resilient network coding in the presence of byzantine adversaries

Download Resilient Network Coding  in the presence of   Byzantine Adversaries

Post on 31-Dec-2015




0 download

Embed Size (px)


Resilient Network Coding in the presence of Byzantine Adversaries. Sidharth Jaggi. Michelle Effros Michael Langberg Tracey Ho. Sachin Katti Muriel Mdard Dina Katabi. Obligatory Example/History. s. [ACLY00]. [ACLY00] Characterization Non-constructive. b 1. b 2. E V E R B - PowerPoint PPT Presentation


  • Resilient Network Coding in the presence of Byzantine AdversariesMichelle EffrosMichael LangbergTracey HoSachin KattiMuriel MdardDina KatabiSidharth Jaggi

  • Obligatory Example/Historyst1t2b1b2b2b2b1b1b1b1b1b1(b1,b2)b1+b2b1+b2b1+b2(b1,b2)[ACLY00][ACLY00] Characterization Non-constructive[LYC03], [KM02] Constructive (linear) Exp-time design[JCJ03], [SET03] Poly-time design Centralized design[HKMKE03], [JCJ03] Decentralized design EVER

    BETTER...C=2[This work] All the above, plus securityTons of work[SET03] Gap provably exists

  • MulticastSimplifying assumptions All links unit capacity (1 packet/transmission) Acyclic networkALL of AlicesinformationdecodableEXACTLYbyEACH Bob Network Model[GDPHE04],[LME04] No intereference

  • Multicast Network ModelALL of AlicesinformationdecodableEXACTLYbyEACH Bob 322Upper bound for multicast capacity C,C min{Ci}[ACLY00] With mixing, C = min{Ci} achievable![LCY02],[KM01],[JCJ03],[HKMKE03] Simple (linear) distributed codes suffice!

  • Problem!Eavesdropped linksAttacked linksCorrupted links

  • SetupScheme A B CNetwork CMessage A CCode CBad links CCoin ATransmit B CDecode BEurekaEavesdropped links ZIAttacked links ZOWho knows whatStagePrivacy

  • ResultsFirst codesOptimal rates (C-2ZO,C-ZO)Poly-timeDistributedUnknown topologyEnd-to-endRatelessInformation theoretically secureInformation theoretically privateWired/wireless[HLKMEK04],[JLHE05],[CY06],[CJL06],[GP06]

  • Error Correcting CodesY=TX+EGenerator matrixLow-weightvectorYX(Reed-Solomon Code)TER=C-2ZO

  • Distributed multicast

    Alice: Sends packets.

    Bob gets (Each column encoded with same transform T)

    Now Bob knows T and can decode.

    AB2XITXTC packetsSmall rate-loss[HKMKE03]

  • What happens with errors?What happens when we implement previous distributed algorithm?Key idea: think of Calvin's error as an addition to original information flow.




    C packetsZO packetsXITXT+TE1+TE2E1E2Bob:T,T are unknown.E1,E2 are unknown.System is not linear.How can Bob recover X?R packets

  • Overview




    B1B2XITXTCalvin+TE1+TE2E1E2Step 1: Show how to construct system of linear equations to help recover X.Step 2: System may have many solutions. Need to add redundancy to X.Step 1: list decoding will work as long as R C-ZO.Step 2: unique decoding will need an additional redundancy of ZO.

    All in all: R = C-2ZO. TT X+EE = T(E1-E2X)

  • Properties of EAlice:



    +TE2+TE1XIE1E2T X+ETCol. in TX+E. = col. of TX + col. of E.Claim 1: E has column rank ZO (=Calvin's strength). Proof: Follows from fact that Calvin controls ZO links. Claim 2: Columns of TX and E span disjoint spaces. Proof: RC-ZO, random encoding.TTX=+=RZOC

  • TheoremsScheme achieves rate C-2ZO (optimal)Step 1: list decode (R C-ZO)Step 2: unique decode (Redundancy = ZO) Secret channel: Instead of Step 2, send hash of X. Rate = C-ZO (optimal)Limited Adversary: Calvin limited in eavesdropping can implement secret channel and obtain rate C-ZO. Limited eavesdropping:Calvin can only see the information on ZI linksIf ZI
  • SummaryOptimal rates Poly-timeDistributedUnknown topologyEnd-to-endRatelessInformation theoretically secure/privateWired/wireless

    RateConditionsThm 1C-ZOSecretThm 2C-2ZOOmniscientThm 3C-ZOLimited