Efficient solutions for the authenticated fragmentation problem in delay- and disruption-tolerant networks
Pages 177 - 185
Abstract
Transmission opportunities in delay- and disruption-tolerant networks (DTNs) may be scarce and short-lived. In consequence, the fragmentation of larger messages at intermediate nodes is an important requirement to efficiently utilize any available connectivity. At the same time, bandwidth must be protected against any unauthorized transmission attempt, which implies that source authentication mechanisms are needed. However, naive solutions for supporting both message fragmentation and authentication are inefficient in terms of bandwidth or computational requirements. The problem has been clearly identified in the literature and various solutions have been suggested, but a systematic treatment of the problem has not been carried out so far. In this work, we approach the problem of authenticated fragmentation by rephrasing it as a multicast authentication problem. We identify a number of computationally efficient multicast authentication protocols that are suitable for DTN scenarios and highlight known computational or bandwidth optimality results for two classes of solutions. We generalize the remaining protocols into a single third class and provide a theoretical analysis, which proves the bandwidth optimality of a protocol that has been independently suggested for the authenticated fragmentation problem. We extend the setting of the protocol by considering a network scenario where neighboring nodes can communicate reliably and show theoretically that in this scenario the amortized bandwidth overhead converges to the minimum possible. Finally, we review a number of approaches presented in the literature on the authenticated fragmentation problem and outline their inadequacies.
References
[1]
S. Farrell, V. Cahill, D. Geraghty, I. Humphreys, P. McDonald, "When TCP Breaks: Delay- and Disruption-Tolerant Networking", IEEE Internet Computing, vol. 10, no. 4, pp. 72--78, 2006.
[2]
K. L. Scott, S. Burleigh, "Bundle Protocol Specification", RFC 5050, IETF, 2007. S. F. Symington, S. Farrell, H. Weiss, P. Lovell, "Bundle Security Protocol Specification", RFC 6257, IETF, 2011.
[3]
Y. Challal, H. Bettahar, A. Bouabdallah, "A Taxonomy of Multicast Data Origin Authentication: Issues and Solutions", IEEE Comm. Surveys & Tutorials, vol. 6, no. 3, pp. 34--57, 2004.
[4]
S. Miner, J. Staddon, "Graph-Based Authentication of Digital Streams", Proc. IEEE Symp. on Security and Privacy--S&P 2001, pp. 232--246, 2001.
[5]
C. Tartary, H. Wang, J. Pieprzyk, "A coding approach to the multicast stream authentication problem", Int. J. of Information Security, vol. 7, no. 4, pp. 265--283, 2008.
[6]
C. Tartary, "Authentication for Multicast Communication", Thesis, 2007.
[7]
Y. Zhou, X. Zhu, Y. Fang, "MABS: Multicast Authentication Based on Batch Signature", IEEE Trans. on Mobile Computing, vol. 9, no. 7, pp. 982--993, 2010.
[8]
R. Canetti, J. Garay, G. Itkis, D. Micciancio, M. Naor, B. Pinkas, "Multicast Security: A Taxonomy and Efficient Constructions", Proc. 18th Annual Joint Conf. of the IEEE Computer and Comm. Societies--INFOCOM '99, vol. 2, pp. 708--716, 1999.
[9]
D. Boneh, G. Durfee, M. Franklin, "Lower Bounds for Multicast Message Authentication", Proc. Advances in Cryptology--EUROCRYPT 2001, LNCS, vol. 2045, pp. 437--452, 2001.
[10]
A. Perrig, R. Canetti, J. D. Tygar, D. Song, "Efficient Authentication and Signing of Multicast Streams over Lossy Channels", Proc. IEEE Symp. on Security and Privacy--S&P 2000, pp. 56--73, 2000.
[11]
R. Gennaro, P. Rohatgi, "How to Sign Digital Streams", Proc. Advances in Cryptology--CRYPTO '97, LNCS, vol. 1294, pp. 180--197, 1997.
[12]
P. Golle, N. Modadugu, "Authenticating Streamed Data in the Presence of Random Packet Loss", Proc. Network and Distributed System Security Symp.--NDSS '01, The Internet Society, 2001.
[13]
C. K. Wong, S. S. Lam, "Digital Signatures for Flows and Multicasts", IEEE/ACM Trans. on Netw. (TON), vol. 7, no. 4, pp. 502--513, 1999.
[14]
J. M. Park, E. K. P. Chong, H. J. Siegel, "Efficient Multicast Packet Authentication Using Signature Amortization", Proc. IEEE Symp. on Security and Privacy--S&P 2002, pp. 227--240, 2002.
[15]
S. Even, O. Goldreich, S. Micali, "On-line/off-line digital signatures", Proc. Advances in Cryptology--CRYPTO '89, pp. 263--275, 1989.
[16]
A. Fiat, "Batch RSA", Proc. Advances in Cryptology--CRYPTO '89, LNCS, vol. 435, pp. 175--185, 1989.
[17]
D. Naccache, D. M'Raïhi, S. Vaudenay, D. Raphaeli, "Can D.S.A. be Improved?", Proc. Advances in Cryptology--EUROCRYPT '94, LNCS, vol. 950, pp. 77--85, 1995.
[18]
B. J. Matt, "Identification of Multiple Invalid Signatures in Pairing-based Batched Signatures", Proc. Int. Conf. on Theory and Practice of Public-Key Cryptography--PKC 2009, LNCS, vol. 5443, pp. 337--356, 2009.
[19]
G. M. Zaverucha, D. R. Stinson, "Group Testing and Batch Verification", Proc. 4th Int. Conf. on Information-Theoretic Security--ICITS '09, pp. 140--157, 2010.
[20]
S. Farrell, S. F. Symington, H. Weiss, P. Lovell, "Delay-Tolerant Networking Security Overview", draft-irtf-dtnrg-sec-overview-06 (expired), IRTF, 2009.
[21]
N. Asokan, K. Kostiainen, P. Ginzboorg, J. Ott, C. Luo, "Towards Securing Disruption-Tolerant Networking", NRC-TR-2007-007, Nokia Research Center, 2007.
[22]
W. Itani, A. Tajeddine, A. Kayssi, A. Chehab, "Slow But Certain Wins the Race: Authenticated Bundle Communication in Delay Tolerant Networks", Proc. 6th ACM Workshop on QoS and Security for Wireless and Mobile Networks--Q2SWinet'10, pp. 90--97, 2010.
[23]
C. Partridge, "Authentication for Fragments", Proc. 4th ACM Workshop on Hot Topics in Networks--SIGCOMM, 2005.
Index Terms
- Efficient solutions for the authenticated fragmentation problem in delay- and disruption-tolerant networks
Recommendations
An Efficient, Scalable Key Transport Scheme (ESKTS) for Delay/Disruption Tolerant Networks
In the past, security protocols including key transport protocols are designed with the assumption that there are two parties communication with each other and an adversary tries to intercept this communication. In Delay/Disruption Tolerant Networking (...
Reasonable routing in delay/disruption tolerant networks
Delay/disruption tolerant networking (DTN) is an approach to networking where intermittent connectivity exists: it is often afforded by a store and forward technique. Depending on the capability of intermediary nodes to carry and forward messages, ...
Comments
Information & Contributors
Information
Published In
September 2014
352 pages
ISBN:9781450330305
DOI:10.1145/2641798
- General Chairs:
- Ravi Prakash,
- Azzedine Boukerche,
- Program Chairs:
- Cheng Li,
- Falko Dressler
Copyright © 2014 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 21 September 2014
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
MSWiM'14
Sponsor:
MSWiM'14: 17th ACM International Conference on Modeling, Analysis and Simulation of Wireless and Mobile Systems
September 21 - 26, 2014
QC, Montreal, Canada
Acceptance Rates
MSWiM '14 Paper Acceptance Rate 32 of 128 submissions, 25%;
Overall Acceptance Rate 398 of 1,577 submissions, 25%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 95Total Downloads
- Downloads (Last 12 months)2
- Downloads (Last 6 weeks)0
Reflects downloads up to 25 Feb 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in