Adrian Perrig, Ran Canetti, Doug Tygar, and Dawn Song. Efficient Authentication and Signature of Multicast Streams over Lossy Channels. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 56--73, Oakland, CA, May 2000.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....that the sender s clock may be slower than the receiver s. Given the precise time synchronization required by temporal leashes, we constructed some very efficient broadcast authenticators based entirely on symmetric primitives. In particular, we extend the TESLA broadcast authentication protocol [30] to allow the disclosure of the authentication key within the packet that is authenticated. We use a Merkle tree [22] to authenticate these keys. We demonstrated the suitability of temporal leashes with our authentication mechanism by measuring computational power and memory currently available ....

....symmetric cryptography. Ariadne can authenticate routing messages using one of three schemes: shared secrets between each pair of nodes, shared secrets between communicating nodes combined with broadcast authentication, or digital signatures. We primarily discuss here the use of Ariadne with TESLA [30], an efficient broadcast authentication scheme that requires loose time synchronization. Using pairwise shared keys avoids the need for synchronization, but at the cost of higher key setup overhead. Basic Ariadne Route Discovery: We present the design of the Ariadne protocol in two stages: we ....

A. Perrig, R. Canetti, D. Tygar, and D. Song. Efficient authentication and signature of multicast streams over lossy channels. In Proceedings of the IEEE Symposium on Security and Privacy, pages 56--73, May 2000.

....also defined within the policy. The use of Ismene policies to define security is illustrated through an extended example of a group application built on the prototype Ismene framework. 1 Introduction Recent advances have addressed many of the difficult problems in secure group communication [36, 29]. However, a critical, but as yet largely unaddressed, problem is the reconciliation of the differing security requirements of group members. Group members can belong to different organizations that desire to place unique restrictions on participation and represent different capabilities. Security ....

Adrian Perrig, Dawn Song, Doug Tygar, and Ran Canetti. Efficient Authentication and Signature of Multicast Streams over Lossy Channels. In 2000 IEEE Symposium on Security and Privacy, pages 56-- 70. IEEE, May 2000. Oakland, CA.

....Description of the notation used throughout. sender. The ability to securely identify the sender of a group message, called source authentication, is an active area of research. Current methods providing source authentication can be prohibitively expensive or unreliable in high throughput groups [10, 11, 12]. Traditional mechanisms detect failures by the absence of periodic statements made by monitored processes. These statements, called heartbeats, are generated by each member and transmitted to the group directly or to the failure monitor via unicast. Each heartbeat must contain member identifying ....

....chain) Any mechanism providing source authentication can be used for failure detection. Furthermore, our approach can be augmented with any of these schemes; rather than encrypting or signing the authentication block, one could use any existing source authentication mechanism. Perrig et al. [10] define an efficient mechanism providing source authentication in groups. This approach is based on sender commitment to an authentication key during transmission (at time t) which is later exposed (at time t ) If a receiver can prove the message was received before the key was exposed (message ....

Adrian Perrig, Dawn Song, Doug Tygar, and Ran Canetti. Efficient Authentication and Signature of Multicast Streams over Lossy Channels. In 2000 IEEE Symposium on Security and Privacy, page (to appear). IEEE, May 2000. Oakland, CA,.

No context found.

Adrian Perrig, Ran Canetti, Doug Tygar, and Dawn Song. Efficient Authentication and Signature of Multicast Streams over Lossy Channels. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 56--73, Oakland, CA, May 2000.

No context found.

A. Perrig, R. Canetti, J. D. Tygar, and D. Song. Efficient authentication and signature of multicast streams over lossy channels. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 56--73, May 2000.

No context found.

A. Perrig, R. Canetti, J. D. Tygar, and D. Song. Efficient authentication and signature of multicast streams over lossy channels. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 56--73, May 2000.

No context found.

A. Perrig, R. Canetti, J. D. Tygar, and D. Song. Efficient authentication and signature of multicast streams over lossy channels. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 56--73, May 2000.

....C. TIK Protocol Description Our TIK protocol implements temporal leashes and provides efficient instant authentication for broadcast communication in wireless networks. TIK stands for TESLA with Instant Key disclosure, and is an extension of the TESLA broadcast authentication protocol [32]. We contribute the novel observation that a receiver can verify the TESLA security condition (that the corresponding key has not yet been disclosed) as it receives the packet (explained below) this fact allows the sender to disclose the key in the same packet, thus motivating the protocol name ....

....authentication values) once the receiver gets the authentic key K i ,itcan authenticate all packets that carry a message authentication code computed with K i . This use of delayed key disclosure and time synchronization for secure broadcast authentication was also used by the TESLA protocol [32]. The above protocol has the drawback that message authentication is delayed; the receiver must wait for the key before it can authenticate the packet. We observe that we can remove the authentication delay in an environment in which the nodes are tightly time synchronized. In fact, the sender ....

Adrian Perrig, Ran Canetti, Doug Tygar, and Dawn Song. Efficient Authentication and Signature of Multicast Streams over Lossy Channels. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 56--73, May 2000.

....each data packet provides secure broadcast authentication; however, it has high overhead, both in terms of the time required to sign and verify, and in terms of the bandwidth. Several schemes were proposed that mitigate this overhead by amortizing a single signature over several packets, e.g. [14, 25, 28, 33, 38, 39]. However, none of these schemes is fully satisfactory in terms of bandwidth overhead, processing time, scalability, robustness to denial of service attacks, and robustness to packet loss. Even though some schemes amortize a digital signature over multiple data packets, a serious denial of service ....

....This technique was independently discovered by Cheung [8] in the context of authenticating link state routing updates. A related approach was used in the Guy Fawkes protocol for interactive unicast communication [1] In the context of multicast streamed data it was proposed by several authors [2, 3, 5, 27, 28]. The main idea of TESLA is that the sender attaches to each packet a MAC computed with a key k known only to itself. The receiver buffers the received packet without being able to authenticate it. A short while later, the sender discloses k and the receiver is able to authenticate the packet. ....

[Article contains additional citation context not shown here]

A. Perrig, R. Canetti, J. D. Tygar, and D. Song. Efficient authentication and signature of multicast streams over lossy channels. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 56--73, May 2000.

....and some applications also rely on broadcast communication. Therefore, methods used to secure ad hoc network communication should be applicable for both unicast and broadcast communication. Unfortunately, securing broadcast communication is a much harder problem than securing unicast communication [34]. We have designed the Slot Authenticated MAC protocol and the TIK protocol each to secure both unicast and broadcast communication. Message authentication codes are a standard approach for authentication: the sender S and receiver R must share a secret key K, which they use in conjunction with a ....

....such as cesium beam clocks, rubidium clocks, and hydrogen maser clocks could also be used in special applications today to provide sufficiently accurate time synchronization for months. 4 Summary of the TESLA Broadcast Authentication Protocol We build our authentication mechanism on TESLA [34, 33], which provides secure authentication of broadcast messages. The main advantages of TESLA are that it adds only one message authentication code to each authenticated message, that it is robust to packet loss, and that it uses only symmetric cryptography, so its computation and communication ....

Adrian Perrig, Ran Canetti, Doug Tygar, and Dawn Song. Efficient Authentication and Signature of Multicast Streams over Lossy Channels. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 56--73, Oakland, CA, May 2000.

....Small size of authentication information. Since the receiver authenticates individual messages instantly, each message carries authentication information, hence e viable scheme should have e low communication over head. Researchers proposed e number of schemes for broedcest euthenticetion [4, 6, 16, 17, 23, 25]. Unfortunetely most previously proposed systems [6, 16, 17, 23, 25] cennot simul taneously support both reel time euthenticetion end perfect robustness to pecker loss. One epproech thet supports both reel time euthenticetion end robustness to pecker loss [4] does not scele well to large number ....

....individual messages instantly, each message carries authentication information, hence e viable scheme should have e low communication over head. Researchers proposed e number of schemes for broedcest euthenticetion [4, 6, 16, 17, 23, 25] Unfortunetely most previously proposed systems [6, 16, 17, 23, 25] cennot simul taneously support both reel time euthenticetion end perfect robustness to pecker loss. One epproech thet supports both reel time euthenticetion end robustness to pecker loss [4] does not scele well to large number of receivers, es the size of euthenticetion informetion increeses es ....

A. Perrig, R. Canetti, D. Tygax, and D. Song. Efficient authentication and signature of multicast streams over lossy channels. In Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 2000.

No context found.

A. Perrig, R. Canetti, D. Song, and D. Tygar, "Efficient authentication and signature of multicast streams over lossy channels," in Proc. IEEE Symposium on Security and Privacy, Oakland, CA, May 2000.

No context found.

A. Perrig, R. Canetti, D. Song, and D. Tygar, "Efficient authentication and signature of multicast streams over lossy channels," in Proc. IEEE Symposium on Security and Privacy, Oakland, CA, May 2000.

No context found.

A. Perrig, R. Canetti, D. Song, and D. Tygar, "Efficient authentication and signature of multicast streams over lossy channels," in Proc. IEEE Symposium on Security and Privacy, Oakland, CA, May 2000.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC