research-article

Efficient targeted key subset retrieval in fractal hash sequences

Authors:

Thoshitha Gamage,

Carl HauserAuthors Info & Claims

CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

Pages 1273 - 1284

https://doi.org/10.1145/2508859.2516739

Published: 04 November 2013 Publication History

Abstract

This paper presents a new hash chain traversal strategy which improves performance of hash chain based one-time authentication schemes. This work is motivated by the need for efficient message authentication in low-latency multicast systems. Proposed solutions such as TV-OTS rely on hash chain generated values for keys, achieving reliable security by using only a small subset of generated values from each chain. However, protocols using hash chains are limited by the rate at which a hash chain traversal is able to supply keys. The new algorithm uses the same structure as Fractal Hash Traversal, but eliminates redundant operations incurred when used with applications such as TV-OTS. Performance is measured in terms of savings and is proportional to the chain-distance between consecutively retrieved values. For a distance of delta, we achieve Theta(delta_2(delta)) savings, which is shown analytically and supported by empirical tests.

References

[1]

Bakken, D., Bose, A., Hauser, C., Whitehead, D., and Zweigle, G. Smart generation and transmission with coherent, real-time data. Proceedings of the IEEE 99, 6 (June 2011), 928 --951.

[2]

Cairns, K., Hauser, C., and Gamage, T. Flexible data authentication evaluated for the smart grid. 2013 IEEE International Conference on Smart Grid Communications (SmartGridComm) (2013), To appear.

[3]

Challal, Y., Bettahar, H., and Bouabdallah, A. A taxonomy of multicast data origin authentication: Issues and solutions. Communications Surveys & Tutorials, IEEE 6, 3 (2004), 34--57.

Digital Library

[4]

Coppersmith, D., and Jakobsson, M. Almost optimal hash sequence traversal. In Financial Cryptography (2003), Springer, pp. 102--119.

Digital Library

[5]

Diffie, W., and Hellman, M. New directions in cryptography. IEEE Transactions on Information Theory 22, 6 (1976), 644--654.

Digital Library

[6]

Fuloria, S., Anderson, R., McGrath, K., Hansen, K., and Alvarez, F. The protection of substation communications. In Proceedings of SCADA Security Scientific Symposium (2010).

[7]

Hauser, C., Manivannan, T., and Bakken, D. Evaluating multicast message authentication protocols for use in wide area power grid data delivery services. In 2012 45th Hawaii International Conference on System Science (HICSS) (2012), IEEE, pp. 2151--2158.

Digital Library

[8]

Hu, Y., Jakobsson, M., and Perrig, A. Efficient constructions for one-way hash chains. In Applied Cryptography and Network Security (2005), Springer, pp. 167--190.

Digital Library

[9]

Itkis, G., and Reyzin, L. Forward-secure signatures with optimal signing and verifying. In Advances in Cryptology--Crypto 2001 (2001), Springer, pp. 332--354.

Digital Library

[10]

Jakobsson, M. Fractal hash sequence representation and traversal. In 2002 IEEE International Symposium on Information Theory (2002), IEEE, p. 437.

[11]

Kim, S. Improved scalable hash chain traversal. In Applied Cryptography and Network Security (2003), Springer, pp. 86--95.

[12]

Lamport, L. Constructing digital signatures from a one-way function. Tech. rep., Technical Report CSL-98, SRI International, 1979.

[13]

Lamport, L. Password authentication with insecure communication. Communications of the ACM 24, 11 (1981), 770--772.

Digital Library

[14]

Li, Q., and Cao, G. Multicast authentication in the smart grid with one-time signature. Smart Grid, IEEE Transactions on 2, 4 (2011), 686--696.

[15]

Perrig, A. The BiBa one-time signature and broadcast authentication protocol. In Proceedings of the 8th ACM conference on Computer and Communications Security (2001), ACM, pp. 28--37.

Digital Library

[16]

Perrig, A., Canetti, R., Song, D., and Tygar, J. Efficient and secure source authentication for multicast. In Network and Distributed System Security Symposium (NDSS) (2001), vol. 1, pp. 35--46.

[17]

Perrig, A., Canetti, R., Tygar, J. D., and Song, D. The TESLA broadcast authentication protocol. RSA CryptoBytes 5, 2 (2002).

[18]

Reyzin, L., and Reyzin, N. Better than BiBa: Short one-time signatures with fast signing and verifying. In Information Security and Privacy (2002), Springer, pp. 1--47.

Digital Library

[19]

Rivest, R., Shamir, A., and Adleman, L. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21, 2 (1978), 120--126.

Digital Library

[20]

Sella, Y. On the computation-storage trade-offs of hash chain traversal. In Financial Cryptography, Lecture Notes in Computer Science. Springer, 2003, pp. 270--285.

[21]

Wang, Q., Khurana, H., Huang, Y., and Nahrstedt, K. Time valid one-time signature for time-critical multicast data authentication. In INFOCOM 2009, IEEE (2009), IEEE, pp. 1233--1241.

[22]

Yum, D., Seo, J., Eom, S., and Lee, P. Single-layer fractal hash chain traversal with almost optimal complexity. Topics in Cryptology--CT-RSA 2009 (2009), 325--339.

Digital Library

Cited By

Ji CKim JLee JHong M(2015)Review of one-time signatures for multicast authentication in smart grid2015 12th International Conference & Expo on Emerging Technologies for a Smarter World (CEWIT)10.1109/CEWIT.2015.7338162(1-4)Online publication date: Oct-2015
https://doi.org/10.1109/CEWIT.2015.7338162
Szalachowski PKim T(2015)Secure broadcast in distributed networks with strong adversariesSecurity and Communication Networks10.1002/sec.12968:18(3739-3750)Online publication date: 1-Dec-2015
https://dl.acm.org/doi/10.1002/sec.1296

Index Terms

Efficient targeted key subset retrieval in fractal hash sequences
1. Theory of computation
  1. Randomness, geometry and discrete structures

Recommendations

Generic security-amplifying methods of ordinary digital signatures

Digital signatures are one of the most fundamental primitives in cryptography. In this paper, three new paradigms are proposed to obtain signatures that are secure against existential forgery under adaptively chosen message attacks (fully-secure, in ...
Digital signature of multicast streams secure against adaptive chosen message attack

We design a secure multicast stream signature scheme which can resist adaptive chosen message attack through splitting a multicast stream into a sequence of blocks. Firstly, we propose the definition of one-time block signature scheme and its ...
Leakage-resilience of stateless/stateful public-key encryption from hash proofs
ACISP'12: Proceedings of the 17th Australasian conference on Information Security and Privacy

We consider the problem of constructing public-key encryption (PKE) schemes that are resilient to a-posteriori chosen-ciphertext and key-leakage attacks. Recently, Naor and Segev (CTYPTO'09) have proven that the Naor-Yung generic construction of PKE ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

November 2013

1530 pages

ISBN:9781450324779

DOI:10.1145/2508859

General Chair:
Ahmad-Reza Sadeghi
TU Darmstadt, CASED, Intel ICRI-SC, Germany
,
Program Chairs:
Virgil Gligor
Carnegie Mellon University, USA
,
Moti Yung
Columbia University, USA

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 November 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'13

Sponsor:

SIGSAC

CCS'13: 2013 ACM SIGSAC Conference on Computer and Communications Security

November 4 - 8, 2013

Berlin, Germany

Acceptance Rates

CCS '13 Paper Acceptance Rate 105 of 530 submissions, 20%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
308
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)0

Reflects downloads up to 22 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Ji CKim JLee JHong M(2015)Review of one-time signatures for multicast authentication in smart grid2015 12th International Conference & Expo on Emerging Technologies for a Smarter World (CEWIT)10.1109/CEWIT.2015.7338162(1-4)Online publication date: Oct-2015
https://doi.org/10.1109/CEWIT.2015.7338162
Szalachowski PKim T(2015)Secure broadcast in distributed networks with strong adversariesSecurity and Communication Networks10.1002/sec.12968:18(3739-3750)Online publication date: 1-Dec-2015
https://dl.acm.org/doi/10.1002/sec.1296

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents