To Achieve Perfect Resilience To Packet Loss In Lossy Channels Through Mabs

Authentication is one of the decisive subjects in protecting multicast in a situation attractive to malicious attacks.  Multicast is a competent method to transport multimedia content from a sender to a group of receivers and is gaining popular applications such as real time stock quotes, interactive games, video conference, live video broadcast or video on demand. The batch signature methods can be used to perk up the presentation of broadcast authentication. In this paper we recommend all-inclusive revise on this approach and suggest a novel multicast authentication protocol called MABS (Multicast Authentication based on Batch Signature). The essential scheme called MABS-B hereafter operates an well-organized asymmetric cryptographic primitive called batch signature which supports the authentication of any number of packets concurrently with one signature verification to address the competence and packet loss problems in universal surrounding

Implementing Secure Group Communications using Key Graphs

While the technical issues of securing unicast communications for client-server computingare fairly well-understood, the technical issues of securing group communications are not. Theexisting approach to improve the scalability is to decompose a large group of clients into manysubgroups and employ a hierarchy of group security agents. In this paper, the secure groupcommunications using key graphs and the implementation of a different hierarchical approachto improve the scalability and secure group communication using key graphs has been presented

Authenticated file broadcast protocol

The File Broadcast Protocol (FBP) was developed as a part of the DETIboot system. DETIboot allows a host to broadcast an operating system image through an 802.11 wireless network to an arbitrary number of receivers. Receivers can load the image and immediately boot a Linux live session. The initial version of FBP had no security mechanisms. In this paper we present an authentication protocol developed for FBP that ensures a correct file distribution from the intended source to the receivers. The performance valuations have shown that, with the best operational configuration tested, the file download time is increased by less than 5%

A scalable scheme for multilevel packet authentication in secure multicasting

Since communication has become an integral part of modernlife, security and authentication have also become important issues for providing secure communication. The issue of providing communication among a group of users has also been in the forefront, and multicasting has become a key technology for supporting such communication. This thesis explores new methods for multicast authentication. First, the thesis discusses several multicast authentication schemes: (i) public-key systems and Message Authentication Codes (MACs), and their relation to multicast authentication, and (ii) different views of multicast authentication, including digital streams, off-line computation, and using less secure but more efficient authentication algorithms. Then, the thesis proposes a scheme for multicast authentication based on a digital streams scheme, extended Fiege-Fiat-Shamir (eFFS), which is efficient and scalable. eFFS allows multiple levels of authentication, but sending these multiple levels may consume a lot of bandwidth. This research enhances eFFS (the enhanced scheme is called Modified eFFS, or MeFFS) by partitioning the receivers of a group to form several multicast subgroups, and sending different authentication levels to different subgroups. The performance enhancement of MeFFS, in terms of bandwidth savings, is quantified through simulation studies. Our studies show that MeFFS outperforms eFFS for multicast groups where the trees corresponding to the subgroups are highly disjoint. Finally, some suggestions are made to make the scheme more scalable and deployable

Hardware accelerated authentication system for dynamic time-critical networks

The secure and efficient operation of time-critical networks, such as vehicular networks, smart-grid and other smart-infrastructures, is of primary importance in today’s society. It is crucial to minimize the impact of security mechanisms over such networks so that the safe and reliable operations of time-critical systems are not being interfered. Even though there are several security mechanisms, their application to smart-infrastructure and Internet of Things (IoT) deployments may not meet the ubiquitous and time-sensitive needs of these systems. That is, existing security mechanisms either introduce a significant computation and communication overhead, or they are not scalable for a large number of IoT components. In particular, as a primary authentication mechanism, existing digital signatures cannot meet the real-time processing requirements of time-critical networks, and also do not fully benefit from advancements in the underlying hardware/software of IoTs. As a part of this thesis, we create a reliable and scalable authentication system to ensure secure and reliable operation of dynamic time-critical networks like vehicular networks through hardware acceleration. The system is implemented on System-On-Chips (SoC) leveraging the parallel processing capabilities of the embedded Graphical Processing Units (GPUs) along with the CPUs (Central Processing Units). We identify a set of cryptographic authentication mechanisms, which consist of operations that are highly parallelizable while still maintain high standards of security and are also secure against various malicious adversaries. We also focus on creating a fully functional prototype of the system which we call a “Dynamic Scheduler” which will take care of scheduling the messages for signing or verification on the basis of their priority level and the number of messages currently in the system, so as to derive maximum throughput or minimum latency from the system, whatever the requirement may be

Security Issues and Solutions in Multicast Environment through Tree based Scheme

Multicast is the delivery of a message or information to a group of destination computers simultaneously in a single transmission from the source creating copies automatically in other network elements, such as routers, only when the topology of the network requires it. Multicasting security is hard because of Open group membership, everyone gets same pack ets, Senders need not be members. We first present taxonomy of mu lticast scenarios on the Internet and point out relevant security concerns. Next we address two major security problems of multicast communication: source authentication, and key revocation. Maintaining authenticity in multicast protocols is a much more complex problem than for unicast, in particular known solutions are prohibitively inefficient in many cases. We present a solution that is reasonable for a range of scenarios. Our approach can be regarded as a midpoi nt between traditional Message Authentication Codes and digital signatures. We also present an improved solution to the key revocation problem

Integration of TESLA and FLUTE over satellite networks

Multicast research has explored the security challenges faced in group communications. Multicast transport and multicast security need to work in close collaboration to realise a multicast service. However, there has been comparatively little work to combine the two technologies. In this paper the authors is presenting an example of partially integrating Timed Efficient Stream Loss-Tolerant Authentication (TESLA) protocol and the File Delivery over Unidirectional Transport (FLUTE) protocol. The security concern raised by the proposed algorithm is analysed for satellite network. The proposed algorithm was implemented on a testbed with multicast tunnel between University of Surrey and University of Aberdeen and the results are presented in this paper