Multicast Authentication over Lossy Channels

Authentication is critical to ensure the origin of a multicast stream. To avoid computationally expensive signature operations on each packet, conventional schemes divide a multicast stream into blocks, associate each block with a signature, and spread the effect of the signature across all the packets in the block through hash chains or codes. However, most of them suffer from drawbacks such as vulnerability to packet loss and authentication latency at the sender and/or receivers. Unlike the block-based approach, we develop a novel Multicast Authentication scheme based on Batch Signature (MABS). In particular, each packet is attached with a signature, and a receiver authenticates any number of packets simultaneously by verifying their signatures through only one verification operation. We propose three implementations of MABS including two new batch signature schemes based on BLS and DSA and show they are more efficient than the batch RSA signature scheme. MABS is perfectly resilient to packet loss and completely eliminate the authentication latency at the sender and receivers.

[1]  Moti Yung,et al.  Multi-receiver/multi-sender network security: efficient authenticated multicast/feedback , 1992, [Proceedings] IEEE INFOCOM '92: The Conference on Computer Communications.

[2]  Colin Boyd,et al.  Attacking and Repairing Batch Verification Schemes , 2000, ASIACRYPT.

[3]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[4]  Dawn Song,et al.  TESLA: Multicast Source Authentication Transform , 2000 .

[5]  Philippe Golle,et al.  Authenticating Streamed Data in the Presence of Random Packet Loss , 2001, NDSS.

[6]  Adrian Perrig,et al.  The BiBa one-time signature and broadcast authentication protocol , 2001, CCS '01.

[7]  L. Harn Batch verifying multiple DSA-type digital signatures , 1998 .

[8]  Chae Hoon Lim,et al.  Security of interactive DSA batch verification , 1994 .

[9]  Simon S. Lam,et al.  Digital signatures for flows and multicasts , 1999, TNET.

[10]  Jessica Staddon,et al.  Graph-based authentication of digital streams , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[11]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[12]  Yacine Challal,et al.  A taxonomy of multicast data origin authentication: Issues and solutions , 2004, IEEE Communications Surveys & Tutorials.

[13]  David Hutchison,et al.  A survey of key management for secure group communication , 2003, CSUR.

[14]  Lein Harn,et al.  Batch verifying multiple RSA digital signatures , 1998 .

[15]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[16]  Mihir Bellare,et al.  Fast Batch Verification for Modular Exponentiation and Digital Signatures , 1998, IACR Cryptol. ePrint Arch..

[17]  Moni Naor,et al.  Multicast security: a taxonomy and some efficient constructions , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[18]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[19]  Bruno Crispo,et al.  Individual single source authentication on the MBONE , 2000, 2000 IEEE International Conference on Multimedia and Expo. ICME2000. Proceedings. Latest Advances in the Fast Changing World of Multimedia (Cat. No.00TH8532).

[20]  Paulo S. L. M. Barreto,et al.  Efficient Algorithms for Pairing-Based Cryptosystems , 2002, CRYPTO.

[21]  David M'Raïhi,et al.  Can D.S.A. be Improved? Complexity Trade-Offs with the Digital Signature Standard , 1994, EUROCRYPT.

[22]  Adrian Perrig,et al.  Distillation Codes and Applications to DoS Resistant Multicast Authentication , 2004, NDSS.

[23]  Yuguang Fang,et al.  BABRA: Batch-based Broadcast Authentication in Wireless Sensor Networks , 2006 .

[24]  D. Eastlake,et al.  Secure Hash Algorithm-1 , 2001 .

[25]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[26]  Lein Harn DSA type secure interactive batch verification protocols , 1995 .

[27]  Edwin K. P. Chong,et al.  Efficient multicast stream authentication using erasure codes , 2003, TSEC.

[28]  Ian F. Blake,et al.  Elliptic curves in cryptography , 1999 .

[29]  Stephen E. Deering,et al.  Multicast routing in internetworks and extended LANs , 1988, SIGCOMM '88.

[30]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[31]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[32]  Rosario Gennaro,et al.  How to Sign Digital Streams , 1997, CRYPTO.