Homomorphic Network Coding Signatures in the Standard Model

  • Nuttapong Attrapadung
  • Benoît Libert
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6571)


Network coding is known to provide improved resilience to packet loss and increased throughput. Unlike traditional routing techniques, it allows network nodes to perform transformations on packets they receive before transmitting them. For this reason, packets cannot be authenticated using ordinary digital signatures, which makes it difficult to hedge against pollution attacks, where malicious nodes inject bogus packets in the network. To address this problem, recent works introduced signature schemes allowing to sign linear subspaces (namely, verification can be made w.r.t. any vector of that subspace) and which are well-suited to the network coding scenario. Currently known network coding signatures in the standard model are not homomorphic in that the signer is forced to sign all vectors of a given subspace at once. This paper describes the first homomorphic network coding signatures in the standard model: the security proof does not use random oracles and, at the same time, the scheme allows signing individual vectors on-the-fly and has constant per-packet overhead in terms of signature size. The construction is based on the dual encryption technique introduced by Waters (Crypto’09) to prove the security of hierarchical identity-based encryption schemes.


Network coding homomorphic signatures provable security standard model 


  1. 1.
    Ahlswede, R., Cai, N., Li, S., Yeung, R.: Network Information Flow. IEEE Trans. on Information Theory 46, 1204–1216 (2000)MathSciNetzbMATHCrossRefGoogle Scholar
  2. 2.
    Agrawal, S., Boneh, D.: Homomorphic MACs: MAC-Based Integrity for Network Coding. In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS 2009. LNCS, vol. 5536, pp. 292–305. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  3. 3.
    Agrawal, S., Boneh, D., Boyen, X., Freeman, D.: Preventing Pollution Attacks in Multi-source Network Coding. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 161–176. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  4. 4.
    Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: ACM CCS 1993, pp. 62–73 (1993)Google Scholar
  5. 5.
    Boneh, D., Boyen, X.: Efficient Selective-ID Secure Identity-Based Encryption Without Random Oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223–238. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  6. 6.
    Boneh, D., Franklin, M.: Identity-Based Encryption from the Weil Pairing. Journal of Computing 32(3), 586–615 (2003); Boneh, D., Franklin, M.: Identity-Based Encryption from the Weil Pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  7. 7.
    Boneh, D., Freeman, D., Katz, J., Waters, B.: Signing a Linear Subspace: Signature Schemes for Network Coding. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 68–87. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  8. 8.
    Boneh, D., Hamburg, M.: Generalized Identity Based and Broadcast Encryption Schemes. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 455–470. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  9. 9.
    Charles, D., Jain, K., Lauter, K.: Signatures for Network Coding. In: 40th Annual Conference on Information Sciences and Systems (CISS 2006) (2006)Google Scholar
  10. 10.
    Fragouli, C., Soljanin, E.: Network Coding Fundamentals. Now Publishers Inc., Hanover (2007)Google Scholar
  11. 11.
    Freeman, D.: Converting Pairing-Based Cryptosystems from Composite-Order Groups to Prime-Order Groups. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 44–61. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  12. 12.
    Gennaro, R., Katz, J., Krawczyk, H., Rabin, T.: Secure Network Coding over the Integers. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 142–160. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  13. 13.
    Gkantsidis, C., Rodriguez, P.: Network Coding for Large Scale Content Distribution. In: IEEE INFOCOM (2005)Google Scholar
  14. 14.
    Ho, T., Leong, B., Koetter, R., Médard, M., Effros, M., Karger, D.: Byzantine Modification Detection in Multicast Networks using Randomized Network Coding. In: International Symposium on Information Theory (ISIT), pp. 144–152 (2004)Google Scholar
  15. 15.
    Jaggi, S., Langberg, M., Katti, S., Ho, T., Katabi, D., Médard, M., Effros, M.: Resilient Network Coding in the Presence of Byzantine Adversaries. IEEE Trans. on Information Theory 54, 2596–2603 (2008)CrossRefGoogle Scholar
  16. 16.
    Krohn, M., Freedman, M., Mazieres, D.: On-the-fly Verification of Rateless Erasure Codes for Efficient Content Distribution. In: IEEE Symposium on Security and Privacy, pp. 226–240 (2004)Google Scholar
  17. 17.
    Lewko, A., Waters, B.: New Techniques for Dual System Encryption and Fully Secure HIBE with Short Ciphertexts. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 455–479. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  18. 18.
    Li, S.-Y.-R., Yeung, R.-W., Cai, N.: Linear Network Coding. IEEE Trans. on Information Theory 49, 371–381 (2003)MathSciNetzbMATHCrossRefGoogle Scholar
  19. 19.
    Li, Y., Yao, H., Chen, M., Jaggi, S., Rosen, A.: RIPPLE Authentication for Network Coding. In: IEEE INFOCOM 2010 (2010)Google Scholar
  20. 20.
    Johnson, R., Molnar, D., Song, D., Wagner, D.: Homomorphic Signature Schemes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 244–262. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  21. 21.
    Matt, B.: Identification of Multiple Invalid Signatures in Pairing-Based Batched Signatures. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 337–356. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  22. 22.
    Shamir, A.: Identity-Based Cryptosystems and Signature Schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)CrossRefGoogle Scholar
  23. 23.
    Waters, B.: Efficient Identity-Based Encryption Without Random Oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  24. 24.
    Waters, B.: Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 619–636. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  25. 25.
    Zhao, F., Kalker, T., Médard, M., Han, K.: Signatures for Content Distribution with Network Coding. In: International Symposium on Information Theory (ISIT) (2007)Google Scholar

Copyright information

© International Association for Cryptologic Research 2011

Authors and Affiliations

  • Nuttapong Attrapadung
    • 1
  • Benoît Libert
    • 2
  1. 1.Research Center for Information SecurityAISTJapan
  2. 2.Crypto GroupUniversité catholique de LouvainBelgium

Personalised recommendations