Efficient authentication and signing of multicast streams over lossy channels
read more
Citations
SPINS: security protocols for sensor networks
SPINS: security protocols for sensor networks
Ariadne: a secure on-demand routing protocol for ad hoc networks
Wireless sensor networks: A survey on the state of the art and the 802.15.4 and ZigBee standards
Packet leashes: a defense against wormhole attacks in wireless networks
References
A method for obtaining digital signatures and public-key cryptosystems
The MD5 Message-Digest Algorithm
A digital signature scheme secure against adaptive chosen-message attacks
Universal classes of hash functions
Related Papers (5)
Frequently Asked Questions (14)
Q2. How do the authors simplify the problem of a packet signature?
To simplify the problem of optimizing all parameters simultaneously, the authors first focus on the interplay between the number and distribution of edges to achieve high robustness against packet loss.
Q3. What is the way to use a network layer for lossy data streams?
For the case of IP fragmentation, however, the network layer already buffers data and forwards it to the application only when the entire packet is complete.ularly well suited for lossy data streams, UDP makes perfect sense, whereas TCP is used in settings which require reliable communication.
Q4. What is the simplest way to authenticate a packet?
The authentication involves typically only one MAC function and one hash function computation per packet, for both sender and receiver.
Q5. How many hashes does the client need to verify the signature?
the server requires 350 off-line hash function applications and the client needs 184 hashes on average to verify the signature.
Q6. How is the problem of continuous stream authentication solved?
The problem of continuous stream authentication is solved for the case of one sender and one receiver via standard mechanisms, e.g. [12, 18].
Q7. What is the basic assumption that underlies the security of the scheme?
A basic assumption that underlies the security of their scheme is that the local internal clocks of the sender and recipient do not drift too much during a session.
Q8. How do the authors achieve non-repudiation for all packets?
By sending a signature packet at the end of the stream, which contains the hash of the final packet along with a signature, the authors achieve non-repudiation for all packets.
Q9. What is the way to protect the receiver from spurious drops?
Each receiver can then use the chain with the minimal disclosure delay, sufficient to prevent spurious drops which are caused if the security condition does not hold.
Q10. What is the way to handle incoming packets?
the authors could deliver incoming packets directly, but inform the application through an upcall as soon as a packet is authenticated or if the packet is faulty.
Q11. How does the sender verify the signature of the stream?
PSfrag replacementsMACMACMACIn order for the sender to continuously verify the signature of the stream, the sender sends periodic signature packets.
Q12. What are the parameters that affect the computation and communication overhead?
These parameters influence the computation and communication overhead, the delay until verification, and the robustness against packet loss.
Q13. What is the tradeoff between a long interval and a short?
The second tradeoff is that a long interval duration saves on the computation and storage overhead of the key chain, but a short more closely achieves the desired Max.
Q14. How many bytes does Merkle add to each packet?
In practice, this scheme adds around 200 bytes to each packet (assuming a 1024 bit RSA signature and a signature tree over 16 packets).