Professional Documents
Culture Documents
124
less than hashing tree. But this scheme can not 4. Conclusion
tolerate packet loss, and the receivers can not
authenticate any future packets once any portion of In this paper, a novel scheme of multicast source
data is lost in transit. Furthermore, out-of-order authentication that was named “HMSA” is proposed,
packet reception is also troublesome, and an and it includes some merits as follow:
out-of-order packet must be buffered until all the (1) Both computation and communication overheads
packets leading up to it are received and verified [6]. are reasonable and acceptable;
(2) Each packet is authenticated immediately, which
3. HMSA scheme is loss-tolerant;
(3) Non-repudiation is supported.
3.1. Main idea So HMSA is efficient and practical to the most
source authentication of multicast applications. The
As mentioned above, the main disadvantage of next work is to compare it with some other schemes
hashing tree is high communication overhead, and in detail using NS-2(Network Simulator version 2).
hashing chain is inefficient to packet loss. So we
considered how to combine hashing tree with References
hashing chain efficiently, and make up of a Hybrid
Multicast Source Authentication (HMSA) scheme. In [1] M.Baugher, R.Canetti, L.Dondeti and F.Lindholm.
hashing tree each packet carries 1 signature and (log2 “Multicast Security(MESC) Group Key Management
m) hashes of siblings of all the nodes in the current Architecture”. IETF RFC 4046, April 2005.
packet’s path to the root. However, each receiver
only needs to verify the first packet of each block, so [2] Yacine Challal, Abdelmadjid Bouabdallah and Yoann
Hinard. “Efficient multicast source authentication using
there are (m-1) packets carrying useless signatures in
layered hash-chaining scheme”. Proceedings of the 29th
each packet. Since hashing chain only needs 1 Annual IEEE International Conference on Local Computer
signature totally, HMSA uses hashing chain to Networks(LCN’04).
reduce the communication overhead of hashing tree
as below: first, the sender calculates the root hash of [3] Thomas Hardjono, Laksminiath R. Dondeti. “Multicast
each block using hashing tree; second, sends a packet and Group Security”. Artech House Inc, 2003.
carrying the signature of the first block’s root hash to
each receiver; last, sends each packet carrying (log2 [4] T. Hardjono, B. Weis. “The Multicast Group Security
m) hashes of siblings of all the nodes in the current Architecture”. IETF RFC 3740, March 2004.
packet’s path to the root and the root hash of the next
[5] Xianxian Li, Jinpeng Huai. “Efficient Non-Repudiation
block, after each receiver received the signature Multicast Source Authentication Schemes”. J. Comput. Sci.
packet normally. To each receiver, firstly the root & Technol. pp.820-829, 17(6), 2002.
signature of the first block is verified, if verification
is passed then each packet of the first block and the [6] Sanjoy Paul. “Multicasting on the internet and its
root hash of the second block is verified; secondly applications”. Kluwer Academic Publishers, 1998.
each packet of the second block is verified using the
root hash of the second block; …… ; finally the [7] A. Perrig, R. Canetti, D. Song, and J. D. Tygar.
origins of all packets is verified. “Efficient and secure source authentication for multicast”.
Network and Distributed System Security Symposium,
pp.35-46, February 2001.
3.2. Performance evaluations
[8] A.Perrig, D.Song, R.Canetti, J.D.Tygar and B.Briscoe.
In summary, HMSA only needs 1 signature and n* “Timed Efficient Stream Loss-Tolerant
( log2 m+1 ) hashes, so both computation and Authentication(TESLA): Multicast Source Authentication
communication overheads of it are much less than Transform Introduction”. IETF RFC 4082, June 2005.
hashing tree, but a little higher than hashing chain.
[9] Jung Min Park, Edwin K.P. Chong and Howard Jay
However, HMSA is loss-tolerant if the maximum Siegel. “Efficient Multicast Packet Authentication Using
length of loss packet is less than the length of each Signature Amortization”. Proceedings of the 2002 IEEE
block, so which is superior to hashing chain in it. Symposium on Security and Privacy, 2002.
125