Secure Network Coding for a P2P System

Network coding is a data transmission technique which allows intermediate nodes in a network to re-code data in transit. In contrast to traditional network communication where a node repeats incoming data to its outgoing channel without modifying the payload, a node implementing network coding not only repeats but also alters data. Network coding has been demonstrated to increase network throughput compared to the traditional forwarding transmission. It has potentially broad applications in many areas, including traditional computer networks, wireless ad-hoc networks, and peer-topeer systems. Nevertheless, the usefulness of network coding in peerto-peer (P2P) systems is still in dispute [6, 10, 4]. Previous results are based on simulations and theoretical analysis, and thus may not reflect real network conditions. (Although a real-world implementation is given in [5], there is no real-world performance comparison between a network coding enabled system and a system not using network coding.) Neither has prior work considered performance overhead due to security, even though network coding has a critical security vulnerability — the pollution attack. Since data is re-coded in transit in a network codingenabled network, all data blocks are combinations of original blocks of a file, and none of them is immediately verifiable as having correct content by using traditional signatures and hashes. Moreover, any node doing re-coding can introduce introduce invalid data, corrupting every instance of the file currently being downloaded that incorporates the corrupted block. Although the final decoded file can be identified as corrupted with a traditional hash, the amount of bandwidth, storage, and computation time wasted on the invalid file cannot be recovered. Several schemes have been proposed to solve this problem [8, 3, 11, 7], but they are generally rather expensive or not applicable to P2P systems. In this paper, we seek to answer to the following question: can secure network coding in real-world environments provide better performance than a protocol without network coding? We first propose an efficient homomorphic signature scheme which allows for real-time verification of encoded data. We implement our scheme, modify a BitTorrent [1] client to use our secure network coding libraries, and measure its performance in a wide area network. Our measurements in PlanetLab show secure network coding is feasible in P2P systems; in general network secure coding archives better performance than BitTorrent, and exhibits much shorter download time in some special cases.