Combining Prediction Hashing and MDS Codes for Efficient Multicast Stream Authentication

  • Christophe Tartary
  • Huaxiong Wang
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4586)


We study the multicast stream authentication problem when the communication channel is under control of an opponent who can drop, reorder and inject data packets. In this work, we consider that the stream to be authenticated is divided into block of n packets and we assume that the sender can memorize λ such blocks. Two important parameters for stream authentication protocols are packet overhead and computing efficiency. Our construction will exhibit the following advantages. First, our packet overhead will be a few hashes long. Second, the number of signature verifications per family of λ blocks will be O(1) as a function of both λ and n. Third, hash chains will enable the receiver to check the validity of received elements upon reception. As a consequence he will only buffer those consistent with the original data packets. Fourth, the receiver will be able to recover all the data packets emitted by the sender despite erasures and injections by running the decoding algorithm of the maximal distance separable code onto the elements which have passed the previous filtering process.


Stream Authentication Polynomial Reconstruction  Adversarial Network Erasure Codes Prediction Hashing Hash Chains 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Al-Ibrahim, M., Pieprzyk, J.: Authenticating multicast streams in lossy channels using threshold techniques. In: Lorenz, P. (ed.) ICN 2001. LNCS, vol. 2094, pp. 239–249. Springer, Heidelberg (2001)Google Scholar
  2. 2.
    Benaloh, J., de Mare, M.: One-way accumulators: A decentralized alternative to digital signatures. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 274–285. Springer, Heidelberg (1994)Google Scholar
  3. 3.
    Blundo, C., De Santis, A., Herzberg, A., Kutten, S., Vaccaro, U., Yung, M.: Perfectly-secure key distribution for dynamic conferences. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 471–486. Springer, Heidelberg (1992)Google Scholar
  4. 4.
    Challal, Y., Bettahar, H., Bouabdallah, A.: A taxonomy of multicast data origin authentication: Issues and solutions. IEEE Communications Surveys and Tutorials 6(3), 34–57 (2004)CrossRefGoogle Scholar
  5. 5.
    Challal, Y., Bouabdallah, A., Bettahar, H.: H2A: Hybrid hash-chaining scheme for adaptive multicast source authentication of media-streaming. Computer & Security 24(1), 57–68 (2005)CrossRefGoogle Scholar
  6. 6.
    Choi, S.: Denial of service resistant multicast authentication protocol with prediction hashing and one-way key chain. In: ISM 2005, pp. 701–706. IEEE Press, New York (2005)Google Scholar
  7. 7.
    Contini, S., Lenstra, A.K., Steinfeld, R.: VSH: an efficient and provable collision resistant hash collision. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 165–182. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  8. 8.
    Dana, A.F., Gowaikar, R., Palanki, R., Hassibi, B., Effros, M.: Capacity of wireless erasure networks. IEEE Transactions on Information Theory 52(3), 789–804 (2006)CrossRefMathSciNetGoogle Scholar
  9. 9.
    Desmedt, Y., Frankel, Y., Yung, M.: Multi-receiver/multi-sender network security: Efficient authenticated multicast/feedback. In: IEEE INFOCOM 1992, vol. 3, pp. 2045–2054. IEEE Press, New York (1992)Google Scholar
  10. 10.
    Di Pietro, R., Chessa, S., Maestrini, P.: Computation memory and bandwidth efficient distillation codes to mitigate DoS in multicast. In: SecureComm 2005, pp. 13–22. IEEE Press, New York (2005)Google Scholar
  11. 11.
    Fu, J.C., Lou, W.Y.W.: Distribution Theory of Runs and Patterns and its Applications. World Scientific Publishing, Singapore (2003)MATHGoogle Scholar
  12. 12.
    Gennaro, R., Rohatgi, P.: How to sign digital streams. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 180–197. Springer, Heidelberg (1997)Google Scholar
  13. 13.
    Golle, P., Modadugu, N.: Authenticating streamed data in the presence of random packet loss. In: NDSS 2001, pp. 13–22. Internet Society (2001)Google Scholar
  14. 14.
    Guruswami, V.: List Decoding of Error-Correcting Codes. Springer, Heidelberg (2004)MATHGoogle Scholar
  15. 15.
    Guruswami, V., Sudan, M.: Improved decoding of Reed-Solomon and algebraic-geometric codes. IEEE Transactions on Information Theory 45(6), 1757–1767 (1999)MATHCrossRefMathSciNetGoogle Scholar
  16. 16.
    Jakimoski, G.: Primitives and Schemes for Non-Atomic Information Authentication. PhD thesis, The Florida State University College of Arts and Sciences, Spring Semester (2006)Google Scholar
  17. 17.
    Karlof, C., Sastry, N., Li, Y., Perrig, A., Tygar, J.D.: Distillation codes and applications to DoS resistant multicast authentication. In: NDSS 2004 (2004)Google Scholar
  18. 18.
    Lacan, J., Fimes, J.: Systematic MDS erasure codes based on Vandermonde matrices. IEEE Communications Letters 8(9), 570–572 (2004)CrossRefGoogle Scholar
  19. 19.
    Lidl, R., Niederreiter, H.: Introduction to Finite Fields and their Applications - Revised Edition. Cambridge University Press, Cambridge (2000)Google Scholar
  20. 20.
    Liu, D., Ning, P.: Multi-level μTESLA: Broadcast authentication for distributed sensor networks. ACM Transactions in Embedded Computing Systems 3(4), 800–836 (2004)CrossRefGoogle Scholar
  21. 21.
    Liu, D., Ning, P., Zhu, S., Jajodia, S.: Practical broadcast authentication in sensor networks. In: MobiQuitous 2005, pp. 118–129. IEEE Press, New York (2005)Google Scholar
  22. 22.
    Lysyanskaya, A., Tamassia, R., Triandopoulos, N.: Multicast authentication in fully adversarial networks. In: IEEE Symposium on Security and Privacy, pp. 241–253. IEEE Computer Society Press, New York (2003)Google Scholar
  23. 23.
    MacWilliams, F.J., Sloane, N.J.A.: The Theory of Error-Correcting Codes. North-Holland, Amsterdam (1977)MATHGoogle Scholar
  24. 24.
    Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)Google Scholar
  25. 25.
    Merkle, R.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, Heidelberg (1989)Google Scholar
  26. 26.
    Miner, S., Staddon, J.: Graph-based authentication of digital streams. In: IEEE Symposium on Security and Privacy, pp. 232–246. IEEE Press, New York (2001)Google Scholar
  27. 27.
    Pannetrat, A., Molva, R.: Authenticating real time packet streams and multicasts. In: ISCC 2002, IEEE Computer Society Press, Los Alamitos (2002)Google Scholar
  28. 28.
    Park, J.M., Chong, E.K.P., Siegel, H.J.: Efficient multicast packet authentication using signature amortization. In: IEEE Symposium on Security and Privacy, pp. 227–240. IEEE Press, New York (2002)Google Scholar
  29. 29.
    Park, J.M., Chong, E.K.P., Siegel, H.J.: Efficient multicast stream authentication using erasure codes. ACM Transactions on Information and System Security 6(2), 258–285 (2003)CrossRefGoogle Scholar
  30. 30.
    Park, Y., Cho, Y.: The eSAIDA stream authentication scheme. In: Laganà, A., Gavrilova, M., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.) ICCSA 2004. LNCS, vol. 3046, pp. 799–807. Springer, Heidelberg (2004)Google Scholar
  31. 31.
    Perrig, A., Canetti, R., Tygar, J., Song, D.: Efficient authentication and signing of multicast streams over lossy channels. In: IEEE Symposium on Security and Privacy, pp. 56–73. IEEE Press, New York (2000)Google Scholar
  32. 32.
    Perrig, A., Szewczyk, R., Tygar, J.D., Wen, V., Culler, D.E.: SPINS: Security protocols for sensor networks. Wireless Networks 8(5), 521–534 (2002)MATHCrossRefGoogle Scholar
  33. 33.
    Perrig, A., Tygar, J.D.: Secure Broadcast Communication in Wired and Wireless Networks. Kluwer Academic Publishers, Boston (2003)Google Scholar
  34. 34.
    Pieprzyk, J., Hardjono, T., Seberry, J.: Fundamentals of Computer Security. Springer, Heidelberg (2003)MATHGoogle Scholar
  35. 35.
    Rabin, M.O.: Efficient dispersal of information for security, load balancing, and fault tolerance. Journal of the Association for Computing Machinery 36(2), 335–348 (1989)MATHMathSciNetGoogle Scholar
  36. 36.
    Reed, I.S., Solomon, G.: Polynomial codes over certain finite fields. Journal of Society for Industrial and Applied Mathematics 8(2), 300–304 (1960)MATHCrossRefMathSciNetGoogle Scholar
  37. 37.
    Rohatgi, P.: A compact and fast hybrid signature scheme for multicast packet authentication. In: ACM CCS’99, pp. 93–100. ACM Press, New York (1999)Google Scholar
  38. 38.
    Safavi-Naini, R., Wang, H.: New results on multi-receiver authentication code. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 527–541. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  39. 39.
    Shamir, A., Tauman, Y.: Improved online/offline signature schemes. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 355–367. Springer, Heidelberg (2001)Google Scholar
  40. 40.
    Stinson, D.R.: Cryptography: Theory and Practice, 3rd edn. Chapman & Hall/CRC (2006)Google Scholar
  41. 41.
    Tartary, C., Wang, H.: Efficient multicast stream authentication for the fully adversarial network. In: Song, J., Kwon, T., Yung, M. (eds.) WISA 2005. LNCS, vol. 3786, pp. 108–125. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  42. 42.
    Tartary, C., Wang, H.: Achieving multicast stream authentication using MDS codes. In: Pointcheval, D., Mu, Y., Chen, K. (eds.) CANS 2006. LNCS, vol. 4301, pp. 108–125. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  43. 43.
    Tartary, C., Wang, H.: Efficient multicast stream authentication for the fully adversarial network. International Journal of Security and Network (Special Issue on Cryptography in Networks) 2(3/4), 175–191 (2007)Google Scholar
  44. 44.
    Wong, C.K., Chan, A.: Immediate data authentication for multicast resource constrained networks. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 113–121. Springer, Heidelberg (2005)Google Scholar
  45. 45.
    Wong, C.K., Lam, S.S.: Digital signatures for flows and multicasts. IEEE/ACM Transactions on Networking 7(4), 502–513 (1999)CrossRefGoogle Scholar
  46. 46.
    Zanotti, J.-P.: Le code correcteur C.I.R.C. Available online at:

Copyright information

© Springer Berlin Heidelberg 2007

Authors and Affiliations

  • Christophe Tartary
    • 1
  • Huaxiong Wang
    • 1
    • 2
  1. 1.Centre for Advanced Computing, Algorithms and Cryptography, Department of Computing, Macquarie University, NSW 2109Australia
  2. 2.Division of Mathematical Sciences, School of Physical and Mathematical Sciences, Nanyang Technological UniversitySingapore

Personalised recommendations