An Application-Level Data Transparent Authentication Scheme without Communication Overhead

With abundant aggregate network bandwidth, continuous data streams are commonly used in scientific and commercial applications. Correspondingly, there is an increasing demand of authenticating these data streams. Existing strategies explore data stream authentication by using message authentication codes (MACs) on a certain number of data packets (a data block) to generate a message digest, then either embedding the digest into the original data, or sending the digest out-of-band to the receiver. Embedding approaches inevitably change the original data, which is not acceptable under some circumstances (e.g., when sensitive information is included in the data). Sending the digest out-of-band incurs additional communication overhead, which consumes more critical resources (e.g., power in wireless devices for receiving information) besides network bandwidth. In this paper, we propose a novel strategy, DaTA, which effectively authenticates data streams by selectively adjusting some interpacket delay. This authentication scheme requires no change to the original data and no additional communication overhead. Modeling-based analysis and experiments conducted on an implemented prototype system in an LAN and over the Internet show that our proposed scheme is efficient and practical.

[1]  Philippe Golle,et al.  Authenticating Streamed Data in the Presence of Random Packet Loss , 2001, NDSS.

[2]  Yin Zhang,et al.  The Stationarity of Internet Path Properties: Routing, Loss, and Throughput , 2000 .

[3]  Chun-Shien Lu,et al.  Multipurpose audio watermarking , 2000, Proceedings 15th International Conference on Pattern Recognition. ICPR-2000.

[4]  Rosario Gennaro,et al.  How to Sign Digital Streams , 1997, CRYPTO.

[5]  Al Morton,et al.  Standardized active measurements on a tier 1 IP backbone , 2003, IEEE Commun. Mag..

[6]  Klara Nahrstedt,et al.  Watermarking methods for MPEG encoded video: towards resolving rightful ownership , 1998, Proceedings. IEEE International Conference on Multimedia Computing and Systems (Cat. No.98TB100241).

[7]  Sushil Jajodia,et al.  DaTA -- Data-Transparent Authentication Without Communication Overhead , 2006, 2006 Securecomm and Workshops.

[8]  Jiri Fridrich,et al.  Images with self-correcting capabilities , 1999, Proceedings 1999 International Conference on Image Processing (Cat. 99CH36348).

[9]  Edwin K. P. Chong,et al.  Efficient multicast packet authentication using signature amortization , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[10]  Alain Pannetrat,et al.  Real time multicast authentication , 2003 .

[11]  Shih-Fu Chang,et al.  A robust image authentication method distinguishing JPEG compression from malicious manipulation , 2001, IEEE Trans. Circuits Syst. Video Technol..

[12]  Pankaj Rohatgi,et al.  A compact and fast hybrid signature scheme for multicast packet authentication , 1999, CCS '99.

[13]  Bernd Girod,et al.  Watermarking of MPEG-2 encoded video without decoding and reencoding , 1997, Electronic Imaging.

[14]  Adrian Perrig,et al.  Distillation Codes and Applications to DoS Resistant Multicast Authentication , 2004, NDSS.

[15]  Lawrence O'Gorman,et al.  Electronic marking and identification techniques to discourage document copying , 1994, Proceedings of INFOCOM '94 Conference on Computer Communications.

[16]  Minghua Chen,et al.  A fragile watermark error detection scheme for wireless video communications , 2005, IEEE Transactions on Multimedia.

[17]  Shai Ben-David,et al.  Detecting Change in Data Streams , 2004, VLDB.

[18]  Alec Wolman,et al.  Measurement and Analysis of a Streaming Media Workload , 2001, USITS.

[19]  Simon S. Lam,et al.  Digital signatures for flows and multicasts , 1999, TNET.

[20]  Robert M. White,et al.  National Oceanic and Atmospheric Administration , 2020, Federal Regulatory Guide.

[21]  David Moore,et al.  Characteristics of fragmented IP traffic on internet links , 2001, IMW '01.

[22]  H. Hawkins,et al.  The National Hurricane Center , 1961 .

[23]  Jessica Staddon,et al.  Graph-based authentication of digital streams , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[24]  James H. Burrows,et al.  Secure Hash Standard , 1995 .

[25]  Zheng Liu,et al.  Multimedia authentication with sensor-based watermarking , 2004, MM&Sec '04.

[26]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[27]  Carla E. Brodley,et al.  IP covert timing channels: design and detection , 2004, CCS '04.

[28]  Bai Ying Lei,et al.  A multipurpose audio watermarking algorithm with synchronization and encryption , 2012, Journal of Zhejiang University SCIENCE C.