Abstract
We study the multicast stream authentication problem when an opponent can drop, reorder and inject data packets into the communication channel. In this context, bandwidth limitation and fast authentication are the core concerns. Therefore any authentication scheme is to reduce as much as possible the packet overhead and the time spent at the receiver to check the authenticity of collected elements. Recently, Tartary and Wang developed a provably secure protocol with small packet overhead and a reduced number of signature verifications to be performed at the receiver.
In this paper, we propose an hybrid scheme based on Tartary and Wang’s approach and Merkle hash trees. Our construction will exhibit a smaller overhead and a much faster processing at the receiver making it even more suitable for multicast than the earlier approach. As Tartary and Wang’s protocol, our construction is provably secure and allows the total recovery of the data stream despite erasures and injections occurred during transmission.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Al-Ibrahim, M., Pieprzyk, J.: Authenticating multicast streams in lossy channels using threshold techniques. In: Lorenz, P. (ed.) ICN 2001. LNCS, vol. 2094, pp. 239–249. Springer, Heidelberg (2001)
Barić, N., Pfitzmann, B.: Collision-free accumulators and fail-stop signature schemes without trees. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 480–494. Springer, Heidelberg (1997)
Barreto, P.S., Kim, H.Y., Lynn, B., Scott, M.: Efficient algorithms for pairing-based cryptosystems. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 354–369. Springer, Heidelberg (2002)
Benaloh, J., de Mare, M.: One-way accumulators: A decentralized alternative to digital signatures. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 274–285. Springer, Heidelberg (1994)
Blundo, C., De Santis, A., Herzberg, A., Kutten, S., Vaccaro, U., Yung, M.: Perfectly-secure key distribution for dynamic conferences. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 471–486. Springer, Heidelberg (1993)
Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)
Contini, S., Lenstra, A.K., Steinfeld, R.: VSH: an efficient and provable collision resistant hash function. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 165–182. Springer, Heidelberg (2006)
Dai, W.: Crypto++ 5.2.1 benchmarks (July 2004)
Desmedt, Y., Frankel, Y., Yung, M.: Multi-receiver/multi-sender network security: Efficient authenticated multicast/feedback. In: IEEE INFOCOM 1992, vol. 3, pp. 2045–2054. IEEE Computer Society Press, Los Alamitos (1992)
Fu, J.C., Lou, W.Y.W.: Distribution Theory of Runs and Patterns and its Applications. World Scientific Publishing, Singapore (2003)
Gennaro, R., Rohatgi, P.: How to sign digital streams. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 180–197. Springer, Heidelberg (1997)
Golle, P., Modadugu, N.: Authenticating streamed data in the presence of random packet loss. In: Symposium on Network and Distributed Systems Security, pp. 13–22. Internet Society (2001)
Guruswami, V.: List Decoding of Error-Correcting Codes. Springer, Heidelberg (2004)
Guruswami, V., Sudan, M.: Improved decoding of Reed-Solomon and algebraic-geometric codes. IEEE Transactions on Information Theory 45(6), 1757–1767 (1999)
Karlof, C., Sastry, N., Li, Y., Perrig, A., Tygar, J.D.: Distillation codes and applications to DoS resistant multicast authentication. In: 11th Network and Distributed Systems Security Symposium (NDSS) (2004)
Lidl, R., Niederreiter, H.: Introduction to Finite Fields and their Applications - Revised Edition. Cambridge University Press, Cambridge (2000)
Lysyanskaya, A., Tamassia, R., Triandopoulos, N.: Multicast authentication in fully adversarial networks. In: IEEE Symposium on Security and Privacy, pp. 241–253. IEEE Computer Society Press, Los Alamitos (2003)
MacWilliams, F.J., Sloane, N.J.A.: The Theory of Error-Correcting Codes. North-Holland, Amsterdam (1977)
Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton, USA (1996)
Merkle, R.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, Heidelberg (1990)
Miner, S., Staddon, J.: Graph-based authentication of digital streams. In: IEEE Symposium on Security and Privacy, pp. 232–246. IEEE Computer Society Press, Los Alamitos (2001)
Moon, T.K.: Error Correction Coding: Mathematical Methods and Algorithms. Wiley, Chichester (2005)
National Institute of Standards and Technology. FIPS 180-2: Secure Hash Standard (SHS) (August 2002. Amended 25 (February 2004)), available online at: http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf
Nguyen, L.: Accumulators from bilinear pairings and applications. In: Menezes, A.J. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 275–292. Springer, Heidelberg (2005)
Nyberg, K.: Fast accumulated hashing. In: Gollmann, D. (ed.) Fast Software Encryption. LNCS, vol. 1039, pp. 83–87. Springer, Heidelberg (1996)
Pannetrat, A., Molva, R.: Authenticating real time packet streams and multicasts. In: 7th International Symposium on Computers and Communications, IEEE Computer Society Press, Los Alamitos (2002)
Park, J.M., Chong, E.K.P., Siegel, H.J.: Efficient multicast packet authentication using signature amortization. In: IEEE Symposium on Security and Privacy, pp. 227–240. IEEE Computer Society Press, Los Alamitos (2002)
Park, J.M., Chong, E.K.P., Siegel, H.J.: Efficient multicast stream authentication using erasure codes. ACM Transactions on Information and System Security 6(2), 258–285 (2003)
Park, Y., Cho, Y.: The eSAIDA stream authentication scheme. In: Laganà, A., Gavrilova, M., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.) ICCSA 2004. LNCS, vol. 3046, pp. 799–807. Springer, Heidelberg (2004)
Paxson, V.: End-to-end Internet packet dynamics. IEEE/ACM Transactions on Networking 7(3), 277–292 (1999)
Perrig, A., Canetti, R., Tygar, J.D., Song, D.: Efficient authentication and signing of multicast streams over lossy channels. In: IEEE Symposium on Security and Privacy, pp. 56–73. IEEE Computer Society Press, Los Alamitos (2000)
Perrig, A., Tygar, J.D.: Secure Broadcast Communication in Wired and Wireless Networks. Kluwer Academic Publishers, Dordrecht (2003)
Pieprzyk, J., Hardjono, T., Seberry, J.: Fundamentals of Computer Security. Springer, Heidelberg (2003)
Rivest, R.L., Shamir, A., Adelman, L.: A method for obtaining digital signatures and public key cryptosystems. Communication of the ACM 21(2), 120–126 (1978)
Rohatgi, P.: A compact and fast hybrid signature scheme for multicast packet authentication. In: 6th ACM Conference on Computer and Communications Security, pp. 93–100. ACM Press, New York (1999)
Safavi-Naini, R., Wang, H.: New results on multi-receiver authentication code. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 527–541. Springer, Heidelberg (1998)
Scott, M., Costigan, N., Abdulwahab, W.: Implementing cryptographic pairings on smartcards. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 134–147. Springer, Heidelberg (2006)
Stinson, D.R.: Cryptography: Theory and Practice, 3rd edn. Chapman & Hall/CRC (2006)
Tartary, C., Wang, H.: Achieving multicast stream authentication using MDS codes. In: Pointcheval, D., Mu, Y., Chen, K. (eds.) CANS 2006. LNCS, vol. 4301, pp. 108–125. Springer, Heidelberg (2006)
Tartary, C., Wang, H.: Efficient multicast stream authentication for the fully adversarial network. International Journal of Security and Network (Special Issue on Cryptography in Networks) 2(3/4), 175–191 (2007)
Wong, C.K., Lam, S.S.: Digital signatures for flows and multicasts. IEEE/ACM Transactions on Networking 7(4), 502–513 (1999)
Yajnik, M., Moon, S., Kurose, J., Towsley, D.: Measurement and modeling of the temporal dependence in packet loss. In: IEEE INFOCOM 1999, vol. 1, pp. 345–352. IEEE Computer Society Press, Los Alamitos (1999)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tartary, C., Wang, H., Pieprzyk, J. (2007). An Hybrid Approach for Efficient Multicast Stream Authentication over Unsecured Channels. In: Susilo, W., Liu, J.K., Mu, Y. (eds) Provable Security. ProvSec 2007. Lecture Notes in Computer Science, vol 4784. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-75670-5_2
Download citation
DOI: https://doi.org/10.1007/978-3-540-75670-5_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-75669-9
Online ISBN: 978-3-540-75670-5
eBook Packages: Computer ScienceComputer Science (R0)