Open Access  Subscription or Fee Access

The correlation among packets makes them vulnerable to packet loss, which is inherent in the Internet and wireless networks. Moreover, the lack of Denial of Service (DoS) resilience renders most of them vulnerable to packet injection in hostile environments. In this paper, we propose a novel multicast authentication protocol, namely MECS, including two schemes. The basic scheme (MECS-B) eliminates the correlation among packets and thus provides the perfect resilience to packet loss, and it is also efficient in terms of latency, computation, and communication overhead due to an efficient cryptographic primitive called consignment signature, which supports the authentication of any number of packets simultaneously. We also present an enhanced scheme MECS-E, which combines the basic scheme with a packet filtering mechanism to alleviate the DoS impact while preserving the perfect resilience to packet

Correlation, Denial of Service

P. Judge and M. Ammar, “Security Issues and Solutions in Mulicast Content Distribution: A Survey,” IEEE Network Magazine, vol. 17, no. 1, pp. 30-36, Jan. /Feb. 2003.

Y. Challal, H. Bettahar, and A. Bouabdallah, “A Taxonomy of Multicast Data Origin Authentication: Issues and Solutions,” IEEE Comm. Surveys & Tutorials, vol. 6, no. 3, pp. 34-57, Oct. 2004.

Y. Zhou and Y. Fang, “BABRA: Consignment-Based Broadcast Authentication in Wireless Sensor Networks,” Proc. IEEE GLOBECOM, Nov. 2006.

Y. Zhou and Y. Fang, “Multimedia Broadcast Authentication Based on Consignment Signature,” IEEE Comm. Magazine, vol. 45, no. 8, pp. 72-77, Aug. 2007.

K. Ren, K. Zeng, W. Lou, and P.J. Moran, “On Broadcast Authentication in Wireless Sensor Networks,” Proc. First Ann. Int’l Conf. Wireless Algorithms, Systems, and Applications (WASA ’06), Aug. 2006.

S. Even, O. Goldreich, and S. Micali, “On-Line/Offline Digital Signatures,” J. Cryptology, vol. 9, pp. 35-67, 1996.

P. Rohatgi, “A Compact and Fast Hybrid Signature Scheme for Multicast Packet,” Proc. Sixth ACM Conf. Computer and Comm. Security (CCS ’99), Nov. 1999.

C.K. Wong and S.S. Lam, “Digital Signatures for Flows and Multicasts,” Proc. Sixth Int’l Conf. Network Protocols (ICNP ’98), pp. 198-209, Oct. 1998.

C.K. Wong and S.S. Lam, “Digital Signatures for Flows and Multicasts,” IEEE/ACM Trans. Networking, vol. 7, no. 4, pp. 502-513, Aug. 1999.

R. Gennaro and P. Rohatgi, “How to Sign Digital Streams,”Information and Computation, vol. 165, no. 1, pp. 100-116, Feb. 2001.

R. Gennaro and P. Rohatgi, “How to Sign Digital Streams,” Proc.17th Ann. Cryptology Conf. Advances in Cryptology (CRYPTO ’97), Aug. 1997.

A. Perrig, R. Canetti, J.D. Tygar, and D. Song, “Efficient Authentication and Signing of Multicast Streams over Lossy Channels,” Proc. IEEE Symp. Security and Privacy (SP ’00), pp. 56-75, May 2000.

Y. Challal, H. Bettahar, and A. Bouabdallah, “A2Cast: An Adaptive Source Authentication Protocol for Multicast Streams, “Proc. Ninth Int’l Symp. Computers and Comm. (ISCC ’04), vol. 1, pp. 363-368, June 2004.

S. Miner and J. Staddon, “Graph-Based Authentication of Digital Streams,” Proc. IEEE Symp. Security and Privacy (SP ’01), pp. 232-

246, May 2001.

Z. Zhang, Q. Sun, W-C Wong, J. Apostolopoulos, and S. Wee, “A Content-Aware Stream Authentication Scheme Optimized for Distortion and Overhead,” Proc. IEEE Int’l Conf. Multimedia and Expo (ICME ’06), pp.541-544, July2006.

P. Golle and N. Modadugu, “Authenticating Streamed Data in the Presence of Random Packet Loss,” Proc. Eighth Ann. Network and Distributed System Security Symp. (NDSS ’01), Feb. 2001.

Z. Zhang, Q. Sun, and W-C Wong, “A Proposal of Butterfly- Graphy Based Stream Authentication over Lossy Networks,” Proc. IEEE Int’l Conf. Multimedia and Expo (ICME ’05), July 2005.