CN114465733A - Secure network coding method based on improved RSA - Google Patents

Abstract

The invention discloses a security network coding method based on improved RSA, and relates to the technical field of network security; the method is based on the eavesdropping network model proposed by Yeung and Cai to establish the network topology structure used in the invention; and the replacement step is improved to improve the search complexity In order to ensure the safe transmission of data; for the KDC vulnerable problem, a secure network coding scheme based on improved RSA is established, which is applied between the source node and the KDC. Compared with other schemes, the method improves data security, has strong encryption performance, and can effectively resist eavesdropping attacks.

Description

A Secure Network Coding Method Based on Improved RSA

technical field

The invention relates to the technical field of network security, in particular to a security network coding method based on improved RSA.

Background technique

In 2000, Cai et al. innovatively proposed the network coding theory, which is different from the traditional routing store-and-forward method, which allows intermediate nodes to encode and decode the received messages first, and then process them. The subsequent data is forwarded. Network coding can not only improve network throughput, but also significantly improve network reliability, but network coding methods may be subject to network eavesdropping attacks and face security problems.

In order to improve the security of network coding, Yeung and Cai et al. proposed an anti-eavesdropping secure network communication model to resist eavesdropping attacks. Further, Cai et al. gave a specific construction scheme of the secure network model. Vilela et al. proposed the SPOC (Secure Practical network Coding) scheme based on cryptography. The SPOC scheme hides the source message by encrypting the precoding matrix. However, in this scheme, the encrypted precoding matrix and the source message need to be transmitted together. This creates a lot of network overhead. Zhang et al. proposed an encoding scheme based on permutation encryption (P-coding), which uses permutation operations to encrypt data, which can improve the encoding speed, but cannot resist known plaintext attacks. Guang et al. used the improved RSA algorithm to encrypt the DES key. The simulation results show that the scheme can effectively resist attacks and has higher security. However, none of the above schemes have a certain error correction ability. Brahimi et al. proposed a secure network coding scheme using subspace codes, which has a certain error correction ability, but the security of the scheme is insufficient.

SUMMARY OF THE INVENTION

Aiming at the problem that the key distribution center (Key Distribution Center, KDC) will be attacked when distributing replacement keys in a non-coherent network, the present invention proposes a secure network coding method, which utilizes an improved RSA algorithm for the replacement key P _K1 and P _K2 are encrypted, and then the replacement step is updated to improve the search complexity of the exhaustive search attack and ensure the security of data transmission.

In order to achieve the above-mentioned purpose, the application proposes a security network coding method based on improved RSA, comprising:

Based on the eavesdropping network model, construct the network topology;

Improve the replacement step and increase the search complexity to ensure the safe transmission of data;

A secure network coding scheme based on improved RSA is established, which is applied between the source node and the KDC.

Further, based on the eavesdropping network model, a network topology structure is constructed, including:

是F_q上的一个n维向量空间；令P(n)表示

的所有子空间集合，其构成F_q上的一个n阶射影空间；令G(k,n)表示n维向量空间

的所有k维子空间集合，其中k≤n；并且P(n)＝U_0≤k≤nG(k,n)；Obtain the subspace code: Let F _q denote a finite field with q elements,

is an n-dimensional vector space on F _q ; let P(n) denote

The set of all subspaces of , which constitute an n-order projective space on F _q ; let G(k,n) denote an n-dimensional vector space

The set of all k-dimensional subspaces of , where k≤n; and P(n)=U _0≤k≤n G(k,n);

则称C为恒维码(Constant Dimension Code CDC)；否则，称C为混合维度码(Mixed Dimension Code MDC)。A subspace code C is a non-empty subset of P(n); for 0≤k≤n, if

Then C is called constant dimension code (Constant Dimension Code CDC); otherwise, C is called mixed dimension code (Mixed Dimension Code MDC).

Further, let N be a network, which has S source nodes, T sink nodes and E channels; let C be a subspace code, c _c ∈ C is a certain subspace sent by the source s ∈ S to the sink. set t∈T transmission codewords;

The operator channel model is used to describe the scene channel, which uses I and O to define the input and output of the channel; I and O are subsets of P(n),

Η _k is a random operator that randomly returns the k-dimensional subspace H _k (I) and ε of I, where ε is the error subspace, which leads to the insertion of dim(ε), and dim(ε) is the vector space ε dimension.

Further, based on the eavesdropping network model, a network topology structure is constructed, which specifically includes:

Build network topology: The _{eavesdropping} network model is represented by quadruple (G, s, U, We ), with the following definitions:

(i) Use G=(V _G , E _G ) to represent an acyclic directed communication network, where V _G is the set of all nodes, and _EG is the set of all edges;

(ii) a source node s _G ∈ V _G ;

(iii) A set of sink nodes

(iv) a set of eavesdropping edges

The capacity of each edge in the network is unit capacity; let _V ={s} _{∪IG ∪UG} , IG is the set of intermediate nodes; it is assumed that there are countless eavesdroppers, and they do not cooperate with each other; key analysis One of the eavesdroppers, and this eavesdropper will be called Eve; let W∈W _e denote a set of eavesdropping edges used by Eve; |W| denote the vector collected by Eve, and the number of |W| denote the eavesdropping ability of Eve, It is represented by C _e ; |W|<C _m , C _m represents the multicast capacity of G;

An additional node is added as the key distribution center KDC, which is used to connect the source node and the sink node, and its channel is separated from the eavesdropping network.

Further, improve the replacement step, specifically:

The source information is a data stream containing n _D bits, the data stream is divided into a plurality of bit strings, the length of the bit string is m, and l bit strings form a group; if the number of bit strings is less than l, then fill; the divided data stream has the following representation:

Among them, d _ij ∈ F _q , i=1,2,...,l,j=1,2,...,m.

The bit string is permuted using the permutation keys P _k1 and P _k2 distributed by the KDC, where P _k1 is the row permutation key, and P _k2 is the column permutation key, respectively expressed as follows:

Combine the data to be encrypted with the row permutation matrix to obtain the row-encrypted data; then combine with the column permutation matrix to obtain the data after row and column encryption; then use the set S _c of subspace codes to encode, in The SCS (subspace coding strategy) strategy is used in the coding process.

表示，定义如下：Furthermore, in a network with multicast capacity C _m , the SCS policy is a quintuple, using

means, defined as follows:

(i) P(n) is a projective space of order n on F _q ,

是一个正整数，表示安全偏移率，(ii)

is a positive integer representing the safe offset rate,

是P(n)中的一组格拉斯曼码，(iii)

is a set of Grassmann codes in P(n),

并随机创建一个满映射θ:S_sym→{0,1}^m，(iv) set

and randomly create a full map θ:S _sym →{0,1} ^m ,

是一个双映射，

表示对Eve的窃听能力C_e的最大容量猜测；(v)

is a double map,

represents the maximum capacity guess for Eve's eavesdropping capability _Ce ;

The source will use the SCS strategy as a means of data transmission, and the subspace set _{S c} and the mappings θ, φ and the set ET are provided by KDC;

Let <V>∈c denote the currently selected codeword, where c∈S _c ; in each round of transmission, the source will inject valid codeword c with errors into the network, and these errors can be detected at the receiver. be corrected; when these codeword vectors pass through the network, perform RLNC encoding operations at nodes that support RLNC encoding;

After the sink node _u∈UG receives an erroneous version of the RLNC code, it obtains the correct codeword c through decoding, and finally obtains the source data through inverse permutation.

Further, a secure network coding scheme based on improved RSA is established, specifically: using the improved RSA algorithm to encrypt the row permutation key P _K1 and the column permutation key P _K2 , and the specific implementation process is:

Randomly select three large prime numbers p, q and r, f=pqr, φ(f)=(p-1)(q-1)(r-1);

The source node selects the encryption key g, and obtains the private key h satisfying hg≡1mod(f);

Send the public key (g, f) to the KDC;

The KDC generates E _(g,f) (P _K1 ||P _K2 ), and sends it to the source node;

The source node uses h to decrypt E _(g,f) (P _K1 ||P _K2 ), and uses Montgomery's modular multiplication and the Chinese remainder theorem to perform exponentiation in the decryption process.

Compared with the prior art, the above technical solutions adopted in the present invention have the following advantages: the present invention is based on the wiretapping network model proposed by Yeung and Cai to establish the network topology structure used in the present invention; and the replacement step is improved to increase the search complexity , in order to ensure the safe transmission of data; Aiming at the problem that KDC is vulnerable to attack, a secure network coding scheme based on improved RSA is established, which is applied between the source node and the KDC. Compared with other schemes, the method improves data security, has strong encryption performance, and can effectively resist eavesdropping attacks.

Description of drawings

Fig. 1 is the implementation process flow chart of the present invention;

Figure 2 is a diagram of a secure network coding scheme based on improved RSA;

Fig. 3 is a multicast network model diagram;

Figure 4 is a graph showing the relationship between guessing probability and Eve's eavesdropping ability;

FIG. 5 is a guessing probability diagram of the scheme of the present invention, SCS and SPOC.

Detailed ways

In order to make the purpose, technical solutions and advantages of the present application more clearly understood, the present application will be described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are only used to explain the present application, but not to limit the present application, that is, the described embodiments are only a part of the embodiments of the present application, rather than all the embodiments.

Example 1

As shown in Figure 1, the present invention provides a security network coding method based on improved RSA, comprising:

S1: Based on the eavesdropping network model proposed by Yeung and Cai, establish the network topology structure used in the present invention;

是F_q上的一个n维向量空间。令P(n)表示

的所有子空间集合，其构成F_q上的一个n阶射影空间。令G(k,n)表示n维向量空间

的所有k维子空间集合，其中k≤n；G(k,n)也被称为Grassmannian，并且P(n)＝U_0≤k≤nG(k,n)；S1.1 Get the subspace code: Let F _q denote a finite field with q elements,

is an n-dimensional vector space on _Fq . Let P(n) denote

The set of all subspaces of , which constitutes a projective space of order n on F _q . Let G(k,n) denote an n-dimensional vector space

The set of all k-dimensional subspaces of , where k≤n; G(k,n) is also called Grassmannian, and P(n)=U _0≤k≤n G(k,n);

称C为恒维码(Constant Dimension Code CDC)。否则，称C是混合维度码(Mixed Dimension Code MDC)。The subspace code C is a non-empty subset of P(n). For 0≤k≤n, if

Call C the constant dimension code (Constant Dimension Code CDC). Otherwise, C is said to be a mixed dimension code (Mixed Dimension Code MDC).

Let V be a matrix, and denote the subspace spanned by the row vectors of V by <V>. Similarly, the present invention represents a subspace by selecting a matrix that is stretched by row vectors.

Let N be a network with S source nodes, T sink nodes and E channels. Let C be a subspace code, and c _c ∈ C be the transmission codeword sent by the source s ∈ S to some subset t ∈ T of the sink. During transmission, the reduction of the dimensionality of the codeword _cc will bring deletion errors to the network channel. An insertion error occurs when a sink receives a codeword _cc ' for a set of vectors that are not in the subspace _spanned by the cc vectors.

The operator channel model is used to describe the scene channel, which uses I and O to define the input and output of the channel.

S1.2 constructs the network topology structure: The present invention adopts the wiretapping network model proposed by Yeung and Cai, and the network model is represented by _quadruple (G, s, U, We), and has the following definitions:

(i) Use G=(V _G , E _G ) to represent an acyclic directed communication network, where V _G is the set of all nodes, and _EG is the set of all edges;

(ii) a source node s _G ∈ V _G ;

(iii) A set of sink nodes

(iv) a set of eavesdropping edges

The capacity of each edge in the network is the unit capacity. Let _V ={s} _{∪IG ∪UG} , and IG is the set of intermediate nodes. Suppose there are countless eavesdroppers, and they don't cooperate with each other. The present invention focuses on analyzing one of the eavesdroppers, and this eavesdropper will be called Eve. Let W _∈ We denote the set of eavesdropping edges used by Eve. |W| represents the vector collected by Eve, and the number of |W| represents Eve's eavesdropping ability, denoted by C _e . |W|<C _m , C _m represents the multicast capacity of G.

Based on the network model proposed by Yeung and Cai, an additional node is added as a key distribution center (KDC). This node is used to connect the source node and the sink node, and its channel is separated from the eavesdropping network. In addition, the present invention uses the improved RSA algorithm to encrypt the replacement key distributed by the KDC.

S2: Improve the replacement step and increase the search complexity to ensure the safe transmission of data;

Specifically, the source information is a data stream containing n _D bits, and the data stream is divided into multiple bit strings. The length of the bit string is m, and l bit strings form a group. If the number of bit strings is less than 1, padding is performed.

The bit string will be permuted using the permutation keys P _K1 and P _K2 distributed by the KDC, and then encoded using the set S _c of subspace codes. The present invention uses the SCS (subspace coding strategy) strategy in the encoding process. In each round of transmission, the source will inject the codeword c with errors into the network, and these errors can be corrected at the receiver, where c∈S _c . As these codeword vectors traverse the network, RLNC encoding operations are performed at nodes that support RLNC encoding.

When the sink node _u∈UG receives an erroneous version of RLNC encoding, it will obtain the correct codeword c through decoding, and finally obtain the source data through inverse permutation.

S3: Aiming at the problem that KDC is vulnerable to attack, establish a secure network coding scheme based on improved RSA, which is applied between the source node and KDC;

Specifically, in order to ensure the security of P _K1 and P _K2 in the KDC, improved RSA is used to encrypt P _K1 and P _K2 . As shown in Figure 2, the secure network coding scheme is located between the source node and the KDC, and the specific implementation steps are as follows:

Step 1: Randomly select three large prime numbers p, q and r, f=pqr, φ(f)=(p-1)(q-1)(r-1).

Step 2: The source node selects the encryption key g, and obtains the private key h that satisfies hg≡1mod(f).

Step 3: Send the public key (g, f) to the KDC.

Step 4: KDC produces E _(g,f) (P _K1 ||P _K2 ).

Step 5: The KDC sends E _(g,f) (P _K1 ||P _K2 ) to the source node.

Step 6: The source node decrypts E _(g,f) (P _K1 ||P _K2 ) using h. In order to improve the computational efficiency, Montgomery modular multiplication and Chinese remainder theorem are used for exponentiation in the decryption process.

The network model is shown in Figure 3, and the data flow D of the source node is set to 121 bits. Set C _e =3, the minimum distance between subspace codes d≥9. Assuming that m=11, l=11, the set S _c = {C ₅ , C ₆ , C ₇ , C ₈ }, the characteristics of the code words in S _c are shown in Table 1. The elements used in _Sc are subspaces from the 16 _- dimensional environment vector space on F2. In the experiments of the present invention, some edges represent the edges that Eve can eavesdrop, and 0≤C _e ≤8. 0 means that Eve cannot access the network. The tapped vectors are all linearly independent.

Table 1 Characteristics of codewords in S _c

FIG. 4 shows the guess probability of the scheme of the present invention, SCS, Universal Security Network Coding Scheme (denoted as USUC scheme in the present invention) and SPOC. The guessing probability represents Eve's ability to obtain information from the source. In the present invention, the guessing probability is not only related to the number of possible combinations of codewords, but also to RSA, m and l. The guess probability of SCS is related to the number of possible combinations of codewords and l. The guess probability of USUC is related to the number of lost packets. The guess probability of SPOC is not only related to the number of lost packets, but also to the locked coding coefficient. It can be seen from FIG. 4 that the secure network coding scheme of the present invention has better guessing probability than SCS and SPOC. However, the search complexity of _USNC only depends on the number of possibilities of missing packets, making the security of this scheme highly dependent on Ce. When C _e ≥ C _m , USNC will no longer be considered safe.

Figure 5 shows the guess probabilities for the scheme of the present invention, SCS and SPOC when C _e ≥ C _m . The length len of the data packet is set to 24 during RLNC encoding. The encoded coefficients are sent with the packet. As shown in FIG. 5 , the guessing probability of the present invention is the smallest, so the security of the present invention is much higher than that of SCS and SPOC.

Table 2 shows the exhaustive search complexity of the scheme of the present invention, SCS, USNC and SPOC when C _e < C _m . The complexity of the present invention depends on the number of combinations of data packets and the number of m and l, and the complexity of the SCS depends on the number of combinations of data packets and the number of l. The complexity of USNC depends on the number of packets that Eve misses. For SPOC, in addition to guessing the number of lost packets, encoding coefficients and permutation keys must also be guessed. It can be seen from Table 2 that the present invention has the highest search complexity in an exhaustive search attack. This means that the present invention has the largest search space and better security.

Table 2 The search complexity of the scheme of the present invention and SCS, USNC and SPOC

The foregoing descriptions of specific exemplary embodiments of the present invention have been presented for purposes of illustration and description. These descriptions are not intended to limit the invention to the precise form disclosed, and obviously many changes and modifications are possible in light of the above teachings. The exemplary embodiments were chosen and described for the purpose of explaining certain principles of the invention and their practical applications, to thereby enable others skilled in the art to make and utilize various exemplary embodiments and various different aspects of the invention. Choose and change. The scope of the invention is intended to be defined by the claims and their equivalents.

Claims (7)

1. A method for secure network encoding based on improved RSA, comprising:

constructing a network topology structure based on the eavesdropping network model;

the replacement step is improved, and the search complexity is improved to ensure the safe transmission of data;

establishing a secure network encoding scheme based on modified RSA, the secure network encoding scheme being applied between the source node and the KDC.

2. The method as claimed in claim 1, wherein the step of constructing the network topology based on the eavesdropping network model specifically comprises:

obtaining a subspaceCode: let F_qRepresenting a finite field of q elements,

is F_qAn n-dimensional vector space; let P (n) denote

All subspace sets of (1), which constitute F_qAn n-order projection space; let G (k, n) denote an n-dimensional vector space

All k-dimensional subspace sets of (1), wherein k is less than or equal to n; and p (n) ═ U_0≤k≤nG(k,n)；

Subspace code C is a non-empty subset of P (n); for 0 ≦ k ≦ n, if

Then, the code is called C as constant dimension code; otherwise, the code is called C as the mixed dimension code.

3. A method according to claim 2, wherein N is a network having S source nodes, T sink nodes and E channels; let C be a subspace code, C_cC is a transmission codeword sent by the source S e S to some subset T e T of the sink;

the operator channel model is used for describing a scene channel, and the model defines the input and the output of the channel by using I and O; i and O are subsets of P (n),

Η_kis a random operator that randomly returns the k-dimensional subspace H of I_k(I) And ε, where ε is the error subspace, which results in the insertion of dim (ε), which is the dimension of the vector space ε.

4. The method according to claim 2, wherein the network topology is constructed based on the eavesdropping network model, and further comprising:

constructing a network topological structure: quadruple (G, s, U, W) for eavesdropping network model_e) By the following definitions:

(i) using G ═ V_G,E_G) Representing a loop-free directed communication network, in which V_GIs a collection of all nodes, E_GIs a collection of all edges;

(ii) an information source node s_G∈V_G；

(iii) A set of sink nodes

(iv) A group of eavesdropping edges

The capacity of each edge in the network is unit capacity; let V ═ s }. U I_G∪U_G，I_GIs a collection of intermediate nodes; it is assumed that there are countless eavesdroppers, and they do not cooperate with each other; analyzing one of the eavesdroppers with emphasis, and calling the eavesdropper as Eve; let W be equal to W_eA set of eavesdropping edges representing Eve usage; the vector collected by Eve is represented by W, the number of W represents the eavesdropping ability of Eve, and C is used_eRepresents; w < C_m，C_mIndicating the multicast capacity of G;

an additional node is added as a key distribution center KDC, which is used to connect the source node and the sink node and whose channel is separated from the eavesdropping network.

5. The improved RSA-based secure network coding method of claim 1, wherein the improved permutation step is specifically:

the source information is a packet containing n_DOf one bitA data stream, said data stream being divided into a plurality of bit strings, the bit strings having a length of m, a group of l bit strings; if the number of bit strings is less than l, padding; the divided data stream has the following representation mode:

wherein d is_ij∈F_q，i＝1,2,...,l,j＝1,2,...,m.

Permutation key P for distribution of bit strings using KDC_k1And P_k2Is subjected to a substitution wherein P_k1For the line replacement of the key, P_k2Representing the column replacement keys, respectively as follows:

combining the data to be encrypted with the row permutation matrix to obtain row-encrypted data; combining with the column permutation matrix to obtain data after row and column encryption; then using a set S of subspace codes_cCoding is carried out, and SCS strategy is used in the coding process.

6. A method for secure network coding based on improved RSA according to claim 5, wherein a multicast capacity C is used_mIn the network, the SCS strategy is a quintuple with

Expressed, defined as follows:

(i) p (n) is F_qIn the above-mentioned projection space of n order,

(ii)

is a positive integer, representing a safe offset rate,

(iii)

is a set of Grassmann codes in P (n),

(iv) is provided with

And randomly creating a full mapping θ S_sym→{0,1}^m，

(v)φ:

Is a double mapping of the number of the images,

representing eavesdropping capability C on Eve_eGuessing the maximum capacity of;

the source will use the SCS strategy as a means of data transmission, subspace aggregation S_cAnd mapping θ, φ and set E_TProvided by the KDC;

order to<V>E c represents the currently selected codeword, where c e S_c(ii) a In each round of transmission, the source injects effective code words c containing errors into the network, and when the code word vectors pass through the network, RLNC coding operation is carried out on the nodes supporting the RLNC coding;

sink node U e U_GAnd after an error version of RLNC coding is received, obtaining a correct code word c through decoding, and finally obtaining information source data through inverse permutation.

7. The method according to claim 1, wherein the secure network coding scheme based on the improved RSA is established by: replacing a Key P against a line Using an improved RSA Algorithm_K1And column replacement key P_K2Carry out encryption, concreteThe application process comprises the following steps:

randomly selecting three large prime numbers p, q and r, f is pqr, phi (f) is (p-1) (q-1) (r-1);

the information source node selects an encryption key g and acquires a private key h meeting hg ≡ 1mod (f);

sending the public key (g, f) to the KDC;

said KDC produces E_(g,f)(P_K1||P_K2) And sending the data to the information source node;

the source node decrypts E using h_(g,f)(P_K1||P_K2) In the decryption process, Montgomery modular multiplication and Chinese remainder theorem are adopted to carry out power multiplication operation.

Images