A bandwidth efficient HMAC-based authentication scheme for network coding

Abstract

Pollution attacks in network coding result in the waste of bandwidth and computational resources. Several homomorphic message authentication code (HMAC) and signature-based schemes have been proposed to mitigate such attacks. In these schemes, authentication is achieved by appending several HMAC tags with or without a signature to the packet payload. This approach negatively affects the throughput as well as the communication overhead incurred by such schemes. A phenomenon determined by a property we dubbed as the admissible payload rate (APR). In this paper we propose an HMAC and signature-based authentication scheme that addresses the afore mentioned problems. It achieves this by reducing the number of symbols needed to represent a packet. We evaluated the performance of our scheme and compared our findings to the performance of similar, state of the art authentication schemes. Our comparisons revealed that the proposed scheme incurred a negligible percentage gain in computational complexity. However, with no extra key storage overhead, and without sacrificing security, our scheme achieved a significant percentage reduction in communication overhead. The above mentioned favorable characteristics make our scheme an ideal and practical authentication solution for networks where bandwidth is a constraint or an optimal throughput is a requirement.