CN114465733A - Secure network coding method based on improved RSA - Google Patents

Secure network coding method based on improved RSA Download PDF

Info

Publication number
CN114465733A
CN114465733A CN202210242049.2A CN202210242049A CN114465733A CN 114465733 A CN114465733 A CN 114465733A CN 202210242049 A CN202210242049 A CN 202210242049A CN 114465733 A CN114465733 A CN 114465733A
Authority
CN
China
Prior art keywords
network
eavesdropping
improved
coding
subspace
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210242049.2A
Other languages
Chinese (zh)
Inventor
冯建新
许晶晶
丁元明
潘成胜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Dalian University
Original Assignee
Dalian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Dalian University filed Critical Dalian University
Priority to CN202210242049.2A priority Critical patent/CN114465733A/en
Publication of CN114465733A publication Critical patent/CN114465733A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3249Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/0001Systems modifying transmission characteristics according to link quality, e.g. power backoff
    • H04L1/0014Systems modifying transmission characteristics according to link quality, e.g. power backoff by adapting the source coding
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/12Discovery or management of network topologies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/30Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]

Abstract

The invention discloses a secure network coding method based on improved RSA, relating to the technical field of network security; the method is based on a wiretap network model proposed by Yeung and Cai to establish a network topology structure used by the invention; the replacement step is improved, and the search complexity is improved so as to ensure the safe transmission of data; aiming at the problem that the KDC is vulnerable, a secure network coding scheme based on the improved RSA is established, and the scheme is applied between a source node and the KDC. Compared with other schemes, the method improves data security, has stronger encryption performance and can effectively resist eavesdropping attack.

Description

Secure network coding method based on improved RSA
Technical Field
The invention relates to the technical field of network security, in particular to a secure network coding method based on improved RSA.
Background
In 2000, Cai et al innovatively proposed a Network Coding (Network Coding) theory, which is different from the conventional route store-and-forward manner, and allows an intermediate node to perform Coding and decoding operations on a received message first, and then forward processed data. The network coding can not only improve the network throughput, but also significantly improve the reliability of the network, but the network coding mode may be attacked by network eavesdropping, and thus the security problem is faced.
In order to improve the security of network coding, Yeung and Cai et al propose a secure network communication model for resisting eavesdropping so as to resist eavesdropping attacks. Further, Cai et al present a specific construction scheme for the secure network model. Vilela et al propose a cryptology-based SPOC (secure Practical network coding) scheme that conceals an information source message by encrypting a precoding matrix, but in this scheme, the encrypted precoding matrix and the information source message need to be transmitted together, thereby causing a large amount of network overhead. Zhang et al propose a permutation-encryption (P-coding) -based encoding scheme that encrypts data using a permutation operation, which can improve encoding speed, but cannot resist known plaintext attacks. Guang et al encrypted the DES key using the improved RSA algorithm, and the simulation results show that the scheme can effectively resist attacks and has higher security. However, none of the above schemes has a certain error correction capability, and Brahimi et al propose a secure network coding scheme using subspace codes, which has a certain error correction capability, but the security of the scheme is insufficient.
Disclosure of Invention
Aiming at the problem that a Key Distribution Center (KDC) is attacked when a replacement Key is distributed in a non-coherent network, the invention provides a secure network coding method, which utilizes an improved RSA algorithm to replace a Key PK1And PK2Encryption is carried out, and then the replacement step is updated, so that the search complexity of exhaustive search attack is improved, and the security of data transmission is ensured.
In order to achieve the above object, the present application provides a secure network encoding method based on modified RSA, comprising:
constructing a network topology structure based on the eavesdropping network model;
the replacement step is improved, and the search complexity is improved to ensure the safe transmission of data;
establishing a secure network encoding scheme based on modified RSA, the secure network encoding scheme being applied between the source node and the KDC.
Further, based on the wiretap network model, a network topology structure is constructed, which specifically includes:
acquiring a subspace code: let FqRepresenting a finite field of q elements,
Figure BDA0003542701580000021
is FqAn n-dimensional vector space; let P (n) denote
Figure BDA0003542701580000022
All subspace sets of (1), which constitute FqAn n-order projection space; let G (k, n) denote an n-dimensional vector space
Figure BDA0003542701580000023
All k-dimensional subspace sets of (1), wherein k is less than or equal to n; and p (n) ═ U0≤k≤nG(k,n);
Subspace code C is a non-empty subset of P (n); for 0 ≦ k ≦ n, if
Figure BDA0003542701580000024
Then C is called Constant Dimension Code CDC; otherwise, C is called Mixed Dimension Code (Mixed Dimension Code MDC).
Further, let N be a network, it has S information source nodes, T sink nodes and E signal channels; let C be a subspace code, CcC is a transmission codeword sent by the source S e S to some subset T e T of the sink;
the operator channel model is used for describing a scene channel, and the model defines the input and the output of the channel by using I and O; i and O are subsets of P (n),
Figure BDA0003542701580000031
Ηkis a random operator that randomly returns the k-dimensional subspace H of Ik(I) And ε, where ε is the error subspace, which results in the insertion of dim (ε), which is the dimension of the vector space ε.
Further, based on the wiretap network model, a network topology structure is constructed, which specifically includes:
constructing a network topological structure: quadruple (G, s, U, W) for eavesdropping network modele) By the following definitions:
(i) using G ═ VG,EG) Representing a loop-free directed communication network, in which VGIs a collection of all nodes, EGIs a collection of all edges;
(ii) an information source node sG∈VG
(iii) A set of sink nodes
Figure BDA0003542701580000032
(iv) A group of eavesdropping edges
Figure BDA0003542701580000033
The capacity of each edge in the network is unit capacity; let V ═ s }. U IG∪UG,IGIs a collection of intermediate nodes; it is assumed that there are countless eavesdroppers, and they do not cooperate with each other; analyzing one of the eavesdroppers with emphasis, and calling the eavesdropper as Eve; let W be equal to WeA set of eavesdropping edges representing Eve usage; the vector collected by Eve is represented by W, the number of W represents the eavesdropping ability of Eve, and C is usedeRepresents; w < Cm,CmIndicating the multicast capacity of G;
an additional node is added as a key distribution center KDC, which is used to connect the source node and the sink node and whose channel is separated from the eavesdropping network.
Further, the improved replacement step is specifically:
the source information is a packet containing nDA data stream of bits, said data stream being divided into a plurality of bit strings, the bitsThe length of the string is m, and l bit strings form a group; if the number of bit strings is less than l, padding; the divided data stream has the following representation mode:
Figure BDA0003542701580000041
wherein d isij∈Fq,i=1,2,...,l,j=1,2,...,m.
Permutation key P for distribution of bit strings using KDCk1And Pk2Is subjected to a substitution wherein Pk1For the line replacement of the key, Pk2Representing the column replacement keys, respectively as follows:
Figure BDA0003542701580000042
Figure BDA0003542701580000043
combining the data to be encrypted with the row permutation matrix to obtain row-encrypted data; combining with the column permutation matrix to obtain data after row and column encryption; then using a set S of subspace codescCoding is carried out, and an SCS (sub space coding) strategy is used in the coding process.
Further, in a multicast network having multicast capacity CmIn the network, the SCS strategy is a quintuple with
Figure BDA0003542701580000051
Expressed, defined as follows:
(i) p (n) is FqIn the above-mentioned projection space of n order,
(ii)
Figure BDA0003542701580000052
is a positive integer, representing a safe offset rate,
(iii)
Figure BDA0003542701580000053
is a set of Grassmann codes in P (n),
(iv) is provided with
Figure BDA0003542701580000054
And randomly creating a full mapping θ Ssym→{0,1}m
(v)
Figure BDA0003542701580000055
Is a double mapping of the number of the images,
Figure BDA0003542701580000056
representing eavesdropping capability C on EveeGuessing the maximum capacity of;
the source will use the SCS strategy as a means of data transmission, subspace aggregation ScAnd mapping θ, φ and set ETProvided by the KDC;
order to<V>E c represents the currently selected codeword, where c e Sc(ii) a In each round of transmission process, the information source can inject effective code words c containing errors into the network, and the errors can be corrected at the receiving end; performing RLNC coding operations at nodes that support RLNC coding as the codeword vectors traverse the network;
sink node U e UGAnd after an error version of RLNC coding is received, obtaining a correct code word c through decoding, and finally obtaining information source data through inverse permutation.
Further, a secure network coding scheme based on the improved RSA is established, specifically: replacing a Key P against a Row Using an improved RSA AlgorithmK1And column replacement key PK2The encryption is carried out, and the specific implementation process is as follows:
randomly selecting three large prime numbers p, q and r, f is pqr, phi (f) is (p-1) (q-1) (r-1);
the information source node selects an encryption key g and acquires a private key h meeting hg ≡ 1mod (f);
sending the public key (g, f) to the KDC;
said KDC produces E(g,f)(PK1||PK2) And sending the data to the information source node;
the source node decrypts E using h(g,f)(PK1||PK2) In the decryption process, Montgomery modular multiplication and Chinese remainder theorem are adopted to carry out power multiplication operation.
Compared with the prior art, the technical scheme adopted by the invention has the advantages that: the method is based on an eavesdropping network model proposed by Yeung and Cai, and a network topology structure used by the method is established; the replacement step is improved, and the search complexity is improved to ensure the safe transmission of data; aiming at the problem that KDC is vulnerable, a secure network coding scheme based on improved RSA is established, and the scheme is applied between a source node and the KDC. Compared with other schemes, the method improves data security, has stronger encryption performance, and can effectively resist eavesdropping attack.
Drawings
FIG. 1 is a flow chart of an implementation of the present invention;
FIG. 2 is a diagram of a modified RSA based secure network encoding scheme;
FIG. 3 is a diagram of a multicast network model;
FIG. 4 is a graph of the relationship of guessing probability and Eve eavesdropping ability;
fig. 5 is a hypothetical probability map of the inventive scheme, SCS, and SPOC.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of and not restrictive on the broad application, i.e., the embodiments described are only a few examples, and not all examples, of the present application.
Example 1
As shown in fig. 1, the present invention provides a secure network encoding method based on modified RSA, comprising:
s1: establishing a network topology structure used by the invention based on an eavesdropping network model proposed by Yeung and Cai;
s1.1 obtaining subspace codes: let FqRepresenting a finite field of q elements,
Figure BDA0003542701580000071
is FqAn n-dimensional vector space. Let P (n) denote
Figure BDA0003542701580000072
All subspace sets of (1), which constitute FqAn upper n-th order projection space. Let G (k, n) denote an n-dimensional vector space
Figure BDA0003542701580000073
All k-dimensional subspace sets of (1), wherein k is less than or equal to n; g (k, n) is also known as Grassmannian, and p (n) ═ U0≤k≤nG(k,n);
The subspace code C is a non-empty subset of P (n). For 0 ≦ k ≦ n, if
Figure BDA0003542701580000074
Called C Constant Dimension Code (Constant Dimension Code CDC). Otherwise, let C be a Mixed Dimension Code (Mixed Dimension Code MDC).
Let V be the matrix, denote by < V > the subspace spanned by the row vectors of V. Similarly, the present invention represents a subspace by selecting a matrix that is spanned by row vectors.
Let N be a network with S source nodes, T sink nodes and E channels. Let C be a subspace code, CcE C is the transmission codeword that the source S e S sends to some subset T e T of the sink. During transmission, the code word ccThe reduced dimensionality of (a) can introduce erasure errors into the network channel. When the signal sink receives a group of vectors of code words cc', and these vectors are not in ccWhen the vector is in the subspace spanned, an insertion error is brought.
An operator channel model is used to describe the scene channel, which defines the input and output of the channel using I and O.
S1.2, constructing a network topology structure: the invention adopts the theft proposed by Yeung and CaiListening to a network model using a quadruple of (G, s, U, W)e) By the following definitions:
(i) using G ═ VG,EG) Representing a loop-free directed communication network, in which VGIs a set of all nodes, EGIs a collection of all edges;
(ii) a source node sG∈VG
(iii) A set of sink nodes
Figure BDA0003542701580000081
(iv) A group of eavesdropping edges
Figure BDA0003542701580000082
The capacity of each edge in the network is unit capacity. Let V ═ s }. U IG∪UG,IGIs a collection of intermediate nodes. It is assumed that there are countless eavesdroppers and that they do not cooperate with each other. The present invention focuses on analyzing one of the eavesdroppers, which will be referred to as Eve. Let W be equal to WeRepresenting a set of eavesdropping edges used by Eve. The vector collected by Eve is represented by W, the number of W represents the eavesdropping ability of Eve, and C is usedeAnd (4) showing. W < Cm,CmIndicating the multicast capacity of G.
On the basis of the network model proposed by Yeung and Cai, an additional node is added as a Key Distribution Center (KDC). The node is used to connect the source node and the sink node and its channel is separated from the eavesdropping network. In addition, the invention uses the modified RSA algorithm to encrypt the permutation key distributed by the KDC.
S2: the replacement step is improved, and the search complexity is improved to ensure the safe transmission of data;
specifically, the source information is a packet containing nDA data stream of bits, the data stream being divided into a plurality of bit strings. The bit strings are m in length and l bit strings form a group. If the number of bit strings is less than l, padding is performed.
The bit string will use the permutation key distributed by the KDCPK1And PK2Permuting and then using a set S of subspace codescThe coding is carried out, and the invention uses SCS (sub space coding) strategy in the coding process. During each round of transmission, the source injects into the network a codeword c containing errors that can be corrected at the receiver, where c ∈ Sc. As these codeword vectors traverse the network, RLNC encoding operations are performed at nodes that support RLNC encoding.
When the sink node U belongs to UGAfter an error version of RLNC coding is received, a correct code word c can be obtained through decoding, and finally, information source data can be obtained through inverse permutation.
S3: aiming at the problem that KDC is easy to attack, establishing a secure network coding scheme based on improved RSA, wherein the scheme is applied between a source node and the KDC;
in particular, to ensure P in KDCK1And PK2Security of using modified RSA versus PK1And PK2Encryption is performed. As shown in fig. 2, the secure network coding scheme is located between the source node and the KDC, and the specific implementation steps are as follows:
step 1: three large prime numbers p, q and r, f ═ pqr, phi (f) ═ p-1 (q-1) (r-1) were randomly chosen.
Step 2: the source node selects an encryption key g and obtains a private key h meeting hg ≡ 1mod (f).
And step 3: the public key (g, f) is sent to the KDC.
And 4, step 4: KDC producing E(g,f)(PK1||PK2)。
And 5: KDC sends E(g,f)(PK1||PK2) To the source node.
Step 6: source node uses h to decrypt E(g,f)(PK1||PK2). In order to improve the calculation efficiency, Montgomery modular multiplication and Chinese remainder theorem are adopted to carry out power multiplication operation in the decryption process.
Network model as shown in fig. 3, the data stream D of the source node is set to 121 bits. Set up CeThe minimum distance d between subspace codes is more than or equal to 9. It is assumed that m is 11,l 11, set Sc={C5,C6,C7,C8},ScThe characteristics of the medium code word are shown in table 1. ScThe element used in (A) is derived from F2A subspace of the upper 16-dimensional environment vector space. In the experiment of the invention, part of edges represent the edges which can be eavesdropped by Eve, and C is more than or equal to 0eLess than or equal to 8. 0 indicates that Eve cannot access the network. The vectors of eavesdropping are all linearly independent.
TABLE 1ScCharacteristics of Chinese code word
Figure BDA0003542701580000101
Fig. 4 shows the guess probabilities for the scheme of the present invention, SCS, the general secure network coding scheme (denoted as the USUC scheme of the present invention) and SPOC. The guess probabilities represent the ability of Eve to get source messages. In the present invention, the guess probability is related not only to the number of possible combinations of codewords, but also to RSA, m, and l. The guess probability of the SCS is related to the number of possible combinations of code words and/. The guess probability of the USUC is related to the number of lost packets. The guessing probability of SPOC is related not only to the number of lost packets, but also to the locked coding coefficients. It can be seen from fig. 4 that the secure network coding scheme of the present invention has better guess probabilities than SCS and SPOC. However, the search complexity of the USNC depends only on the number of possibilities of missing packets, so that the security of the scheme depends on Ce. When C is presente≥CmThe USNC will no longer be considered secure.
FIG. 5 shows that when Ce≥CmThe scheme of the present invention, SCS, and SPOC guess probabilities. The length len of the packet in RLNC coding is set to 24. The coding coefficients are sent with the data packet. As shown in FIG. 5, the guessing probability of the present invention is the smallest, so the security of the present invention is much higher than SCS and SPOC.
Table 2 shows that when Ce<CmThe scheme of the present invention, SCS, USNC and SPOC, are exhaustive of the search complexity. The complexity of the invention depends on the number of combinations of data packets and the number of m, l, the complexity of SCSDepending on the number of combinations of packets and the number of l. The complexity of the USNC depends on the number of packets missed by Eve. For SPOC, in addition to guessing the number of packets lost, the encoding coefficients and the replacement key must also be guessed. As can be seen from table 2, the present invention has the highest search complexity when exhaustive search attacks. This means that the present invention has the maximum search space and better security.
TABLE 2 search complexity of the inventive arrangements with SCS, USNC and SPOC
Figure BDA0003542701580000111
The foregoing descriptions of specific exemplary embodiments of the present invention have been presented for purposes of illustration and description. It is not intended to limit the invention to the precise form disclosed, and obviously many modifications and variations are possible in light of the above teaching. The exemplary embodiments were chosen and described in order to explain certain principles of the invention and its practical application to enable one skilled in the art to make and use various exemplary embodiments of the invention and various alternatives and modifications as are suited to the particular use contemplated. It is intended that the scope of the invention be defined by the claims and their equivalents.

Claims (7)

1. A method for secure network encoding based on improved RSA, comprising:
constructing a network topology structure based on the eavesdropping network model;
the replacement step is improved, and the search complexity is improved to ensure the safe transmission of data;
establishing a secure network encoding scheme based on modified RSA, the secure network encoding scheme being applied between the source node and the KDC.
2. The method as claimed in claim 1, wherein the step of constructing the network topology based on the eavesdropping network model specifically comprises:
obtaining a subspaceCode: let FqRepresenting a finite field of q elements,
Figure FDA0003542701570000011
is FqAn n-dimensional vector space; let P (n) denote
Figure FDA0003542701570000012
All subspace sets of (1), which constitute FqAn n-order projection space; let G (k, n) denote an n-dimensional vector space
Figure FDA0003542701570000013
All k-dimensional subspace sets of (1), wherein k is less than or equal to n; and p (n) ═ U0≤k≤nG(k,n);
Subspace code C is a non-empty subset of P (n); for 0 ≦ k ≦ n, if
Figure FDA0003542701570000015
Then, the code is called C as constant dimension code; otherwise, the code is called C as the mixed dimension code.
3. A method according to claim 2, wherein N is a network having S source nodes, T sink nodes and E channels; let C be a subspace code, CcC is a transmission codeword sent by the source S e S to some subset T e T of the sink;
the operator channel model is used for describing a scene channel, and the model defines the input and the output of the channel by using I and O; i and O are subsets of P (n),
Figure FDA0003542701570000014
Ηkis a random operator that randomly returns the k-dimensional subspace H of Ik(I) And ε, where ε is the error subspace, which results in the insertion of dim (ε), which is the dimension of the vector space ε.
4. The method according to claim 2, wherein the network topology is constructed based on the eavesdropping network model, and further comprising:
constructing a network topological structure: quadruple (G, s, U, W) for eavesdropping network modele) By the following definitions:
(i) using G ═ VG,EG) Representing a loop-free directed communication network, in which VGIs a collection of all nodes, EGIs a collection of all edges;
(ii) an information source node sG∈VG
(iii) A set of sink nodes
Figure FDA0003542701570000022
(iv) A group of eavesdropping edges
Figure FDA0003542701570000021
The capacity of each edge in the network is unit capacity; let V ═ s }. U IG∪UG,IGIs a collection of intermediate nodes; it is assumed that there are countless eavesdroppers, and they do not cooperate with each other; analyzing one of the eavesdroppers with emphasis, and calling the eavesdropper as Eve; let W be equal to WeA set of eavesdropping edges representing Eve usage; the vector collected by Eve is represented by W, the number of W represents the eavesdropping ability of Eve, and C is usedeRepresents; w < Cm,CmIndicating the multicast capacity of G;
an additional node is added as a key distribution center KDC, which is used to connect the source node and the sink node and whose channel is separated from the eavesdropping network.
5. The improved RSA-based secure network coding method of claim 1, wherein the improved permutation step is specifically:
the source information is a packet containing nDOf one bitA data stream, said data stream being divided into a plurality of bit strings, the bit strings having a length of m, a group of l bit strings; if the number of bit strings is less than l, padding; the divided data stream has the following representation mode:
Figure FDA0003542701570000031
wherein d isij∈Fq,i=1,2,...,l,j=1,2,...,m.
Permutation key P for distribution of bit strings using KDCk1And Pk2Is subjected to a substitution wherein Pk1For the line replacement of the key, Pk2Representing the column replacement keys, respectively as follows:
Figure FDA0003542701570000032
Figure FDA0003542701570000033
combining the data to be encrypted with the row permutation matrix to obtain row-encrypted data; combining with the column permutation matrix to obtain data after row and column encryption; then using a set S of subspace codescCoding is carried out, and SCS strategy is used in the coding process.
6. A method for secure network coding based on improved RSA according to claim 5, wherein a multicast capacity C is usedmIn the network, the SCS strategy is a quintuple with
Figure FDA0003542701570000034
Expressed, defined as follows:
(i) p (n) is FqIn the above-mentioned projection space of n order,
(ii)
Figure FDA0003542701570000035
is a positive integer, representing a safe offset rate,
(iii)
Figure FDA0003542701570000036
is a set of Grassmann codes in P (n),
(iv) is provided with
Figure FDA0003542701570000037
And randomly creating a full mapping θ Ssym→{0,1}m
(v)φ:
Figure FDA0003542701570000038
Is a double mapping of the number of the images,
Figure FDA0003542701570000039
representing eavesdropping capability C on EveeGuessing the maximum capacity of;
the source will use the SCS strategy as a means of data transmission, subspace aggregation ScAnd mapping θ, φ and set ETProvided by the KDC;
order to<V>E c represents the currently selected codeword, where c e Sc(ii) a In each round of transmission, the source injects effective code words c containing errors into the network, and when the code word vectors pass through the network, RLNC coding operation is carried out on the nodes supporting the RLNC coding;
sink node U e UGAnd after an error version of RLNC coding is received, obtaining a correct code word c through decoding, and finally obtaining information source data through inverse permutation.
7. The method according to claim 1, wherein the secure network coding scheme based on the improved RSA is established by: replacing a Key P against a line Using an improved RSA AlgorithmK1And column replacement key PK2Carry out encryption, concreteThe application process comprises the following steps:
randomly selecting three large prime numbers p, q and r, f is pqr, phi (f) is (p-1) (q-1) (r-1);
the information source node selects an encryption key g and acquires a private key h meeting hg ≡ 1mod (f);
sending the public key (g, f) to the KDC;
said KDC produces E(g,f)(PK1||PK2) And sending the data to the information source node;
the source node decrypts E using h(g,f)(PK1||PK2) In the decryption process, Montgomery modular multiplication and Chinese remainder theorem are adopted to carry out power multiplication operation.
CN202210242049.2A 2022-03-11 2022-03-11 Secure network coding method based on improved RSA Pending CN114465733A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210242049.2A CN114465733A (en) 2022-03-11 2022-03-11 Secure network coding method based on improved RSA

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210242049.2A CN114465733A (en) 2022-03-11 2022-03-11 Secure network coding method based on improved RSA

Publications (1)

Publication Number Publication Date
CN114465733A true CN114465733A (en) 2022-05-10

Family

ID=81417527

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210242049.2A Pending CN114465733A (en) 2022-03-11 2022-03-11 Secure network coding method based on improved RSA

Country Status (1)

Country Link
CN (1) CN114465733A (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004021694A1 (en) * 2002-08-30 2004-03-11 Rheinische Friedrich-Wilhelms-Uni Versität Bonn Method and device for decryption-secure transfer of data
US20160373210A1 (en) * 2013-07-04 2016-12-22 Norwegian University Of Science And Technology Network coding over gf(2)
CN110166247A (en) * 2019-05-06 2019-08-23 湖北工业大学 It can the anti-pollution network code endorsement method attacked and position intermediate node conspiracy attack
CN111262684A (en) * 2020-01-13 2020-06-09 燕山大学 Power battery traceability management coding encryption method based on improved AES algorithm
CN113067669A (en) * 2021-03-03 2021-07-02 伍仁勇 Network coding method and security network
US20220069987A1 (en) * 2020-08-31 2022-03-03 Massachusetts Institute Of Technology Network Coding-Based Post-Quantum Cryptography

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004021694A1 (en) * 2002-08-30 2004-03-11 Rheinische Friedrich-Wilhelms-Uni Versität Bonn Method and device for decryption-secure transfer of data
US20160373210A1 (en) * 2013-07-04 2016-12-22 Norwegian University Of Science And Technology Network coding over gf(2)
CN110166247A (en) * 2019-05-06 2019-08-23 湖北工业大学 It can the anti-pollution network code endorsement method attacked and position intermediate node conspiracy attack
CN111262684A (en) * 2020-01-13 2020-06-09 燕山大学 Power battery traceability management coding encryption method based on improved AES algorithm
US20220069987A1 (en) * 2020-08-31 2022-03-03 Massachusetts Institute Of Technology Network Coding-Based Post-Quantum Cryptography
CN113067669A (en) * 2021-03-03 2021-07-02 伍仁勇 Network coding method and security network

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
MOHAMED AMINE BRAHIMI, ET AL.: "Secure network coding for data encoded using subspace codes", PHYSICAL COMMUNICATION, pages 1 - 8 *
刘宴涛;王雪冰;: "窃听攻击下子空间码的安全性", 计算机科学, no. 1 *
魏秀岭 等: "基于三素数改进RSA算法的智能小区数据信息保护研究", 实验探索, pages 22 *

Similar Documents

Publication Publication Date Title
Maurer et al. Unconditionally secure key agreement and the intrinsic conditional information
Vilela et al. Lightweight security for network coding
Bennett et al. Generalized privacy amplification
KR101527979B1 (en) Information transmission security method
Borghoff et al. Cryptanalysis of PRESENT-like ciphers with secret S-boxes
US20030063751A1 (en) Key agreement protocol based on network dynamics
Fung et al. Quantum key distribution with delayed privacy amplification and its application to the security proof of a two-way deterministic protocol
Hooshmand et al. Efficient polar code-based physical layer encryption scheme
Zibideh et al. Modified-DES encryption algorithm with improved BER performance in wireless communication
Wu et al. Lightweight security protocols for the Internet of Things
Noura et al. Lightweight dynamic key-dependent and flexible cipher scheme for IoT devices
Hemenway et al. Non-committing encryption from Φ-hiding
Borghoff et al. Slender-set differential cryptanalysis
Mohan et al. Improved ElGamal cryptosystem for secure data transfer in IoT networks
Liu et al. A privacy-preserving signature scheme for network coding
Maurer The role of information theory in cryptography
du Pin Calmon et al. Lists that are smaller than their parts: A coding approach to tunable secrecy
Böhl et al. Encryption schemes secure under related-key and key-dependent message attacks
CN114465733A (en) Secure network coding method based on improved RSA
Brahimi et al. Data confidentiality-preserving schemes for random linear network coding-capable networks
Amigó Chaos-based cryptography
Ye et al. Improving wireless security through network diversity
Özdemir et al. Development of Cryptography since Shannon
Zhu et al. Design of a physical layer encryption scheme for rate compatible modulation
Chang et al. Research on forgery attack on authentication encryption algorithm ACE

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination