Skip to main content
SpringerLink
Log in

A New Direction for Research on Data Origin Authentication in Group Communication

  • Conference paper
  • First Online:
Cryptology and Network Security (CANS 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11261))

Included in the following conference series:

  • 760 Accesses

Abstract

Group communication facilitates efficient data transmission to numerous receivers by reducing data replication efforts both at the sender and in the network. Group communication is used in today’s communication networks in many ways, such as broadcasting in cellular networks, IP multicast on the network layer, or as application layer multicast. Despite many efforts in providing data origin authentication for specific application areas in group communication, no efficient and secure all-purpose solution has been proposed so far.

In this paper, we analyze data origin authentication schemes from 25 years of research. We distinguish three general approaches to address the challenge and assign six conceptually different classes to these three approaches. We show that each class comprises trade-offs from a specific point of view that prevent the class from being generally applicable to group communication. We then propose to add a new class of schemes based on recent high-performance digital signatures. We argue that the high-speed signing approach is secure, resource efficient, and can be applied with acceptable communication overhead. This new class therefore provides a solution that is generally applicable and should be the foundation of future research on data origin authentication for group communication.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Sometimes still referred to as source authentication, a term considered deprecated [1].

  2. 2.

    Challal, Bettahar, and Bouabdallah originally used the term “differed signing” but we think that they actually meant “deferred signing” as it makes more sense in this context.

  3. 3.

    Admittedly, the measurements were not conducted under the exact same conditions.

References

  1. Shirey, R.: Internet Security Glossary, Version 2. RFC 4949 (Informational). Internet Engineering Task Force, August 2007. http://www.ietf.org/rfc/rfc4949.txt

  2. Sibold, D., Roettger, S., Teichel, K.: Network Time Security. Internet-Draft draft-IETF-NTP-network-time-security-15. IETF Secretariat, September 2016. https://tools.ietf.org/html/draft-ietf-ntp-network-time-security-15. Accessed 08 Mar 2017

  3. Law, Y.W., et al.: Comparative study of multicast authentication schemes with application to wide-area measurement system. In: ACM SIGSAC Symposium on Information, Computer and Communications Security, ASIACCS 2013, pp. 287–298. ACM, NY (2013). https://doi.org/10.1145/2484313.2484349, ISBN 978-1-4503-1767-2

  4. Tesfay, T., Le Boudec, J.-Y.: Experimental comparison of multicast authentication for wide area monitoring systems. IEEE Trans. Smart Grid 9, 4394–4404 (2017). https://doi.org/10.1109/TSG.2017.2656067. ISSN 1949–3053, 1949–3061

    Article  Google Scholar 

  5. Hardjono, T., Tsudik, G.: IP multicast security: issues and directions. Annales des télécommunications 55(7–8), 324–340 (2000)

    Google Scholar 

  6. Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)

    Article  MathSciNet  Google Scholar 

  7. ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10–18. Springer, Heidelberg (1985). https://doi.org/10.1007/3-540-39568-7_2

    Chapter  Google Scholar 

  8. Johnson, D., Menezes, A., Vanstone, S.: The elliptic curve digital signature algorithm (ECDSA). Int. J. Inf. Secur. 1(1), 36–63 (2001)

    Article  Google Scholar 

  9. Katz, J.: Digital Signatures. Springer, Boston (2010). https://doi.org/10.1007/978-0-387-27712-7. ISBN 978-0-387-27711-0, 978-0-387-27712-7

    Book  MATH  Google Scholar 

  10. Steinwandt, R., Villányi, V.I.: A one-time signature using run-length encoding. Inf. Process. Lett. 108(4), 179–185 (2008). https://doi.org/10.1016/j.ipl.2008.05.004. ISSN 0020–0190

    Article  MathSciNet  MATH  Google Scholar 

  11. Challal, Y., Bettahar, H., Bouabdallah, A.: A taxonomy of multicast data origin authentication: issues and solutions. IEEE Commun. Surv. Tutor. 6(3), 34–57 (2004). https://doi.org/10.1109/COMST.2004.5342292. ISSN 1553–877X

    Article  Google Scholar 

  12. Canetti, R., et al.: Multicast security: a taxonomy and some efficient constructions. In: Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies, INFOCOM 1999, Vol. 2, pp. 708–716, March 1999. https://doi.org/10.1109/INFCOM.1999.751457

  13. Even, S., Goldreich, O., Micali, S.: On-line/off-line digital signatures. J. Cryptol. 9(1), 35–67 (1996)

    Article  MathSciNet  Google Scholar 

  14. Challal, Y., Bouabdallah, A., Hinard, Y.: RLH: receiver driven layered hash-chaining for multicast data origin authentication. Comput. Commun. 28(7), 726–740 (2005)

    Article  Google Scholar 

  15. Tartary, C., Wang, H., Ling, S.: Authentication of digital streams. IEEE Trans. Inf. Theory 57(9), 6285–6303 (2011). https://doi.org/10.1109/TIT.2011.2161960. ISSN 0018–9448

    Article  MathSciNet  MATH  Google Scholar 

  16. Perrig, A., et al.: Efficient authentication and signing of multicast streams over lossy channels. In: IEEE Symposium on Security and Privacy (S&P), pp. 56–73 (2000)

    Google Scholar 

  17. Perrig, A., et al.: Timed Efficient Stream Loss-Tolerant Authentication (TESLA): Multicast Source Authentication Transform Introduction. RFC 4082 (Informational). Internet Engineering Task Force, June 2005. http://www.ietf.org/rfc/rfc4082.txt

  18. Wang, Q., et al.: Time valid one-time signature for time-critical multicast data authentication. In: IEEE INFOCOM 2009, pp. 1233–1241, April 2009. https://doi.org/10.1109/INFCOM.2009.5062037

  19. Bernstein, D.J., et al.: High-speed high-security signatures. J. Cryptogr. Eng. 2(2), 77–89 (2012)

    Article  Google Scholar 

  20. Gligoroski, D., et al.: MQQ-SIG. In: Chen, L., Yung, M., Zhu, L. (eds.) INTRUST 2011. LNCS, vol. 7222, pp. 184–203. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32298-3_13

    Chapter  Google Scholar 

  21. Faugère, J.-C., Gligoroski, D., Perret, L., Samardjiska, S., Thomae, E.: A polynomial-time key-recovery attack on MQQ cryptosystems. In: Katz, J. (ed.) PKC 2015. LNCS, vol. 9020, pp. 150–174. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46447-2_7

    Chapter  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Telecommunications, TU Wien, Vienna, Austria

    Robert Annessi, Tanja Zseby & Joachim Fabini

Authors
  1. Robert Annessi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tanja Zseby
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Joachim Fabini
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Robert Annessi , Tanja Zseby or Joachim Fabini .

Editor information

Editors and Affiliations

  1. ETH Zürich, Zürich, Switzerland

    Srdjan Capkun

  2. Chinese University of Hong Kong, Shatin, Hong Kong

    Sherman S. M. Chow

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Annessi, R., Zseby, T., Fabini, J. (2018). A New Direction for Research on Data Origin Authentication in Group Communication. In: Capkun, S., Chow, S. (eds) Cryptology and Network Security. CANS 2017. Lecture Notes in Computer Science(), vol 11261. Springer, Cham. https://doi.org/10.1007/978-3-030-02641-7_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-02641-7_26

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-02640-0

  • Online ISBN: 978-3-030-02641-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation