Adopting redundancy techniques for multicast stream authentication

Various schemes have been proposed to achieve strong authentication of streamed data in a lossy network by means of "light" digital signatures. Such techniques perform a strong authentication on only one packet, to which others are linked by means of hash functions, so that the authentication property propagates to them too. Most of these schemes make the basic assumption that the signature packet is not lost, even if no practical and precise solutions are proposed that guarantee such a property. In this paper we show how adoption of some redundancy techniques can be used in the context of multicast stream authentication in order to increase probability that the signature packets are received and correctly verified against their digital signature. Finally some experimental results are presented comparing computational overheads due to the authentication schemes both at the sender and at the receiver.

[1]  Philippe Golle,et al.  Authenticating Streamed Data in the Presence of Random Packet Loss , 2001, NDSS.

[2]  Simon S. Lam,et al.  Digital signatures for flows and multicasts , 1999, TNET.

[3]  Refik Molva,et al.  Authenticating real time packet streams and multicasts , 2002, Proceedings ISCC 2002 Seventh International Symposium on Computers and Communications.

[4]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[5]  Pankaj Rohatgi,et al.  A compact and fast hybrid signature scheme for multicast packet authentication , 1999, CCS '99.

[6]  Rosario Gennaro,et al.  How to Sign Digital Streams , 1997, CRYPTO.

[7]  Luigi Rizzo,et al.  Effective erasure codes for reliable computer communication protocols , 1997, CCRV.

[8]  Jessica Staddon,et al.  Graph-based authentication of digital streams , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[9]  Edwin K. P. Chong,et al.  Efficient multicast stream authentication using erasure codes , 2003, TSEC.

[10]  Moni Naor,et al.  Multicast security: a taxonomy and some efficient constructions , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[11]  Silvio Micali,et al.  On-line/off-line digital signatures , 1996, Journal of Cryptology.

[12]  Edwin K. P. Chong,et al.  Efficient multicast packet authentication using signature amortization , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[13]  Vern Paxson,et al.  End-to-end Internet packet dynamics , 1997, SIGCOMM '97.

[14]  Ran Canetti,et al.  Efficient and Secure Source Authentication for Multicast , 2001, NDSS.

[15]  Donald F. Towsley,et al.  Measurement and modelling of the temporal dependence in packet loss , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[16]  Matthew K. Franklin,et al.  Lower Bounds for Multicast Message Authentication , 2001, EUROCRYPT.