文摘
In this paper, we consider the related-key attack (RKA) on the network coding signature (NCS) scheme, which is widely used to protect network coding against pollution attacks. In particular, based on the original security model proposed by Boneh et al. in PKC 2009, we first give the definition of RKA security for general NCS schemes. Then, by presenting a concrete pollution attack on the random-model (RO) based NCS scheme of Boneh et al., we prove that their scheme is not RKA secure in a “weaker” sense (w.r.t. linear functions). Lastly, we show that a slight modification of it yields a “stronger” RKA secure (w.r.t. d-order polynomial functions) NCS scheme under the d-co-computational Diffie-Hellman (d-co-CDH) assumption of bilinear groups.