Abstract
We consider the stream authentication problem when an adversary has the ability to drop, reorder or inject data packets in the network. We propose a coding approach for multicast stream authentication using the list-decoding property of Reed-Solomon codes. We divide the data to be authenticated into a stream of packets and associate a single signature for every λn packets where λ and n are predesignated parameters. Our scheme, which is also joinable at the boundary of any n-packet block, can be viewed as an extension of Lysyanskaya, Tamassia and Triandopoulos’s technique in which λ = 1. We show that by choosing λ and n appropriately, our scheme outperforms theirs in both signature and verification time.
Our approach relies on signature dispersion as SAIDA and eSAIDA. Assuming that we use RSA for signing and MD5 for hashing, we give an approximation of the proportion of extra packets per block which could be processed via our technique with respect to the previous scheme. As example when we process λ = 1000 blocks of 20000 64-byte-packets, the gain of our scheme with respect to Lysyanskaya et al.’s is about 30 %.
This work was supported by the Australian Research Council under ARC Discovery Project DP0344444.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Al-Ibrahim, M., Pieprzyk, J.: Authenticating multicast streams in lossy channels using threshold techniques. In: Lorenz, P. (ed.) ICN 2001. LNCS, vol. 2094, p. 239. Springer, Heidelberg (2001)
Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, p. 514. Springer, Heidelberg (2001)
Challal, Y., Bettahar, H., Bouabdallah, A.: A taxonomy of multicast data origin authentication: Issues and solutions. IEEE Communications Surveys and Tutorials 6 (October 2004)
Challal, Y., Bouabdallah, A., Bettahar, H.: H2A: Hybrid hash-chaining scheme for adaptive multicast source authentication of media-streaming. Computer & Security 24 (February 2005)
Gennaro, R., Rohatgi, P.: How to Sign Digital Streams. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 180–197. Springer, Heidelberg (1997)
Golle, P., Modadugu, N.: Authenticating streamed data in the presence of random packet loss. In: NDSS 2001. Internet Society (February 2001)
Guruswami, V., Sudan, M.: Improved decoding of Reed-Solomon and algebraic-geometric codes. IEEE Trans. Info. Theory (May 1999)
Lysyanskaya, A., Tamassia, R., Triandopoulos, N.: Multicast authentication in fully adversarial networks. In: IEEE Symposium on Security and Privacy (November 2003)
MacWilliams, F.J., Sloane, N.J.A.: The Theory of Error-Correcting Codes. North-Holland, Amsterdam (1977)
Merkle, R.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, Heidelberg (1990)
Miner, S., Staddon, J.: Graph-based authentication of digital streams. In: IEEE Symposium on Security and Privacy (May 2001)
Pannetrat, A., Molva, R.: Authenticating real time packet streams and multicasts (July 2002)
Park, J.M., Chong, E.K.P., Siegel, H.J.: Efficient multicast packet authentication using signature amortization. In: IEEE Symposium on Security and Privacy (May 2002)
Park, J.M., Chong, E.K.P., Siegel, H.J.: Efficient multicast stream authentication using erasure codes. In: ACM - TISSEC, vol. 6 (May 2003)
Park, Y., Cho, Y.: The eSAIDA stream authentication scheme. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.) ICCSA 2004. LNCS, vol. 3046, pp. 799–807. Springer, Heidelberg (2004)
Paxson, V.: End-to-end Internet packet dynamics. IEEE/ACM Transactions on Networking (June 1999)
Perrig, A., Canetti, R., Tygar, J., Song, D.: Efficient authentication and signing of multicast streams over lossy channels. In: IEEE Symposium on Security and Privacy (May 2000)
Perrig, A., Tygar, J.D.: Secure Broadcast Communication in Wired and Wireless Networks. Kluwer Academic Publishers, Dordrecht (2003)
Pieprzyk, J., Hardjono, T., Seberry, J.: Fundamentals of Computer Security. Springer, Heidelberg (2003)
Rabin, M.O.: Efficient dispersal of information for security, load balancing, and fault tolerance. Journal of the Association for Computing machinery 36 (April 1989)
Rohatgi, P.: A compact and fast hybrid signature scheme for multicast packet authentication. In: CCS 1999 (1999)
Stinson, D.R.: Cryptography: Theory and Practice. CRC Press, Boca Raton (1995)
Wong, C.K., Lam, S.S.: Digital signatures for flows and multicasts. IEEE/ACM Transactions on Networking 7 (August 1999)
Yajnik, M., Moon, S., Kurose, J., Towsley, D.: Measurement and modeling of the temporal dependence in packet loss. In: IEEE Infocom. IEEE Press, Los Alamitos (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tartary, C., Wang, H. (2006). Efficient Multicast Stream Authentication for the Fully Adversarial Network Model. In: Song, JS., Kwon, T., Yung, M. (eds) Information Security Applications. WISA 2005. Lecture Notes in Computer Science, vol 3786. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11604938_9
Download citation
DOI: https://doi.org/10.1007/11604938_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-31012-9
Online ISBN: 978-3-540-33153-7
eBook Packages: Computer ScienceComputer Science (R0)