Q. Abuein and S. Shibusawa (Japan)
Internet Security, Multicast Stream Authentication, HashChain Construction, Signature Amortization, Burst Loss,Loss Resistance
Several solutions had been introduced to authenticate streamed data delivered in real-time over insecure net works, where there is no guarantee that every packet will be delivered. Some solutions resist any type of packet loss, others resist burst loss. Amortization schemes reduce the overhead caused by other schemes, but suffer from several weak points, such as where to place the signature packet, that is, after how many packets to send the signature. How many hashes to append to each packet, in addition to no clear chain structure analysis had been introduced, so as to show the effect on the efficiency in terms of the authentica tion probability, loss resistance and overhead. In this paper we introduce a new chain construction for multicast stream authentication delivered in real-time using signature amor tization, giving solutions for the shortcomings. We also introduce a theoretical analysis of the chain construction to show its effect on the authentication efficiency. The pro posed scheme consists of several odd-even chains, where the odd chains link some of the odd numbered packets, and the even chains link some of the even numbered ones. The scheme achieves better performance in terms of loss resis tance and low overhead by changing the number of chains. That is when increasing the number of chains, low over head and longer packet loss resistance are achieved. The sender's buffer capacity is taken into consideration when choosing the number of chains. We also introduce equa tions to quantify the requirements such as the buffer size and delay on the receiver.
Important Links:
Go Back