errors
deliberately to disturb data transmission.
• Classical error correction does not help because
redundancy is injected only in time.
• Linear network error-correcting code is a natural solution
because redundancy is injected in both time and space.
Secure Network Codes
(Cai and Y, 2002, 2008)
Problem Formulation
•
•
•
•
•
•
•
A message is multicast on a network.
Some sets of channels can be wiretapped.
A wiretap set is a subset of the edge set E.
Let A be the collection of all possible wiretap sets.
Each wiretapper chooses to access one wiretap set in A.
No wiretapper may access more than one wiretap set.
The network code needs to be information-theoretically secure.
• The model is a network generalization of secret sharing (Blakley,
Shamir, 78) and wiretap channel II (Ozarow and Wyner 84).
A Example of a Secure Network Code
s-w
s+w
s-w s+w
s-w



Any single channel can be
wiretapped
s is the secure message
w is the randomness
w
w
s+w
w
A Construction of
Secure Network Codes
• The wiretapper may access any k channels.
• m = minT maxflow(T)
• Our construction builds on any linear network code that
can multicast m symbols.
• s: message; w: key
• Let |s| = m - k and |w| = k.
• Our scheme
– Maximizes the amount of information that can be multicast
securely.
– Uses the minimum possible amount of randomness.
m-k
k
s
w
rate = m - k
Q-1
linear network code, rate = m
NETWORK
Secure Error-Correcting (SEC)
Network Codes
A Construction of
SEC Network Codes
•
•
•
•
The code can correct any d errors.
The wiretapper may access any k channels.
m = minT maxflow(T)
Our construction concatenates
– a secure network code (SNC)
– a network error-correcting code (NEC)
• Rate = m - 2d - k
m-2d-k
s
k
w
m-2d-k
SEC
m-2d
NEC
m
NETWORK
Proof of Error Correction
and Security
• Error correction of the SEC code inherits from
the NEC inner code.
• Proof of security when there is no error
– algebraic
• Proof of security in the presence of errors
– need to set up a model for noise and eavesdropper
• random errors and key are statistically independent
• eavesdropper can inject errors causally
– information theoretic
injection
error
random
error
+
eavesdropper
SEC coding
Network
error correction
Point-to-point
error correction
Secure
network coding
Network
coding
Parallel
noiseless
transmission
Secret
sharing