Abstract
Multicast is an attractive mechanism for delivering data to multiple receivers over the Internet as it saves bandwidth. However the delivery of copyrighted data over the Internet requires it to be encrypted to render the data useless for eavesdroppers or illegal users. Authentication is necessary to ensure that the received packet is sent by the actual sender. Message integrity is necessary to ensure that the packet was not changed by an attacker while in transit. The network must be able to perform these tasks even if packets are dropped, rearranged, changed or injected into the stream. This paper presents an efficient scheme for multicast authentication and to check multicast message integrity when asymmetric keys are used to protect the data. The proposal is validated using SPIN, which uses PROMELA to design the validation model.
Chapter PDF
Similar content being viewed by others
References
Harney H, Muckenhim C (1997) Group Key Management Protocol (GKMP) Architecture. RFC2094
Harney H, Muckenhim C (1997) Group Key Management Protocol (GKMP) Specification. RFC2093
Ballardie A (1996) Scalable Multicast Key Distribution (SKMD). RFC1949
Mittra S (1997) Iolus: A Framework for Scalable Secure Multicast. In: ACM SIGCOMM’ 97, pp 277–288
Fiat A, Naor M (1993) Broadcast Encryption. In: CRYPTO’ 93, Springer-Verlag, pp 480–491
Mukherjee R, Atwood JW (2003) Proxy Encryptions for Secure Multicast Key Management. In: IEEE LCN’03, pp 377–384
Mukherjee R, Atwood JW (2004) SIM-KM: Scalable Infrastructure for Multicast Key Management. In: IEEE LCN’04, pp 335–342
Canetti R, Garay J, Itkis G, Micciancio D, Naor M, Pinkas B (1999) A Taxonomy and some Efficient Constructions. In: IEEE INFOCOM’97, pp 708–716
Perrig A, Tygar JD, Song D, Canetti R (2000) Efficient Authentication and Signing of Multicast Streams over Lossy Channels. In: IEEE Symposium on Security and Privacy, pp 56–73
Gennaro R, Rohatgi P (1997) How to Sign Digital Streams. In: CRYPTO’97, pp 180–197
Perrig A (2001) The BiBa One-Time Signature and Broadcast Authentication Protocol In: 8th ACM Conference on Computer and Communications Security, pp 28–37
Wong CK, Lam SS (1998) Digital Signatures for Flows and Multicasts In: 6th International Conference on Network Protocols, pp 502–513
Pannetrat A, Molva R (2003) Efficient Multicast Packet Authentication. In: 10th Annual Network and Distributed System Security Symposium
Golle P, Modadugu N (2001) Authenticating Streamed Data in the Presence of Random Packet Loss. In: 8th Annual Network and Distributed System Security Symposium (NDSS)
Weis B (2005) The Use of RSA/SHA-1 Signatures within ESP and AH. Internet Draft, Work in Progress, draft-ietf-msec-ipsec-signatures-06.txt
Wallner D, Harder E, Agee R (1997) Key Management for Multicast: Issues and Architecture. RFC2627
Dodis Y, Ivan A (2003) Proxy Encryption Revisited. In: 10th Annual Network and Distributed System Security Symposium
Mukherjee R, Atwood JW (2004) A Comparative Analysis of SIM-KM for Group Key Management. In: CCN 2004, pp 169–174
Rescorla E, Korver B (2003) Guidelines for Writing RFC Text on Security Considerations. RFC3552
Holzmann GJ (1991) Design and Validation of Computer Protocols. Prentice Hall.
Holzmann GJ (1997) The Model Checker SPIN. IEEE Transactions on Software Engineering, 23,5:279–295
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 International Federation for Information Processing
About this paper
Cite this paper
Mukherjee, R., Atwood, J.W. (2007). Multicast Group Authentication. In: Gaïti, D. (eds) Network Control and Engineering for QoS, Security and Mobility, IV. NetCon 2005. IFIP — The International Federation for Information Processing, vol 229. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-49690-0_18
Download citation
DOI: https://doi.org/10.1007/978-0-387-49690-0_18
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-49689-4
Online ISBN: 978-0-387-49690-0
eBook Packages: Computer ScienceComputer Science (R0)