Issue No.07 - July (2010 vol.9)
Xiaoyan Zhu , Xidian University, Xi'an
Yun Zhou , Microsoft Corporation, Redmond
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TMC.2010.37
Conventional block-based multicast authentication schemes overlook the heterogeneity of receivers by letting the sender choose the block size, divide a multicast stream into blocks, associate each block with a signature, and spread the effect of the signature across all the packets in the block through hash graphs or coding algorithms. The correlation among packets makes them vulnerable to packet loss, which is inherent in the Internet and wireless networks. Moreover, the lack of Denial of Service (DoS) resilience renders most of them vulnerable to packet injection in hostile environments. In this paper, we propose a novel multicast authentication protocol, namely MABS, including two schemes. The basic scheme (MABS-B) eliminates the correlation among packets and thus provides the perfect resilience to packet loss, and it is also efficient in terms of latency, computation, and communication overhead due to an efficient cryptographic primitive called batch signature, which supports the authentication of any number of packets simultaneously. We also present an enhanced scheme MABS-E, which combines the basic scheme with a packet filtering mechanism to alleviate the DoS impact while preserving the perfect resilience to packet loss.
Multimedia, multicast, authentication, signature.
Xiaoyan Zhu, Yun Zhou, "MABS: Multicast Authentication Based on Batch Signature", IEEE Transactions on Mobile Computing, vol.9, no. 7, pp. 982-993, July 2010, doi:10.1109/TMC.2010.37