RLH: receiver driven layered hash-chaining for multicast data origin authentication

Challal, Yacine; Bouabdallah, Abdelmadjid; Hinard, Yoann

doi:10.1016/j.comcom.2004.10.009

Cited by 16 publications

(12 citation statements)

References 39 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the random chaining, target packets that will carry a hash of the current packet are selected randomly. This approach complies with the random packet loss pattern [2,3,4,5,7]. In order to take advantage of both approaches, …”

Section: Main Idea Of Lmcmmentioning

confidence: 98%

LMCM: Layered Multiple Chaining Model for Authenticating Multicast Streams

et al. 2008

2008 Ninth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed

View full text Add to dashboard Cite

Multicast authentication is a vital component in secure group communications, but authenticating real-time multicast streams over lossy channels or unreliable networks is very difficult due to the packet losses, expensive overheads and high delays. So this paper introduces a novel approach to multicast authentication based on LMCM (Layered Multiple Chaining Model). By the theoretical analyses, it is robust enough against packet losses, has low delays on the sender's side and the receiver's side. Both computation and communication overheads are in the reasonable scopes if its parameter values are determined systematically. And the high authentication probability can be achieved by increasing the number of packets that contain the hash of a previous packet and the number of hashes that are appended to the signature packets. Hence LMCM is secure, efficient and practical to more multicast applications than many previously proposed approaches.

show abstract

Section: Main Idea Of Lmcmmentioning

confidence: 98%

LMCM: Layered Multiple Chaining Model for Authenticating Multicast Streams

et al. 2008

2008 Ninth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed

View full text Add to dashboard Cite

show abstract

“…It is assumed that the packets in the highest priority class are spaced evenly throughout the block so that two consecutive packets of the highest priority class are located exactly r packets apart. To reduce the communication overhead of amortization schemes, Park et al proposed SAIDA [20] using Erasure Codes to achieve this goal, but its computation overhead is higher than other schemes based on hashing amortization [1,2,3,[5][6][7][8]11,13,14,21]. …”

Section: Non-repudiationmentioning

confidence: 98%

Survey on multicast data origin authentication

et al. 2008

2008 11th IEEE International Conference on Communication Technology

View full text Add to dashboard Cite

Multicast is an efficient and natural way of communicating information via Internet, but its security is identified as one of the most important problems to solve for the successful deployment of group communication applications. First of all, in secure multicast group members must be able to verify that the data received is indeed sent by an authorized sender, and this is called "data origin authentication". This paper introduces the main schemes for authenticating multicast data origin, and evaluates their performances with computation overhead, communication overhead and some other parameters. The result shows there are no ideal solutions to satisfy all multicast applications.

show abstract

“…Another technique in [23] is based on online stream authentication, where trust is chained by sending the public key for verification of each subsequent packet. EMSS [44] and its several adaptations [14,15] reverse the above idea by sending a full-length hash of previous packets to allow for modification detection without source authentication, and a full signature for authentication at the end of the stream. However, this easily allows an adversary to forge packets until a tag is actually required, which conflicts with requirement I.…”

Section: Aggregating Packetsmentioning

confidence: 99%

ProMACs: Progressive and Resynchronizing MACs for Continuous Efficient Authentication of Message Streams

Armknecht

Walther

Tsudik

et al. 2020

Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security

View full text Add to dashboard Cite

Efficiently integrity verification of received data requires Message Authentication Code (MAC) tags. However, while security calls for rather long tags, in many scenarios this contradicts other requirements. Examples are strict delay requirements (e.g., robot or drone control) or resource-scarce settings (e.g., LoRaWAN networks with limited battery capacity). Prior techniques suggested truncation of MAC tags, thus trading off linear performance gain for exponential security loss. To achieve security of full-length MACs with short(er) tags, we introduce Progressive MACs (ProMACs)-a scheme that uses internal state to gradually increase security upon reception of subsequent messages. We provide a formal framework and propose a provably secure, generic construction called Whips. We evaluate applicability of ProMACs in several realistic scenarios and demonstrate example settings where ProMACs can be used as a drop-in replacement for traditional MACs. CCS CONCEPTS • Security and privacy → Hash functions and message authentication codes; Formal security models; Domain-specific security and privacy architectures; • Theory of computation → Cryptographic primitives.

show abstract

RLH: receiver driven layered hash-chaining for multicast data origin authentication

Cited by 16 publications

References 39 publications

LMCM: Layered Multiple Chaining Model for Authenticating Multicast Streams

LMCM: Layered Multiple Chaining Model for Authenticating Multicast Streams

Survey on multicast data origin authentication

ProMACs: Progressive and Resynchronizing MACs for Continuous Efficient Authentication of Message Streams

Contact Info

Product

Resources

About