Reducing Delay and Enhancing DoS Resistance in Multicast Authentication

In this chapter, our objective is to present strategies that reduce the delay associated with multicast authentication, make more efficient usage of receiver-side buffers, make delayed key disclosure authentication more resilient to buffer overflow denial of service attacks, and allow for multiple levels of trust in authentication. Throughout this chapter, we will focus our discussion on the popular multicast authentication scheme, Timed Efficient Stream Loss Tolerant Authentication (TESLA), though our techniques can apply to other authentication methods based upon the delayed key disclosure principle. Like other schemes based upon delayed key disclosure, TESLA is susceptible to DoS attacks and is not well-suited for delaysensitive applications. At the heart of our approach is a modification to TESLA, which we call Staggered TESLA, that employs several message authentication codes (MACs) that correspond to authentication keys that are staggered in time. Staggered MACs provide notions of partial authentication and allows for forged packets to be more readily removed from the buffer, thereby improving usage of the receiver’s buffer. A benefit of partial authentication is that one may define security policies that allow for partially authenticated packets to pass through the buffer, and thus packets will remain in the buffer for a shorter duration. In many scenarios accepting partially authenticated packets is unacceptable, and therefore we present two further techniques that may be used to reduce the delay needed for full authentication. The first strategy requires that the source has a guarantee that there are no adversaries within a certain network distance of the source. By having a guarantee of proximity protection, partially authenticated packets may be accepted as fully authentic. The second strategy for reducing full authentication delay that we present involves replicating the key distribution functionality within the network, and having a set of distributed key distributors transmit the key seeds. A benefit of all of these strategies is that they mitigate the threat of a buffer overflow DoS attack since an adversary must conduct a DoS attack at a higher attack rate.