Authenticated Adversarial Routing - PowerPoint PPT Presentation

About This Presentation
Title:

Authenticated Adversarial Routing

Description:

Conclusion. 3. Authenticated. Adversarial Routing. Problem ... Conclusion. 14. Na ve Solutions. Flooding: Sender floods one message index signature ... – PowerPoint PPT presentation

Number of Views:18
Avg rating:3.0/5.0
Slides: 30
Provided by: paul157
Learn more at: http://web.cs.ucla.edu
Category:

less

Transcript and Presenter's Notes

Title: Authenticated Adversarial Routing


1
Authenticated Adversarial Routing
  • Yair Amir, Paul Bunn, Rafail Ostrovsky
  • 6th IACR Theory of Cryptography Conference
  • March 15, 2009

2
Authenticated Adversarial Routing
  • Problem Statement
  • Solution Ideas
  • Conclusion

3
AuthenticatedAdversarial Routing
  • Problem Statement
  • Adversarial Networks
  • Statement of Result
  • Previous Work
  • Solution Ideas
  • Conclusion

4
The Network
  • Most basic task two uncorrupted nodes need to
    communicate

R
S
m1, m2, m3,
5
The Adversary
  • For clarity, break-up adversary into 2
    (collaborating) adversaries
  • Node-controlling Malicious Adversary
  • Edge-scheduling Adversary

6
Edge-Scheduling Adversary
  • End-to-End, Synchronous
  • Only 1 packet can cross an edge per round
  • Controls Edges (Up/Down)

R
S
m1, m2, m3,
7
Edge-Scheduling Adversary
  • End-to-End, Synchronous
  • Only 1 packet can cross an edge per round
  • Controls Edges (Up/Down)
  • Conforming (Always a Path!)

R
S
m1, m2, m3,
8
Node-Controlling Adversary
  • Controls Nodes
  • Malicious ? Nodes act arbitrarily
  • Dynamic ? Adaptive corruption
  • Conforming (Always a Path!)
  • Polynomially Bounded

R
S
m1, m2, m3,
9
Node-Controlling Adversary
  • Controls Nodes
  • Malicious ? Nodes act arbitrarily
  • Dynamic ? Adaptive corruption
  • Conforming (Always a Path!)
  • Malicious nodes allowed gtgt n/2

R
S
m1, m2, m3,
10
The Problem Goals of Routing
  • Correctness Packets are output by R without
    duplication or omission
  • Throughput Number of messages received as a
    function of time
  • Memory per Node

R
S
m1, m2, m3,
11
Our Main Result
  • Theorem (informal) If OWFs
    exist THEN routing that is resilient against any
    poly-time conforming (node-controlling
    edge-scheduling) adversary can be achieved with
  • Throughput Linear
  • O(t ) rounds ? t packets delivered
  • Memory per Node O(n4 log n)
  • Proof is constructive, local control

12
History of Routing in Malicious Networks
  • Fault Detection, Fault Localization
  • Awerbuch Holmer Nita-Rotaru Rubens 02
    Barak Goldberg Xiao 08
  • A priori select a single-path
  • Fault Detection/Localization performed on this
    path
  • After identifying fault, new path selected
  • Open in BGX 08 how do we handle adaptive
    routing?

13
AuthenticatedAdversarial Routing
  • Problem Statement
  • Solution Ideas
  • Naïve Solutions
  • Dynamic Topology Networks
  • AG 88 AMS 89 AGR 92 AAGMRS 97 KOR 98
  • Highlights of our Solution
  • Conclusion

14
Naïve Solutions
  • Flooding
  • Sender floods one message index signature
  • Nodes broadcast message with highest index
  • Receiver floods confirmation of receipt
    signature
  • Nodes broadcast confirmation with highest index

R
S
m1, m2, m3,
15
Naïve Solutions
  • Flooding
  • Slow Delivery is sublinear
  • Expensive (Pay for Bandwidth Used)

R
S
m1, m2, m3,
16
Slide Protocol
  • Slide Protocol
  • Afek Gafni 88, Awerbuch Mansour Shavit 89,
    Afek Gafni Rosen 92, Afek Awerbuch Gafni
    Mansour Rosen Shavit 97
  • How it works
  • Edges viewed as directional
  • Internal nodes maintain buffers on every edge
    (size n)
  • Protocol proceeds in 3 steps




n




17
Slide Protocol
  • Slide Protocol
  • Afek Gafni 88, Awerbuch Mansour Shavit 89,
    Afek Gafni Rosen 92, Afek Awerbuch Gafni
    Mansour Rosen Shavit 97
  • How it works
  • Edges viewed as directional
  • Internal nodes maintain buffers on every edge
    (size n)
  • Protocol proceeds in 3 steps




n










R
S


18
Slide Protocol
  • Slide Protocol
  • Afek Gafni 88, Awerbuch Mansour Shavit 89,
    Afek Gafni Rosen 92, Afek Awerbuch Gafni
    Mansour Rosen Shavit 97
  • How it works
  • Edges viewed as directional
  • Internal nodes maintain buffers on every edge
    (size n)
  • Protocol proceeds in 3 steps

2) Transfer Packets
3) Re-Shuffle Locally
1) Communicate Heights








R
S
H 2
H 1
H 0
H n-1
H 2
H n
H n-1
H 1
19
Slide Protocol
  • Slide Protocol
  • Afek Gafni 88, Awerbuch Mansour Shavit 89,
    Afek Gafni Rosen 92, Afek Awerbuch Gafni
    Mansour Rosen Shavit 97
  • How it works
  • Edges viewed as directional
  • Internal nodes maintain buffers on every edge
    (size n)
  • Protocol proceeds in 3 steps

2) Transfer Packets
3) Re-Shuffle Locally
1) Communicate Heights
Packets flow downhill from S to R
R
S
20
Slide Protocol
  • Slide Protocol
  • Afek Gafni 88, Awerbuch Mansour Shavit 89,
    Afek Gafni Rosen 92, Afek Awerbuch Gafni
    Mansour Rosen Shavit 97
  • How it works
  • Edges viewed as directional
  • Internal nodes maintain buffers on every edge
    (size n)
  • Protocol proceeds in 3 steps

2) Transfer Packets
3) Re-Shuffle Locally
1) Communicate Heights
  • Correctness
  • Throughput
  • Memory

Linear (Optimal with respect to Conforming
Adversary!)
O(n2 log n)
21
Towards Our Solution
  • Assume signatures for all packets
  • Adv cannot insert new packets are we done?
  • NO! We must counter all malicious behavior
  • Examples Message Deletion Message Duplication
    Play-Dead

R
S
m1, m2, m3,
22
Sketch of Proof
  • Start with Slide protocol
  • Every message of O(n3) bits is expanded into a
    codeword of O(n3) packets
  • Sender signs all packets he inserts
  • Routing with Responsibility Every time a
    packet is transferred across an edge, adjacent
    nodes sign various forms of communication

23
Sketch of Proof
  • After the O(n3) rounds allotted to the transfer
    of any message, we prove one
    of the following happens
  • 1. R can decode the codeword
  • Successful message transmission
  • Great, proceed to the next message!
  • 2. R did not receive 8 n3 packets
  • Packet Deletion
  • Keep track (signed) volume across each edge of
    total volume
  • 3. R has received a duplicated packet
  • Packet Duplication Packet Deletion
  • Keep track (signed) of appearances of each
    packet across each edge
  • 4. S was not able to insert 12n3 packets
  • Packet Duplication
  • Keep track (signed) of potential changes across
    each edge

24
Blacklist
  • Non-responding nodes put on blacklist by sender
  • Control information is flooded
  • Control info is much smaller then messages, so
    does not impact throughput
  • Blacklisted nodes dont transfer messages (until
    they are removed)
  • Nodes crucial to link S and R wont remain on
    blacklist for long

25
AuthenticatedAdversarial Routing
  • Problem Statement
  • Solution Approach and Description
  • Conclusion

26
Conclusion
Thank You !
  • 1st routing protocol secure against
    (node-controllingedge-scheduling) conforming
    adversary
  • Same Throughput as non-secure protocols
  • Throughput Linear (Optimal!)
  • More Memory as non-secure protocols, but still
    polynomial
  • Memory O(n4 log n) vs. O(n2 log n)

27
Sketch of Proof
  • After the O(n3) rounds allotted to the transfer
    of any message, we prove one of the
    following happens
  • 1. R can decode the codeword
  • Successful message transmission
  • 2. R did not receive 8 n3 packets
  • Packet Deletion
  • 3. R has received a duplicated packet
  • Packet Duplication Packet Deletion
  • 4. S was not able to insert 12n3 packets
  • Packet Duplication

57
A
B
57
28
Sketch of Proof
  • After the O(n3) rounds allotted to the transfer
    of any message, we prove one of the
    following happens
  • 1. R can decode the codeword
  • Successful message transmission
  • 2. R did not receive 8 n3 packets
  • Packet Deletion
  • 3. R has received a duplicated packet
  • Packet Duplication Packet Deletion
  • 4. S was not able to insert 12n3 packets
  • Packet Duplication

(5, P102)
P102
A
B
(5, P102)
29
Sketch of Proof
  • After the O(n3) rounds allotted to the transfer
    of any message, we prove one of the
    following happens
  • 1. R can decode the codeword
  • Successful message transmission
  • 2. R did not receive 8 n3 packets
  • Packet Deletion
  • 3. R has received a duplicated packet
  • Packet Duplication Packet Deletion
  • 4. S was not able to insert 12n3 packets
  • Packet Duplication

1
-3
C
(-5,3)
(-3, 2)
(-3, 2)
5
4
3
2
2
(-5, 3)
3
A
B
-3
1
D
Write a Comment
User Comments (0)
About PowerShow.com