Wang Weidong,Li Zhitang,Lu Chuiwei,Zhang Yejiang

DOI: https://doi.org/10.1007/bf02831886

2006-01-01

Abstract:We propose an efficient multicast source authentication protocol called efficient multi-tree-chains scheme (EMTC), which shows more loss resistibility, less communication cost, and no delay at receivers. The EMTC scheme is based on combination of single Chain scheme and Hash Tree Chains scheme, and integrates the advantages of both. In this scheme, stream is firstly divided into blocks withn packets, and each block consists ofm clusters, everyone of which contains a tree of packets. All clusters are chained together. Through EMTC, packets of one cluster can be authenticated by any packet of the previous cluster. Compared to other multicast authentication protocols, the proposed scheme has the following advantages:➀ dramatically improves the resistance to burst packets loss;➁ low computation and communication overhead;➂ imposes low delay on the sender side and no delay on the receiver side.

ZHOU Hong,JIANG Xing-hao,YAO Yi-feng,SUN Tan-feng

DOI: https://doi.org/10.3969/j.issn.1002-0802.2007.12.096

2007-01-01

Abstract:In this paper, a new scheme which combines the advantages of Hash chaining and authenticating tree is proposed. A stream is split into blocks of the same size, and then some binary trees, chained by their digests, are constructed within the blocks. This scheme ensures the non-repudiation and can resist packet loss.

王卫东,李之棠

DOI: https://doi.org/10.3969/j.issn.1002-137x.2008.06.025

2008-01-01

Computer Science

Abstract:For multicast communication, authentication is a challenging problem, since it requires that a large number of recipients must verify the data originator. We propose an efficient multicast source authentication protocol called Hybrid Tree and Chains scheme (HTC), which shows more loss resistibility, less communication cost. The HTC scheme is based on combination of single Chain scheme and Hash Tree Chains scheme, and integrates the advantages of both. In this scheme, stream is firstly divided into blocks with n packets, and each block consists of m clusters, everyone of which contains a tree of packets. All clusters are chained together. Through HTC, packets of one cluster can be authenticated by any packet of the previous cluster. Compared to other multicast authentication protocols, the proposed scheme has the following advantages: 1) dramatically improves the resistance to burst packets loss, 2) low computation and communication overhead.

Yanfei Fan,Bin Lin,Yixin Jiang,Xuemin (Sherman) Shen

DOI: https://doi.org/10.1109/glocom.2008.ecp.891

2008-01-01

Abstract:In this paper, we propose an efficient privacy-preserving scheme for secure packet transmission at wireless link layer. The proposed scheme is constructed by using hash values in reverse hash chains as interface identifiers. It can successfully and efficiently resist the Media Access Control (MAC) address based attacks, such as flow tracking and traffic analysis, which are launched by either outside or even inside attackers. In addition, some optimization techniques are also introduced to further improve the efficiency of the proposed scheme. The extensive analysis and simulations demonstrate the enhanced security and efficiency of the proposed scheme.

Zhitang Li,Weidong Wang,Yejiang Zhang,Weiming Li

DOI: https://doi.org/10.1007/11839569_38

2006-01-01

Abstract:We propose an efficient multicast source authentication protocol called Chains of Iso-hash Clusters scheme (CIC), which shows more lossy resistibility, less communication cost, less average delay at receivers. The CIC scheme is based on combination of single Chain scheme and Hash Tree Chains scheme, and integrates the advantages of both. In this scheme, stream is firstly divided into blocks with n packets, and each block consists of m clusters, everyone of which contains a tree of packets. All clusters are chained together. Through CIC, packets of one cluster can be authenticated by any packet of the previous cluster. Compared to other multicast authentication protocols, the proposed scheme has the following advantages: 1) dramatically improves the resistance to burst packets loss, 2) low computation and communication overhead, 3) imposes low delay on the sender side and no delay on the receiver side, assuming no loss occurs.

Yun Zhou,Xiaoyan Zhu,Yuguang (Michael) Fang

DOI: https://doi.org/10.1109/TMC.2010.37

IF: 6.075

2010-01-01

IEEE Transactions on Mobile Computing

Abstract:Conventional block-based multicast authentication schemes overlook the heterogeneity of receivers by letting the sender choose the block size, divide a multicast stream into blocks, associate each block with a signature, and spread the effect of the signature across all the packets in the block through hash graphs or coding algorithms. The correlation among packets makes them vulnerable to packet loss, which is inherent in the Internet and wireless networks. Moreover, the lack of Denial of Service (DoS) resilience renders most of them vulnerable to packet injection in hostile environments. In this paper, we propose a novel multicast authentication protocol, namely MABS, including two schemes. The basic scheme (MABS-B) eliminates the correlation among packets and thus provides the perfect resilience to packet loss, and it is also efficient in terms of latency, computation, and communication overhead due to an efficient cryptographic primitive called batch signature, which supports the authentication of any number of packets simultaneously. We also present an enhanced scheme MABS-E, which combines the basic scheme with a packet filtering mechanism to alleviate the DoS impact while preserving the perfect resilience to packet loss.

Srikanth Bethu,K Kanthi Kumar,MD Asrar Ahmed,S.Soujanya

DOI: https://doi.org/10.48550/arXiv.1311.6001

2013-11-23

Abstract:Conventional block-based multicast authentication schemes overlook the heterogeneity of receivers by letting the sender choose the block size, divide a multicast stream into blocks, associate each block with a signature, and spread the effect of the signature across all the packets in the block through hash graphs or coding algorithms. The correlation among packets makes them vulnerable to packet loss, which is inherent in the Internet and wireless networks. Moreover, the lack of Denial of Service (DoS) resilience renders most of them vulnerable to packet injection in hostile environments. In this paper, we propose a novel multicast authentication protocol, namely MABS, including two schemes. The basic scheme (MABS-B) eliminates the correlation among packets and thus provides the perfect resilience to packet loss, and it is also efficient in terms of latency, computation, and communication overhead due to an efficient cryptographic primitive called batch signature, which supports the authentication of any number of packets <a class="link-external link-http" href="http://simultaneously.so" rel="external noopener nofollow">this http URL</a> we discuss their comparisons and performance evaluation of Packet Loss, Comparisons over Lossy Channels, Comparisons of Signature Schemes, computationational overheads etc.

Cryptography and Security

Baohong Li,Yibin Hou,Yinliang Zhao

DOI: https://doi.org/10.1109/ICMLC.2004.1382230

2004-01-01

Abstract:Logic key hierarchy is a leading scheme for key distribution in secure multicast. An improved logic key hierarchy scheme, based on one-way hash function, is proposed. Besides its simplicity, the improved scheme can reduce key server's average cost by about 1/3. Moreover, a batch update algorithm for this improved scheme is also presented, and its performance is evaluated through experiments. Compared with batch update algorithm in logic key hierarchy scheme, it shows the algorithm presented in this paper can reduce key server cost by at least 1/3.

Baohong Li,Yibin Hou,Xuhui Chen

DOI: https://doi.org/10.3321/j.issn:0253-987X.2006.02.010

2006-01-01

Abstract:Aiming at the problem of the cipher key delivery in secure multicast, a transport protocol that exploits the properties of logical key hierarchies to meet the requirements of reliability, real-time and scalability was presented. When updated keys are delivered, they are assigned to different weights based on the number of their receivers, and the different redundancy of FEC (forward error correction) encoding is determined, thus the keys that have more receivers will have more reliability. The performance of the proposed protocol was analyzed and simulated using independent loss model and burst loss model, respectively. The result shows that it not only can reduce latency, but also can averagely reduce communication overhead by 30% for different loss rates.

熊继平,朱文涛,李津生,洪佩琳,廖小飞

DOI: https://doi.org/10.3969/j.issn.1000-1220.2004.11.008

2004-01-01

Abstract:Efficient source authentication is an important and difficult research area of secure multicast, due to the dynamic and unreliability of multicast communication. Proposes an efficient source authentication scheme, the key idea inside the scheme is the use of Tornado erasure codes that encode/decode large multicast hash authentication packet. This scheme reduces the size of hash authentication packet needed by every packet significantly, and can achieve very high verification probability over lossy network environment. We compare our scheme with EMSS source authentication scheme using detailed programming. And the simulation results show that our scheme prior to EMSS scheme.

Chih-Hao Hsu,Peng Li,Song Guo,Shui Yu,Zhuzhong Qian

DOI: https://doi.org/10.1109/euc.2011.51

2011-01-01

Abstract:In traditional stop-and-wait strategy for reliable communications, such as ARQ, retransmission for the packet loss problem would incur a great number of packet transmissions in lossy wireless ad-hoc networks. We study the reliable multicast lifetime maximization problem by alternatively exploring the random linear network coding in this paper. We formulate such problem as a min-max problem and propose a heuristic algorithm, called maximum lifetime tree (MLT), to build a multicast tree that maximizes the network lifetime. Simulation results show that the proposed algorithms can significantly increase the network lifetime when compared with the traditional algorithms under various distributions of error probability on lossy wireless links.

李保红,侯义斌,赵银亮

DOI: https://doi.org/10.3321/j.issn:0253-987X.2004.10.015

2004-01-01

Abstract:Aiming at the scalability of rekeying in secure multicast , an improved logic key hierarchy mechanism is pro2 posed. When a key tree is updated , the key server produces random numbers , and all or the part of new keys in update paths are directly calculated by the multicast group members using one2way hash function. Therefore , the burdens of the computation and communication for updating keys through multicast channels are decreased. It is estimated that the key server' s average cost can be reduced by about 1/ 3. A batch update algorithm is also presented in the paper based on the improved scheme , in which changing of members several times can be carried out only by update operation once. It is shown by experiments that the key server' s cost of this algorithm can be reduced again at least 1/ 3. So the performance is further improved when this batch update algorithm is applied to the improved scheme.

张骏,谷大武,马范援,白英彩

2006-01-01

Abstract:Several multicast key management schemes such as those proposed by Wallner et al and Wong et al are based on a multilevel, logical hierarchy (or tree) of key-encrypting keys. When used in conjunction with a reliable multicast infrastructure, this approach results in a highly efficient key update mechanism in which the number of multicast messages transmitted upon a membership update is proportional to the depth of the tree, which is logarithmic to the size of the secure multicast group. But this is based on the hypothesis that the tree is maintained in a balanced manner. This paper proposes a scalable rekeying scheme---link-tree structure for implementing secure group communication. Theoretical calculation and experimentation show that this scheme has better performance than the tree structure and the star structure, and at the same time still keep the link-tree structure balanced.

Guowu Xie,Weiqiang Sun,Yaohui Jin,Wei Guo,Weisheng Hu

DOI: https://doi.org/10.1117/12.688270

2006-01-01

Abstract:Because any link failure on the multicast session may disrupt the signal transmission to several downstream nodes, it is imperative to effectively protect the multicast sessions against link failure. In this paper, we study schemes for establishing primary and backup multicast trees for multicast sessions in a optical mesh network against link failure, e.g., fiber or conduit cut, with taking the different leaf availability requirement and availability guarantee into account. We propose an Mixed Integer Linear Program (MILP) approach to solve the problem of provisioning survivable multicast sessions with differentiated leaf availability guaranteed. Different from the previous schemes, our scheme finds out the complete (the tree spans the root and all the leaf nodes) primary and complete or incomplete (the tree spans the root and part of the leaf nodes) backup trees for multicast sessions guarantees the availability requirement. Because of taking the different leaf availability requirements into account, the proposed algorithm finds out more efficient feasible solution requiring less network resources, and even find a feasible solution where the previous algorithms fail.

朱文涛,熊继平,李津生,洪佩琳,戴英侠

DOI: https://doi.org/10.3321/j.issn:1001-506X.2005.02.048

2005-01-01

Abstract:To provide communication confidentiality in multicasting applications, traffic data in secure multicast is encrypted with a session key known only by certificated group members. Whenever there is a change in the group membership, the session key must be updated dynamically. Key management is thus indicated as the sticking point in secure multicast research, and the proposed schemes can be mainly classified as flat ones and hierarchical ones. By incorporating the flat scheme with the hierarchical scheme, a hybrid scheme based on the Internet Group Management Protocol Version 3 is presented. The multicast group is divided into a couple of separate areas and thus not only the scalability problem but also the reliability problem involved in secure multicast is effectively solved. Based on this hybrid scheme, a novel key management algorithm based on time synchronization among the agents of those separate areas is proposed. Without any message exchanges between agents after the algorithm initialization, the agents periodically update the session key in a batch style, thus the communication cost of the entire system is observably lowered.

Binglai Niu,Hai Jiang,H. Vicky Zhao

DOI: https://doi.org/10.1109/tvt.2010.2046431

IF: 6.8

2010-01-01

IEEE Transactions on Vehicular Technology

Abstract:Multicast is a bandwidth-efficient mechanism to provide wireless services for a group of terminals. Providing reliable wireless multicast is challenging due to packet loss and channel fading. In this research, we investigate the medium-access-control (MAC) layer cooperation to enhance the reliability of wireless multicast. We show that the optimal relaying strategy is a pure threshold policy, i.e., the optimal number of relays is bounded by a threshold. We also propose a simple and efficient algorithm to find the optimal time allocation for the direct and relay transmissions.

潘志铂,郑宝玉,吴蒙

2004-01-01

Abstract:Several emerging Internet services by multicast force the research on secure multicast, and the research on key update is a big challenge. This paper designs a hash function of variable message digest and variable key length for a key update protocol that is proposed based on time stream, and analyses the overall performances for the protocol.

Zongpeng Li,Xiaowen Chu

DOI: https://doi.org/10.1109/tpds.2011.197

IF: 5.3

2011-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:In computer networks, multicast models a class of data dissemination applications, where a common data item is routed to multiple receivers simultaneously. The routing of multicast flows across the network may incur a cost, and such a cost is to be recovered from payments by receivers who enjoy the multicast service. In reality, a group of potential multicast receivers exist at different network locations. Each receiver has a valuation for receiving the multicast service, but such valuation is private information known to itself. A multicast scheme asks each potential receiver to report her valuation, then decides which subset of potential receivers to serve, how to route the multicast flow to them, and how much to charge each of them. A multicast scheme is stragegyproof if no receiver has incentive to lie about her true valuation. It is further group strategyproof if no group of colluding receivers has incentive to lie. We study multicast schemes that target group strategyproofness, in both directed and undirected networks. Our main results reveal that under group strategyproofness, a compromise is necessary in either routing optimality or budget balance. We also design multicast schemes that pursue maximum budget balance while guaranteeing group stragetyproofness and routing optimality.

Dl Guan,Sy Yu

DOI: https://doi.org/10.1109/ICON.2003.1266205

2003-01-01

Abstract:Although patching has shown to be a simple and efficient technique for immediate media on-demand delivery, there is still much scope for further improvement compared with the lower bound of the server network-O bandwidth requirement. In this paper, a new concept of two-level patching channel is proposed for the first time, based on which patching channels are rearranged through merging and further patching and a novel channel schedule scheme is developed. Simulation results show that the proposed Two-level patching scheme outperforms the conventional patching technique by a significant margin. It even performs better than the Dynamic Skyscraper Algorithm over a wide range of client request rates. Furthermore, it is reasonably competitive with hierarchical multicast stream merging (HMSM) at low to modest client request rates. Most importantly, the implementation complexity of our algorithm is much lower than the Skyscraper and HMSM.

DL Guan,SY Yu

DOI: https://doi.org/10.1109/tce.2003.1209523

2003-01-01

IEEE Transactions on Consumer Electronics

Abstract:A new patching schedule scheme for video multicast is proposed The response to requests is modeled as a renewal process, and we prove that there exists an optimal value for the renewal period; in addition, a searching approach is presented to find this optimal value. The successive requests in a period are divided into a set of groups, based on which the patching streams are further patched in each group. Simulation results show that the proposed patching scheme outperforms the conventional patching technique by a significant margin in reducing the server network-I/O bandwidth. It even performs better than the dynamic skyscraper algorithm over a wide range of client request rates. Furthermore, it is reasonably competitive with hierarchical multicast stream merging (HMSM) at low to modest client request rates. Most importantly, the implementation complexity of our algorithm is much lower than the skyscraper and HMSM.