跳到主要內容

臺灣博碩士論文加值系統

(44.200.194.255) 您好!臺灣時間:2024/07/18 12:13
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:徐浚宥
研究生(外文):Xu, Jun-You
論文名稱:在可編程交換器上實現的基於網路編碼技術的密文共享方案
論文名稱(外文):Implementation of a Network Coding-based Secret Sharing Scheme on Programmable Switches
指導教授:張燕光
指導教授(外文):Chang, Yeim-Kuan
口試委員:張燕光陳培殷鄭憲宗王丕中陳永源
口試委員(外文):Chang, Yeim-KuanChen, Pei-YinCheng, Sheng-TzongWang, Pi-ChungChen, Yung-Yuan
口試日期:2023-07-27
學位類別:碩士
校院名稱:國立成功大學
系所名稱:人工智慧科技碩士學位學程
學門:電算機學門
學類:軟體發展學類
論文種類:學術論文
論文出版年:2023
畢業學年度:111
語文別:英文
論文頁數:59
中文關鍵詞:軟體定義網路P4密文共享網路編碼
外文關鍵詞:Software-Defined NetworkingP4Secret SharingNetwork Coding
相關次數:
  • 被引用被引用:0
  • 點閱點閱:50
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
隨著網路的發展,多路徑傳輸技術已經得到廣泛的應用,可以透過多條傳輸路徑實現高效的數據傳輸,此外秘密分享方案隨著大數據的興起也開始有許多應用,透過將資料切割成多個子秘密傳送,除了能提高安全性同時也能減少資料丟失的可能性,只有當收集到足夠數量的子秘密時才能夠重建原始的資料,這種技術非常適合用於隱私資料的傳輸,同時也能應用於資料備份上,隨著網路設備功能逐漸增強,我們選擇在可編程交換器上實現秘密分享方案。我們首先基於隨機線性網路編碼將封包進行編碼,同時修改係數矩陣生成的方式,改善了傳統隨機線性網路編碼在解碼上不確定性的問題,以及過去隨機線性網路編碼使用區塊工作加密法中電子密碼本的編碼模式,我們將每個矩陣都以不同的係數矩陣編碼避免了當資料重複性高時編碼後的資料也具有關聯性,並且針對P4交換器無法進行除法運算的問題,我們提出以更大的查找表的方式解決,並且盡可能減少儲存的空間以及查找的次數,最後我們將編碼後的資料透過一組索引矩陣進行互斥或來產生最後要傳送的子秘密,我們基於區塊工作加密法對我們的方法進行不同模式下的修改及測試以了解傳統隨機線性網路編碼的方法與我們的方法在什麼樣的編碼模式下得到的安全性最佳,與先前的研究相比,我們在維持相同程度的安全性下,為資料增加了冗餘性同時保證了解碼的成功率,並且減少了28%的隨機數產生以及52%的乘法查找表的查找次數。
With the development of the internet, multipath transmission technology has been widely applied, to enable efficient data transmission via multiple transmission paths. In addition, secret sharing schemes have also begun to find many applications with the rise of big data. By splitting data into multiple sub-secrets for transmission, this not only enhances security but also reduces the possibility of data loss. Only when a sufficient number of sub-secrets are collected can the original data be reconstructed. This technique is very suitable for the transmission of private data and can also be applied to data backup. As internet device functionalities gradually increase, we have chosen to implement secret sharing schemes on programmable switches. First, we encode packets based on random linear network coding, and we modify the generation method of the coefficient matrix to improve the uncertainty of decoding in traditional random linear network coding. Furthermore, we modify the encoding mode of the electronic codebook in the block cipher used in previous random linear network coding. We encode each matrix with a different coefficient matrix to avoid data correlation in the encoded data when the data is highly repetitive. Given that P4 switches cannot perform division operations, we propose a solution using a larger lookup table, aiming to minimize storage space and the number of lookups. Finally, we generate the sub-secrets to be transmitted by XOR the encoded data with an index matrix. We modify and test our method under different modes based on block cipher mode to understand the best security achieved by traditional random linear network coding methods and our methods under various encoding modes. Compared to previous studies, we add redundancy to the data while maintaining the same level of security and guaranteeing decoding success. It also reduces random number generation by 28% and multiplication lookup table lookups by 52%.
摘要 i
Abstract ii
TABLE OF CONTENTS iv
LIST OF TABLES vi
LIST OF FIGURES vii
Chapter 1 Introduction 1
1.1 Introduction 1
1.2 Organization of the Thesis 2
Chapter 2 Background 3
2.1 Software-Defined Networking (SDN) 3
2.2 Programming Protocol-independent Packet Processors (P4) 4
2.2.1 BMV2 5
2.2.2 V1model 5
2.3 Block Cipher 6
2.3.1 Electronic Codebook (ECB) 6
2.3.2 Cipher Block Chaining (CBC) 7
2.3.3 Counter (CTR) 7
Chapter 3 Related Work 9
3.1 Secret Sharing 9
3.2 Network Coding (NC) 11
3.2.1 Exclusive-OR Network Coding (XOR) 13
3.2.2 Random Linear Network Coding (RLNC) 15
3.3 Finite Field Arithmetic in Network Switches 17
3.3.1 Table Method 18
3.3.2 Russian Peasant Multiplication 19
Chapter 4 Proposed Scheme 20
4.1 Motivation 20
4.2 Preliminaries 21
4.2.1 Notations 21
4.2.2 Galois Field 21
4.3 Overview 23
4.4 Create Generation Matrix 25
4.5 Share Generation 26
4.6 Share Reconstruction 30
4.7 Implement in P4 Switch 32
4.7.1 Finite Field Arithmetic 33
4.7.2 Packet Buffer 35
4.7.3 Generate IM and CM 37
4.7.4 Encoding Method 39
4.7.5 Decoding Method 42
Chapter 5 Experimental Results 44
5.1 Experimental Environment 44
5.2 Experimental Results 44
5.3 Uniformity 46
5.3.1 Distribution Test 47
5.3.2 Entropy Test 48
5.4 Independence Property 49
5.4.1 Correlation Test 50
5.4.2 Difference Test 52
Chapter 6 Conclusion 55
Reference 56
[1]Demmler, Daniel, Thomas Schneider, and Michael Zohner. "ABY-A framework for efficient mixed-protocol secure two-party computation." NDSS. 2015.
[2]A. Shamir, “How to share a secret,” Commun. ACM, vol. 22, no. 11, pp. 612–613, 1979
[3]McKeown, Nick, et al. "OpenFlow: enabling innovation in campus networks." ACM SIGCOMM computer communication review 38.2 (2008): 69-74.
[4]Bosshart, Pat, et al. "P4: Programming protocol-independent packet processors." ACM SIGCOMM Computer Communication Review 44.3 (2014): 87-95.
[5]"p4lang/behavioral-model: The reference P4 software switch."
[6]Openvswitch, Available: https://www.openvswitch.org/
[7]V1model, Available : https://github.com/p4lang/p4c/blob/main/p4include/v1model.p4
[8]Yuan, Bin, et al. "Secure data transportation with software-defined networking and kn secret sharing for high-confidence IoT services." IEEE Internet of Things Journal 7.9 (2020): 7967-7981.
[9]Alouneh, Sahel, Anjali Agarwal, and Abdeslam En-Nouaary. "A novel path protection scheme for MPLS networks using multi-path routing." Computer Networks 53.9 (2009): 1530-1545.
[10]Ahlswede, Rudolf, et al. "Network information flow." IEEE Transactions on information theory 46.4 (2000): 1204-1216.
[11]Ho, Tracey, et al. "A random linear network coding approach to multicast." IEEE Transactions on information theory 52.10 (2006): 4413-4430.
[12]Katti, Sachin, et al. "XORs in the air: Practical wireless network coding." Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications. 2006.
[13]Dimakis, Alexandros G., et al. "Network coding for distributed storage systems." IEEE transactions on information theory 56.9 (2010): 4539-4551.
[14]Peralta, Goiuri, et al. "Homomorphic encryption and network coding in iot architectures: Advantages and future challenges." Electronics 8.8 (2019): 827.
[15]Thao, Tran Phuong, et al. "Optimizing share size in efficient and robust secret sharing scheme for big data." IEEE Transactions on Big Data 7.4 (2017): 703-716.
[16]Gonçalves, Diogo, et al. "Random linear network coding on programmable switches." 2019 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS). IEEE, 2019.
[17]Huang, Hong-Jhih, Chin-Ya Huang, and Yu-Kai Lee. "PINC: Design and Implementation of Inter-Flow Network Coding in P4-enabled Networks." 2021 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN). IEEE, 2021.
[18]Greenan, Kevin M., Ethan L. Miller, and Thomas JE Schwarz SJ. "Optimizing Galois Field arithmetic for diverse processor architectures and applications." 2008 IEEE International Symposium on Modeling, Analysis and Simulation of Computers and Telecommunication Systems.
[19]Geeksforgeeks, “Russian Peasant Muliply using bitwise operators”, Avaliable: https://www.geeksforgeeks.org/russian-peasant-multiply-two-numbers-using-bitwise-operators/
[20]Benvenuto, Christoforus Juan. "Galois field in cryptography." University of Washington 1.1 (2012): 1-11.
[21]NIST, Recommendation for Block Cipher Modes of Operation Methods and Techniques: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf
[22]NIST, Announcing the ADVANCED ENCRYPTION STANDARD (AES) 7, Available at https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf
[23]Delfs, H., Knebl, H. (2015). Unconditional Security of Cryptosystems. In: Introduction to Cryptography. Information Security and Cryptography. Springer, Berlin, Heidelberg.
[24]Chen, Xiaoqi. "Implementing AES encryption on programmable switches via scrambled lookup tables." Proceedings of the Workshop on Secure Programmable Network Infrastructure. 2020.
[25]Yoshinaka, Yutaro, et al. "On implementing ChaCha on a programmable switch." Proceedings of the 5th International Workshop on P4 in Europe. 2022.
[26]Oliveira, Isaac, et al. "Dh-aes-p4: on-premise encryption and in-band key-exchange in p4 fully programmable data planes." 2021 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN). IEEE, 2021.
[27]Mininet, Available: http://mininet.org/
[28]Scapy, Available: https://scapy.net/
[29]P4, Available: https://p4.org/
[30]William, Stallings (2016). Cryptography and network security : principles and practice (Seventh ed.). Boston. p. 136
[31]"Thirteen Ways to Look at the Correlation Coefficient", The American Statistician, vol. 42, no. 1, pp. 59-66, 1988.
[32]Berrut, Jean-Paul, and Lloyd N. Trefethen. "Barycentric lagrange interpolation." SIAM review 46.3 (2004): 501-517.
[33]Ostovari, Pouya, and Jie Wu. "Toward Network Coding for Cyber‐Physical Systems: Security Challenges and Applications." Security and Privacy in Cyber‐Physical Systems: Foundations, Principles and Applications (2017): 223-242.
[34]Invertibility criterion for triangular matrices: https://math.ucr.edu/~res/math132-2017/triangular.pdf
電子全文 電子全文(網際網路公開日期:20280825)
連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關期刊