Homomorphic MAC from Algebraic One-Way Functions for Network Coding with Small Key Size

Network coding is a routing technique that differs from traditional 'store-and-forward' mechanisms. It allows intermediate nodes to modify packets in transit. It is well known that network coding can increase throughput and improve robustness in network. However, it is the messages mixing feature that makes network coding susceptive to pollution attacks. To address this problem, homomorphic message authentication codes (MACs) have been proposed. The existing homomorphic MAC schemes adopt inner product to authenticate a message with a tag over a field F-q. In practical instantiations, the size of the field F-q is normally chosen (or desired) to be small (typically set as 2(8)) to limit computational and communication overheads. In these settings, an adversary will break the schemes with probability at least 1/q (typically 1/2(8)). The security is not guaranteed in this case. To waver the limitations and enhance the security, multiple tags are adopted for each message, that certainly incurs large key size overhead and is not preferred in applications. A scheme of homomorphic MAC with preferring security and shorter keys is much expected, and till now, to our knowledge, is not successfully constructed. This work solves this problem by presenting a new homomorphic MAC scheme for authentication in network coding. The proposed scheme allows us to authenticate a message in a linear space over a field of moderate size and at the same time, achieves a reliable security with a short key. The construction is based on a recently invented somewhat public-key notion: algebraic one-way function, by Catalano et al. (TCC 2013). Compared to the existing schemes, our scheme possesses the advantages that it achieves stronger security with much shorter keys, and is practical in applications. Hence resolve the longstanding problem.