Collusion-Resistant Message Authentication in Overlay Multicast Communication

This paper aims at providing message authentication service in overlay multicast. Previous work has mostly focused on the network layer IP multicast and not as much work has been done on the application layer overlay multicast. A main feature of overlay multicast is that end systems carry on the responsibility of delivering the multicast traffic. Taking advantage of this feature, this paper presents a new collusion resistant technique, which is based on digital signature, for overlay multicast message authentication. The proposed technique minimizes both the computational cost (through signature amortization) and the communication overhead (using retransmissions and utilizing multiple multicast groups in handling message loss). In addition, it resists denial of service attacks via early dropping of forged messages. A simulation study is conducted to evaluate our proposed technique. Results of the study show that the proposed technique outperforms earlier ones.

[1]  Refik Molva,et al.  Efficient Multicast Packet Authentication , 2003, NDSS.

[2]  Adrian Perrig,et al.  The BiBa one-time signature and broadcast authentication protocol , 2001, CCS '01.

[3]  Roberto Tamassia,et al.  Multicast authentication in fully adversarial networks , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[4]  Dinesh C. Verma,et al.  ALMI: An Application Level Multicast Infrastructure , 2001, USITS.

[5]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[6]  Hussein M. Abdel-Wahab,et al.  Multicast error control for multimedia collaborative applications , 2004, Proceedings. ISCC 2004. Ninth International Symposium on Computers And Communications (IEEE Cat. No.04TH8769).

[7]  Stephen E. Deering,et al.  Host extensions for IP multicasting , 1986, RFC.

[8]  Silvio Micali,et al.  On-Line/Off-Line Digital Schemes , 1989, CRYPTO.

[9]  Burton S. Kaliski Advances in Cryptology - CRYPTO '97 , 1997 .

[10]  Pankaj Rohatgi,et al.  A compact and fast hybrid signature scheme for multicast packet authentication , 1999, CCS '99.

[11]  Rosario Gennaro,et al.  How to Sign Digital Streams , 1997, CRYPTO.

[12]  Srinivasan Seshan,et al.  A case for end system multicast , 2002, IEEE J. Sel. Areas Commun..

[13]  Dawn Song,et al.  The TESLA Broadcast Authentication Protocol , 2002 .

[14]  Hussein M. Abdel-Wahab,et al.  Multicast for multimedia collaborative applications: services and mechanisms , 2007, Int. J. Adv. Media Commun..

[15]  Simon S. Lam,et al.  Digital signatures for flows and multicasts , 1999, TNET.

[16]  Matthew K. Franklin,et al.  Lower Bounds for Multicast Message Authentication , 2001, EUROCRYPT.

[17]  Samir Khuller,et al.  OMNI: An efficient overlay multicast infrastructure for real-time applications , 2006, Comput. Networks.

[18]  Srinivasan Seshan,et al.  Enabling conferencing applications on the internet using an overlay muilticast architecture , 2001, SIGCOMM 2001.

[19]  Edwin K. P. Chong,et al.  Efficient multicast stream authentication using erasure codes , 2003, TSEC.

[20]  Don Towsley,et al.  Packet loss correlation in the MBone multicast network , 1996, Proceedings of GLOBECOM'96. 1996 IEEE Global Telecommunications Conference.

[21]  Sneha Kumar Kasera,et al.  Scalable reliable multicast using multiple multicast groups , 1997, SIGMETRICS '97.

[22]  Jean-Chrysotome Bolot End-to-end packet delay and loss behavior in the internet , 1993, SIGCOMM 1993.