한국정보과학회논문지:시스템및이론 (Journal of KIISE:Computer Systems and Theory)

한국정보과학회 (Korean Institute of Information Scientists and Engineers)
권호 표지

인증 트리 기법을 이용한 효율적인 스트림 인증 기법

An Efficient Stream Authentication Scheme using Tree Authentication

  • 박용수 (서울대학교 대학원 전기컴퓨터 공학부) ;
  • 조유근 (서울대학교 컴퓨터학과)
  • 발행 : 2002.08.01
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

본 논문에서는 인증 트리 기법을 이용하여 실시간으로 전달되는 스트림 데이타를 인증하는 효율적인 기법을 제시한다. 제시한 기법은 높이가 낮은 인증 트리를 설계하여 송신 서버의 계산량이 매우작으며, 인증 트리 내 인증 정보를 패킷에 적절히 분배하여 수신자가 데이타를 검증 시 검증 확률이 매우 높다. 본 논문에서는 제안된 기법의 검증 확률을 해석적으로 분석한 결과를 제시하였다. 기존 기법들과 비교해보면 송신 서버의 계산량은 기존 기법 중 가장 우수한 GM의 기법과 거의 비슷한 수준이며, 시뮬레이션을 통해 검증 확률을 측정한 결과 기존 기법들보다 월등히 높은 검증 확률을 보였다.

We propose an efficient stream authentication scheme using tree authentication. To reduce the computation cost of the sender, we design the authentication tree whose height is very short. We appropriately distribute authentication information over packets so the receiver can verify data with high probability. Moreover, we provide mathematical analysis on the verification probability. For the proposed scheme and previous schemes, we measured the elapsed time for generating authentication information and the proposed scheme has equal to or slightly larger than that of GM's scheme, which has the lowest computation overhead. We performed simulations, which show that the verification probability of the proposed scheme is much higher than that of any other scheme.

키워드

참고문헌

  1. Michael S. Borella, Debbie Swider, S. Uludag and G. Brewster, 'Internet Packet Loss: Measurement and Implications for End-to-End QoS, In International Conference on Parallel Processing, 1998 https://doi.org/10.1109/ICPPW.1998.721868
  2. Rosario Gennaro and Pankaj Rohatgi, 'How to Sign Digital Streams,' In CRYPTO'97, pages 180-197, 1997
  3. Philippe Golle and Nagendra Modadugu, 'Authenticating Streamed Date in the Presence of Random Packet Loss,' NDSS'01, pages 13-22, 2001
  4. Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone, Handbook of Applied Cryptography, CRC Press, 1997
  5. Ralph C. Merkle, 'A Certified Digital Signature,' CRYPTO'89, pages 218-238, 1989
  6. Vern Paxson, 'End-to-End Internet Packet Dynamics,' IEEE/ACM Transactions on Networking, 7(3):277-292, 1999 https://doi.org/10.1109/90.779192
  7. Adrian Perrig, Ran Canetti, Dawn Song and J. D. Tygar, 'Efficient Authentication and Signing of Multicast Streams over Lossy Channels,' Proceedings of IEEE Security and Privacy Symposium, May 2000 https://doi.org/10.1109/SECPRI.2000.848446
  8. Michael O. Rabin, 'Efficient dispersal of information for security, load balancing and fault tolerance,' Journal of the Association for Computing Machinery, 36(2):335-348, 1989 https://doi.org/10.1145/62044.62050
  9. Michael Roe, Performance of Protocols, In Security Protocols Workshop, LNCS vol. 1796, pp. 140-146, 1999 https://doi.org/10.1007/10720107_20
  10. Pankaj Rohatgi, 'A Compact and Fast Hybrid Signature Scheme for Multicast Packet Authentication,' In 6th ACM Conference on Computer and Communication Security, pp. 93-100, November 1999 https://doi.org/10.1145/319709.319722
  11. Chung Kei Wong and Simon S. Lam, 'Digital Signatures for Flows and Multicasts,' IEEE/ACM Transactions on Networking, 7(4):502-513, 1999 https://doi.org/10.1109/90.793005
  12. M. Yajnik, S. Moon, J. Kurose and D. Towsley, 'Measurement and modelling of the temporal dependence in packet loss,' IEEE INFOCOM'99, 1999 https://doi.org/10.1109/INFCOM.1999.749301