Comparative study of multicast authentication schemes with application to wide-area measurement system

Multicasting refers to the transmission of a message to multiple receivers at the same time. To enable authentication of sporadic multicast messages, a conventional digital signature scheme is appropriate. To enable authentication of a multicast data stream, however, an authenticated multicast or multicast authentication (MA) scheme is necessary. An MA scheme can be constructed from a conventional digital signature scheme or a multiple-time signature (MTS) scheme. A number of MTS-based MA schemes have been proposed over the years. Here, we formally analyze four MA schemes, namely BiBa, TV-HORS, SCU+ and TSV+. Among these MA schemes, SCU+ is an MA scheme we constructed from an MTS scheme designed for secure code update, and TSV+ is our patched version of TSV, an MA scheme which we show to be vulnerable. Based on our simulation-validated analysis, which complements and at places rectifies or improves existing analyses, we compare the schemes' computational and communication efficiencies relative to their security levels. For numerical comparison of the schemes, we use parameters relevant for a smart (power) grid component called wide-area measurement system. Our comparison shows that TV-HORS, while algorithmically unsophisticated and not the best performer in all categories, is the most balanced performer. SCU+, TSV+ and by implication the schemes from which they are extended do not offer clear advantages over BiBa, the oldest among the schemes.

[1]  Tassos Dimitriou,et al.  Authenticated In-Network Programming for Wireless Sensor Networks , 2006, ADHOC-NOW.

[2]  Yookun Cho,et al.  Efficient One-time Signature Schemes for Stream Authentication , 2006, J. Inf. Sci. Eng..

[3]  Marimuthu Palaniswami,et al.  WAKE: Key management scheme for wide-area measurement systems in smart grid , 2013, IEEE Communications Magazine.

[4]  Quynh H. Dang,et al.  Recommendation for Applications Using Approved Hash Algorithms , 2009 .

[5]  Qinghua Li,et al.  Multicast Authentication in the Smart Grid With One-Time Signature , 2011, IEEE Transactions on Smart Grid.

[6]  Anjan Bose,et al.  Smart grid communication requirements for the high voltage power system , 2011, 2011 IEEE Power and Energy Society General Meeting.

[7]  Catherine A. Meadows,et al.  Formalizing GDOI group key management requirements in NPATRL , 2001, CCS '01.

[8]  Huaxiong Wang,et al.  Authentication of Digital Streams , 2011, IEEE Transactions on Information Theory.

[9]  Bart Preneel,et al.  Power consumption evaluation of efficient digital signature schemes for low power devices , 2005, WiMob'2005), IEEE International Conference on Wireless And Mobile Computing, Networking And Communications, 2005..

[10]  Quynh H. Dang,et al.  Recommendation for Applications Using Approved Hash Algorithms | NIST , 2012 .

[11]  Yookun Cho,et al.  HORSIC: An efficient one-time signature scheme for wireless sensor networks , 2012, Inf. Process. Lett..

[12]  Klara Nahrstedt,et al.  Time Valid One-Time Signature for Time-Critical Multicast Data Authentication , 2009, IEEE INFOCOM 2009.

[13]  Dirk Westhoff,et al.  A ROM-friendly secure code update mechanism for WSNs using a stateful-verifier τ-time signature scheme , 2009, WiSec '09.

[14]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[15]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[16]  Jianqing Zhang,et al.  Application-Aware Secure Multicast for Power Grid Communications , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[17]  Rainer Steinwandt,et al.  A one-time signature using run-length encoding , 2008, Inf. Process. Lett..

[18]  Rakesh Bobba,et al.  PBES: a policy based encryption system with application to data sharing in the power grid , 2009, ASIACCS '09.

[19]  Markus Jakobsson,et al.  Almost Optimal Hash Sequence Traversal , 2002, Financial Cryptography.

[20]  B.K. Yi,et al.  Digital signatures , 2006, IEEE Potentials.

[21]  Huaxiong Wang,et al.  Multiple-Time Signature Schemes against Adaptive Chosen Message Attacks , 2003, Selected Areas in Cryptography.

[22]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[23]  Adrian Perrig,et al.  The BiBa one-time signature and broadcast authentication protocol , 2001, CCS '01.

[24]  Phillip G. Bradford,et al.  Foundations of Security for Hash Chains in Ad Hoc Networks , 2003, 23rd International Conference on Distributed Computing Systems Workshops, 2003. Proceedings..

[25]  Phillip G. Bradford,et al.  International Journal of High Performance Computing and Networking 1 Hash Chains with Diminishing Ranges for Sensors , 2022 .

[26]  Yi Xu,et al.  A survey on the communication architectures in smart grid , 2011, Comput. Networks.

[27]  Annabelle Lee,et al.  Guidelines for Smart Grid Cyber Security , 2010 .

[28]  Douglas R. Stinson,et al.  Some Observations on the Theory of Cryptographic Hash Functions , 2006, Des. Codes Cryptogr..

[29]  Leonid Reyzin,et al.  Better than BiBa: Short One-Time Signatures with Fast Signing and Verifying , 2002, ACISP.