Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 31103
Signing the First Packet in Amortization Scheme for Multicast Stream Authentication

Authors: Mohammed Shatnawi, Qusai Abuein, Susumu Shibusawa


Signature amortization schemes have been introduced for authenticating multicast streams, in which, a single signature is amortized over several packets. The hash value of each packet is computed, some hash values are appended to other packets, forming what is known as hash chain. These schemes divide the stream into blocks, each block is a number of packets, the signature packet in these schemes is either the first or the last packet of the block. Amortization schemes are efficient solutions in terms of computation and communication overhead, specially in real-time environment. The main effictive factor of amortization schemes is it-s hash chain construction. Some studies show that signing the first packet of each block reduces the receiver-s delay and prevents DoS attacks, other studies show that signing the last packet reduces the sender-s delay. To our knowledge, there is no studies that show which is better, to sign the first or the last packet in terms of authentication probability and resistance to packet loss. In th is paper we will introduce another scheme for authenticating multicast streams that is robust against packet loss, reduces the overhead, and prevents the DoS attacks experienced by the receiver in the same time. Our scheme-The Multiple Connected Chain signing the First packet (MCF) is to append the hash values of specific packets to other packets,then append some hashes to the signature packet which is sent as the first packet in the block. This scheme is aspecially efficient in terms of receiver-s delay. We discuss and evaluate the performance of our proposed scheme against those that sign the last packet of the block.

Keywords: multicast stream authentication, hash chain construction, signature amortization, authentication probability

Digital Object Identifier (DOI):

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1237


[1] S. Miner and J. Staddon, "Graph-based authentication of digital streams," Proc. of the IEEE Symposium on Research in Security and Privacy, pp.232-246, May 2001.
[2] J. Park, E. Chong and H. Siegel, "Efficient multicast stream authentication using erasure codes," ACM Trans. on Information and System Security, vol.6, no.2, pp.258-258, May 2003.
[3] Q. Abuein and S. Shibusawa, "The performance of amortization scheme for secure multicast streaming," Proc. of the 6th Int. Workshop on Information Security Application, Jeju Island, Korea, Aug. 2005
[4] Q. Abuein and S. Shibusawa, "Signature amortization using multiple connected chains," Proc. of Springer LNCS 9th IFIP TC-6 TC-11 Int. Conf. on CMS, Sep. 2005.
[5] Q. Abuein and S. Shibusawa, A Graph-based new amortization scheme for multicast streams authentication, Journal of Advanced Modeling and Optimization, Vol. 7, No. 2, pp.238-261, 2005.
[6] H. Sanneck, G. Carle, and R. Koodli, "A framework model for packet loss metrics based on loss runlengths," SPIE/ACM SIGMM Multimedia Computing and Networking Conf., Jan. 2000.
[7] W. Jiang and H. Schulzrinne, "Modeling of packet loss and delay and their effect on real-time multimedia service quality," Proc. of 10th Int. Workshop on Network and Operations System Support for Digital Audio and Video, June 2000.
[8] A. Perrig, R. Canetti, J. D. Tygar, and D. Song, "Efficient authentication and signing of multicast streams over lossy channels," IEEE Symposium on Security and Privacy, pp.56-73, May 2000.
[9] P. Rohatgi, "A compact and fast hybrid signature scheme for multicast packet authentication," Proc. of the 6th ACM Conf. on Computer and Communications Security, 1999.
[10] P. Golle and N. Modadugu. "Authenticating streamed data in the presence of random packet loss," Proc. of ISOC Network and Distributed System Security Symposium, pp.13-22, 2001.
[11] R. Gennaro, and P. Rohatgi, "How to sign digital streams," Advances in Cryptology - CRYPTO-97, pp.180-197, 1997.
[12] A. Chan, "A graph-theoretical analysis of multicast authentication," Proc. of the 23rd Int. Conf. on Distributed Computing Systems, 2003.
[13] P. Alain and M. Refik, "Authenticating real time packet stream and multicast," Proc. of 7th IEEE Symposium on Computers and Communications, July 2002.