Ecole d'ingénieur et centre de recherche en Sciences du numérique

Real time multicast authentication

Pannetrat, Alain;Molva, Refik

NDSS 2003, Network and Distributed System Security Symposium, 6-7 February 2003, San Diego, USA

Providing authentication mechanisms for IP-Multicast streams is paramount for the development of large scale commercial multicast content delivery applications. This need is particularly strong for the delivery of real time content, such as live video/audio news events or financial stock quote distribution. However, this turns out to be a quite challenging problem for many reasons. First, the authentication of the multicast data must be verifiable by a potentially very large number of untrusted recipients. Second, since multicast communication protocols are almost always best effort, the authentication mechanisms needs to authenticate received content despite the potential loss of some packets. Finally, the authentication mechanism needs to be efficient enough to cope with real time data and should have a small communication overhead. We propose a new multicast authentication scheme designed to authenticate real time multicast packet streams with a potentially unlimited number of recipients. This scheme provides both integrity and non repudiation of origin, and in a majority of situations, it performs with less overhead in bytes per packet than previously proposed practical real time stream authentication schemes. source must add authentication information to the distributed content. This authentication information is used by recipients to ascertain the origin of the transmitted content. In the context of multicast authentication, we distinguish two types of distributed contents: pre-recorded and real time. Pre-recorded content describes content that is known in advance to the source, such as a film or music. For such content, the authentication information can be computed and inserted in the stream in advance. On the other hand, real time content describes content that is produced in real time such as live sports event broadcasting, news events or financial stock quotes. Real time content requires some of the authentication information to be computed in real time, which adds further constrains on the efficiency of the authentication algorithm. Thus, an efficient real time authentication algorithm can be used for pre-recorded data while the converse is not necessarily true. Moreover, it seems that real time application naturally have a stronger need for authentication. Consider as an example, the disastrous consequence that source impersonation could have for an application such as stock quote distribution, where a malicious entity could generate

Document Doi Bibtex

Titre:Real time multicast authentication
Ville:San Diego
Département:Sécurité numérique
Eurecom ref:1072
Copyright: © ISOC. Personal use of this material is permitted. The definitive version of this paper was published in NDSS 2003, Network and Distributed System Security Symposium, 6-7 February 2003, San Diego, USA and is available at :
Bibtex: @inproceedings{EURECOM+1072, doi = {}, year = {2003}, title = {{R}eal time multicast authentication}, author = {{P}annetrat, {A}lain and {M}olva, {R}efik}, booktitle = {{NDSS} 2003, {N}etwork and {D}istributed {S}ystem {S}ecurity {S}ymposium, 6-7 {F}ebruary 2003, {S}an {D}iego, {USA}}, address = {{S}an {D}iego, {\'{E}}{TATS}-{UNIS}}, month = {02}, url = {} }
Voir aussi: