A Reliable Real-time Multicast Authentication Protocol with Provable Accuracy

• Autorzy: Chang C. C. , Cheng T. F.

Identyfikatory

DOI

10.3233/FI-2014-1008

• Języki publikacji: EN

Abstrakty

EN

With the rapid development of network technologies and the continuing growth of the online population, the distribution of streamed media on the Internet has become a cause for concern. In order to securely deliver large-scale message streams, various multicast authentication protocols have been proposed. Recently, Abdellatif et al. proposed a real-time multicast authentication protocol called LAR1. The LAR1 protocol has low computation and communication overheads and uses the erasure code function to deal with the packet loss problem. However, through careful analyses, we find that their scheme cannot resist impersonation attacks on signers and only partially solves the packet loss problem. Moreover, there are still some design weaknesses. Then, we propose a more secure multicast authentication protocol, called IMA, with almost the same computation overheads and lower communication overheads. We adopt the BAN logic to demonstrate the authentication accuracy of our proposed scheme. Comparisons of other related works show that our proposed IMA protocol maintains efficiency and is more secure. Therefore, our proposed protocol is more suitable for practical applications.

Słowa kluczowe

EN

authentication; multicast; impersonation attack; BAN logic; confidentiality; non-repudiation

• Wydawca: IOS Press
• Czasopismo: Fundamenta Informaticae
• Rocznik: 2014
• Tom: Vol. 131, nr 2
• Strony: 167--186
• Opis fizyczny: Bibliogr. 24 poz., rys., tab.

Twórcy

autor

Chang C. C.

• Department of Information Engineering and Computer Science, Feng Chia University, Taichung, Taiwan, 40724, R.O.C

autor

Cheng T. F.

• Department of Computer Science and Information Engineering, Asia University, Taichung, Taiwan, 41354, R.O.C.

Bibliografia

• [1] Abdellatif, R., Aslan, H. K., Elramly, S. H.: New real time multicast authentication protocol, International Journal of Network Security, 12(1), Jan. 2011, 13-20.
• [2] Black, J., Halevi, S., Krawczyk, H., Krovetz, T., Rogaway, P.: UMAC: fast and secure message authentication, Proc. 19th Annual International Cryptology Conference, Santa Barbara, California, U.S.A., Vol. 1666 of LNCS, Aug. 1999, 216-233.
• [3] Burrows, M., Abadi, M., Needham, R.: Authentication: a practical study in belief and action, Proc. 2nd Conference on Theoretical Aspects of Reasoning about Knowledge, California, U.S.A., Mar. 1988, 325-342.
• [4] Burrows, M., Abadi, M., Needham, R.: A logic of authentication, ACM Transactions on Computer Systems, 8(1), Feb. 1990, 18-36.
• [5] Canetti, R., Garay, J., Itkis, G., Micciancio, D., Naor, M., Pinkas, B.: Multicast security: a taxonomy and some efficient constructions, Proc. 18th Annual Joint Conference of the IEEE Computer and Communications Societies, New York, U.S.A., Vol. 2, Mar. 1999, 708-716.
• [6] Chang, Y. F., Chang, C. C., Liu, Y. L.: Password authentication without the server public key, IEICE Transactions on Communications, E87-B(10), 2004, 3088-3091.
• [7] Chua, T. K., Pheanis, D. C.: Bandwidth-conserving multicast VoIP teleconference system, International Journal of Network Security, 7(1), Jul. 2008, 42-48.
• [8] Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard, Springer-Verlag, Germany , 2002.
• [9] Gennaro, R., Rohatgi, P.: How to sign digital streams, Information and Computation, 165(1), 25 Feb. 2001, 100-116.
• [10] Golle, P., Modadugu, N.: Authenticating streamed data in the presence of random packet loss, Proc. Symposium on Network and Distributed System Security, San Diego, California, U.S.A., Feb. 2001, 13-22.
• [11] Krawczyk, H., Bellare, M., Canetti, R.: HMAC: keyed-hashing for message authentication, RFC-2104, Internet Engineering Task Force, Feb. 1997.
• [12] Mittra, S.: Iolus: a framework for scalable secure multicasting, Proc. ACM SIGCOMM’97 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, Cannes, France, Sep. 1997, 277-288.
• [13] Mukherjee, R., Atwood, J.: Scalable solutions for secure group communications, Computer Networks, 51(12), Aug. 2007, 3525-3548.
• [14] Perrig, A.: The BiBa one-time signature and broadcast authentication protocol, Proc. 8th ACM Conference on Computer and Communications Security, Philadelphia, Pennsylvania, U.S.A., Nov. 2001, 28-37.
• [15] Perrig, A., Canetti, R., Tygar, J., Song, D.: Efficient authentication and signing of multicast streams over lossy channels, Proc. IEEE Symposium on Security and Privacy, Berkeley, California, U.S.A., May 2000, 56-73.
• [16] Reyzin, L., Reyzin, N.: Better than BiBa: short one-time signatures with fast signing and verifying, Proc. 7th Australasian Conference on Information Security and Privacy, Melbourne, Australia, Jul. 2002, 144-153.
• [17] Rivest, R. L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, 21(2), Feb. 1978, 120-126.
• [18] Rizzo, L.: Effective erasure codes for reliable computer communication protocols, ACM Computer Communication Review, 27(2), Apr. 1997, 24-36.
• [19] Rohatgi, P.: A compact and fast hybrid signature scheme for multicast packet authentication, Proc. 6th ACM Conference on Computer and Communications Security, Singapore, Nov. 1999, 93-100.
• [20] Schneier, B.: Applied Cryptography, Protocols, Algorithms, and Source Code in C, 2nd Edition, John Wiley and Sons, New York, U.S.A., 1996.
• [21] Srinivasan, R., Vaidehi, V., Srivathsan, K. N., Babu, L. R., Karunagaran, C.: SeReRoM: secured reliable routing scheme for multicasting, International Journal of Network Security, 5(1), Jul. 2007, 82-88.
• [22] Windley, P. J.: Digital Identity, 1st Edition, O’Reilly Media, Sebastopol, CA, U.S.A., 1 Aug. 2005.
• [23] Wong, C. K., Lam, S. S.: Digital signatures for ows and multicasts, IEEE/ACM Transactions on Networking, 7(4), Aug. 1999, 502-513.
• [24] Zhang,Q., Calvert, K. L.: A peer-based recovery scheme for group rekeying in securemulticast, International Journal of Network Security, 6(1), Jan. 2008, 15-25