Efficient One-time Signature Schemes for Stream Authentication

When one-time signatures are used for stream authentication, one of the most serious drawbacks is that their large signature size yields high communication overhead. In this paper, we present two efficient one-time signature schemes for stream authentication. Compared with the previous schemes, these schemes have the smallest signature sizes. Moreover, their verification overheads are low. The signature size of Scheme 1 is smaller than that of Scheme 2 whereas Scheme 2 has much smaller signing cost: it requires only 2 hash operations in the majority of cases. Although Scheme 1's signing cost is relatively high, it can be parallelized without any additional risk because sharing the private key among distributed servers is not required.

[1]  Philippe Golle,et al.  Authenticating Streamed Data in the Presence of Random Packet Loss , 2001, NDSS.

[2]  Dawn Xiaodong Song,et al.  Expander graphs for digital stream authentication and robust overlay networks , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[3]  Michael Wolfe,et al.  J+ = J , 1994, ACM SIGPLAN Notices.

[4]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[5]  Leonid Reyzin,et al.  Better than BiBa: Short One-Time Signatures with Fast Signing and Verifying , 2002, ACISP.

[6]  Jessica Staddon,et al.  Graph-based authentication of digital streams , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[7]  Adrian Perrig,et al.  The BiBa one-time signature and broadcast authentication protocol , 2001, CCS '01.

[8]  Rosario Gennaro,et al.  How to Sign Digital Streams , 1997, Inf. Comput..

[9]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[10]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[11]  Adrian Perrig,et al.  Bounds and Improvements for BiBa Signature Schemes , 2002 .

[12]  Ueli Maurer,et al.  Optimal Tree-Based One-Time Digital Signature Schemes , 1996, STACS.

[13]  Simon S. Lam,et al.  Digital signatures for flows and multicasts , 1998, Proceedings Sixth International Conference on Network Protocols (Cat. No.98TB100256).

[14]  Yookun Cho,et al.  An efficient stream authentication scheme using tree chaining , 2003, Inf. Process. Lett..

[15]  Edwin K. P. Chong,et al.  Efficient multicast packet authentication using signature amortization , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[16]  Ralph C. Merkle,et al.  A Digital Signature Based on a Conventional Encryption Function , 1987, CRYPTO.

[17]  Pankaj Rohatgi,et al.  A compact and fast hybrid signature scheme for multicast packet authentication , 1999, CCS '99.