Name
Title | ||
|---|---|---|
Reducing delay and enhancing DoS resistance in multicast authentication through multigrade security |
Abstract | ||
|---|---|---|
Many techniques for multicast authentication employ the principle of delayed key disclosure. These methods introduce delay in authentication, employ receiver-side buffers, and are susceptible to denial-of-service (DoS) attacks. Delayed key disclosure schemes have a binary concept of authentication and do not incorporate any notion of partial trust. This paper introduces staggered timed efficient stream loss-tolerant authentication (TESLA), a method for achieving multigrade authentication in multicast scenarios that reduces the delay needed to filter forged multicast packets and, consequently, mitigates the effects of DoS attacks. Staggered TESLA involves modifications to the popular multicast authentication scheme, TESLA, by incorporating the notion of multilevel trust through the use of multiple, staggered authentication keys in creating message authentication codes (MACs) for a multicast packet. We provide guidelines for determining the appropriate buffer size, and show that the use of multiple MACs and, hence, multiple grades of authentication, allows the receiver to flush forged packets quicker than in conventional TESLA. As a result, staggered TESLA provides an advantage against DoS attacks compared to conventional TESLA. We then examine two new strategies for reducing the time needed for complete authentication. In the first strategy, the multicast source uses assurance of the trustworthiness of entities in a neighborhood of the source, in conjunction with the multigrade authentication provided by staggered TESLA. The second strategy achieves reduced delay by introducing additional key distributors in the network. |
Year | DOI | Venue |
|---|---|---|
2006 | 10.1109/TIFS.2006.873599 | IEEE Transactions on Information Forensics and Security |
Keywords | Field | DocType |
multicast packet,denial-of-service (dos) attacks,forge-capable area,multicast authentication,trust,multigrade security,staggered authentication key,efficient stream loss-tolerant authentication,dos resistance,message authentication code (mac),staggered authentication keys,queueing theory,multigrade source authentication,staggered tesla,complete authentication,telecommunication services,conventional tesla,multigrade authentication,telecommunication security,receiver-side buffers,popular multicast authentication scheme,message authentication,message authentication code,denial-of-service attacks,message authentication codes,timed efficient stream loss-tolerant authentication (tesla),timed efficient stream loss-tolerant authentication,multicast communication,dos attack,denial of service attacks,broadcasting,denial of service,security | Lightweight Extensible Authentication Protocol,Source-specific multicast,Authentication,Message authentication code,Denial-of-service attack,Computer science,Network packet,Computer network,Authentication protocol,Multicast | Journal |
Volume | Issue | ISSN |
1 | 2 | 1556-6013 |
Citations | PageRank | References |
5 | 0.41 | 19 |
Authors | ||
2 | ||