A taxonomy of multicast data origin authentication: Issues and solutions

Multicasting is an efficient communication mechanism for group-oriented applications such as videoconferencing, broadcasting stock quotes, interactive group games, and video on demand. The lack of security obstructs a large deployment of this efficient communication model. This limitation motivated a host of research works that have addressed the many issues relating to securing the multicast, such as confidentiality, authentication, non-repudiation, integrity, and access control. Many applications, such as broadcasting stock quotes and video-conferencing, require data origin authentication of the received traffic. Hence, data origin authentication is an important component in the multicast security architecture. Multicast data origin authentication must take into consideration the scalability and the efficiency of the underlying cryptographic schemes and mechanisms, because multicast groups can be very large and the exchanged data is likely to be heavy in volume (streaming). Besides, multicast data origin authentication must be robust enough against packet loss because most multicast multimedia applications do not use reliable packet delivery. Therefore, multicast data origin authentication is subject to many concurrent and competitive challenges, when considering these miscellaneous application-level requirements and features. In this article we review and classify recent works dealing with the data origin authentication problem in group communication, and we discuss and compare them with respect to some relevant performance criteria.

[1]  Yacine Challal,et al.  A/sup 2/cast: an adaptive source authentication protocol for multicast streams , 2004, Proceedings. ISCC 2004. Ninth International Symposium on Computers And Communications (IEEE Cat. No.04TH8769).

[2]  Stephen E. Deering,et al.  Multicast routing in internetworks and extended LANs , 1988, SIGCOMM '88.

[3]  Moti Yung,et al.  Multi-receiver/multi-sender network security: efficient authenticated multicast/feedback , 1992, [Proceedings] IEEE INFOCOM '92: The Conference on Computer Communications.

[4]  Leonid Reyzin,et al.  Better than BiBa: Short One-Time Signatures with Fast Signing and Verifying , 2002, ACISP.

[5]  Ueli Maurer,et al.  On the E ciency of One-time Digital , 1996 .

[6]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[7]  Vern Paxson,et al.  End-to-end Internet packet dynamics , 1997, SIGCOMM '97.

[8]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[9]  Moni Naor,et al.  Multicast security: a taxonomy and some efficient constructions , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[10]  Michael O. Rabin,et al.  Efficient dispersal of information for security, load balancing, and fault tolerance , 1989, JACM.

[11]  Edwin K. P. Chong,et al.  Efficient multicast packet authentication using signature amortization , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[12]  Ueli Maurer,et al.  On the Efficiency of One-Time Digital Signatures , 1996, ASIACRYPT.

[13]  Reihaneh Safavi-Naini,et al.  New Results on Multi-Receiver Authentication Codes , 1998, EUROCRYPT.

[14]  William C. Fenner Internet Group Management Protocol, Version 2 , 1997, RFC.

[15]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[16]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[17]  Satoshi Obana,et al.  Characterisation of (k, n) Multi-receiver Authentication , 1997, ACISP.

[18]  Gene Tsudik,et al.  IP multicast security: Issues and directions , 2000, Ann. des Télécommunications.

[19]  Ueli Maurer,et al.  Optimal Tree-Based One-Time Digital Signature Schemes , 1996, STACS.

[20]  Radia J. Perlman,et al.  Network security - private communication in a public world , 2002, Prentice Hall series in computer networking and distributed systems.

[21]  Satoshi Obana,et al.  Bounds and Combinatorial Structure of (k,n) Multi-Receiver A-Codes , 2001 .

[22]  Mostafa Ammar,et al.  Security issues and solutions in multicast content distribution: a survey , 2003 .

[23]  Tommaso Cucinotta,et al.  Adopting redundancy techniques for multicast stream authentication , 2003, The Ninth IEEE Workshop on Future Trends of Distributed Computing Systems, 2003. FTDCS 2003. Proceedings..

[24]  Burton S. Kaliski,et al.  The MD2 Message-Digest Algorithm , 1992, RFC.

[25]  Adrian Perrig,et al.  Bounds and Improvements for BiBa Signature Schemes , 2002 .

[26]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[27]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[28]  Reihaneh Safavi-Naini,et al.  Multireceiver Authentication Codes: Models, Bounds, Constructions, and Extensions , 1999, Inf. Comput..

[29]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[30]  Philippe Golle,et al.  Authenticating Streamed Data in the Presence of Random Packet Loss , 2001, NDSS.

[31]  Simon S. Lam,et al.  Digital signatures for flows and multicasts , 1999, TNET.

[32]  Donald F. Towsley,et al.  Measurement and modelling of the temporal dependence in packet loss , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[33]  Pankaj Rohatgi,et al.  A compact and fast hybrid signature scheme for multicast packet authentication , 1999, CCS '99.

[34]  Ran Canetti,et al.  Efficient and Secure Source Authentication for Multicast , 2001, NDSS.

[35]  Edwin K. P. Chong,et al.  Efficient multicast stream authentication using erasure codes , 2003, TSEC.

[36]  Bruno Crispo,et al.  Individual single source authentication on the MBONE , 2000, 2000 IEEE International Conference on Multimedia and Expo. ICME2000. Proceedings. Latest Advances in the Fast Changing World of Multimedia (Cat. No.00TH8532).

[37]  David Hutchison,et al.  A survey of key management for secure group communication , 2003, CSUR.

[38]  Jon Crowcroft,et al.  Multicast-specific security threats and counter-measures , 1995, Proceedings of the Symposium on Network and Distributed System Security.

[39]  Dawn Song,et al.  The TESLA Broadcast Authentication Protocol , 2002 .

[40]  Matthew K. Franklin,et al.  Lower Bounds for Multicast Message Authentication , 2001, EUROCRYPT.

[41]  Ralph C. Merkle,et al.  A Digital Signature Based on a Conventional Encryption Function , 1987, CRYPTO.

[42]  Neil Haller,et al.  The S/KEY One-Time Password System , 1995, RFC.

[43]  Jessica Staddon,et al.  Graph-based authentication of digital streams , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[44]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[45]  Kaoru Kurosawa,et al.  Combinatorial Bounds and Design of Broadcast Authentication (Special Section on Discrete Mathematics and Its Applications) , 1996 .

[46]  Yacine Challal,et al.  A Scalable and Adaptive Key Management Protocol for Group Communication , 2004, WWIC.

[47]  Refik Molva,et al.  Authenticating real time packet streams and multicasts , 2002, Proceedings ISCC 2002 Seventh International Symposium on Computers and Communications.

[48]  Anupam Joshi,et al.  Security in Sensor Networks , 2020, Texts in Computer Science.

[49]  Rosario Gennaro,et al.  How to Sign Digital Streams , 1997, CRYPTO.

[50]  Robert W. Shirey,et al.  Internet Security Glossary , 2000, RFC.

[51]  Henning Schulzrinne,et al.  RTP: A Transport Protocol for Real-Time Applications , 1996, RFC.

[52]  Adrian Perrig,et al.  The BiBa one-time signature and broadcast authentication protocol , 2001, CCS '01.

[53]  Silvio Micali,et al.  On-line/off-line digital signatures , 1996, Journal of Cryptology.