research-article

Comparative study of multicast authentication schemes with application to wide-area measurement system

Authors:
Yee Wei Law

The University of Melbourne, Parkville, Australia

The University of Melbourne, Parkville, Australia
View Profile

,
Zheng Gong

South China Normal University, Guangzhou, China

South China Normal University, Guangzhou, China
View Profile

,
Tie Luo

Agency for Science, Technology and Research, Singapore, Singapore

Agency for Science, Technology and Research, Singapore, Singapore
View Profile

,
Slaven Marusic

The University of Melbourne, Parkville, Australia

The University of Melbourne, Parkville, Australia
View Profile

,
Marimuthu Palaniswami

The University of Melbourne, Parkville, Australia

The University of Melbourne, Parkville, Australia
View Profile

ASIA CCS '13: Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications securityMay 2013Pages 287–298https://doi.org/10.1145/2484313.2484349

Published:08 May 2013Publication History

ASIA CCS '13: Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security

Pages 287–298

ABSTRACT

Multicasting refers to the transmission of a message to multiple receivers at the same time. To enable authentication of sporadic multicast messages, a conventional digital signature scheme is appropriate. To enable authentication of a multicast data stream, however, an authenticated multicast or multicast authentication (MA) scheme is necessary. An MA scheme can be constructed from a conventional digital signature scheme or a multiple-time signature (MTS) scheme. A number of MTS-based MA schemes have been proposed over the years. Here, we formally analyze four MA schemes, namely BiBa, TV-HORS, SCU+ and TSV+. Among these MA schemes, SCU+ is an MA scheme we constructed from an MTS scheme designed for secure code update, and TSV+ is our patched version of TSV, an MA scheme which we show to be vulnerable. Based on our simulation-validated analysis, which complements and at places rectifies or improves existing analyses, we compare the schemes' computational and communication efficiencies relative to their security levels. For numerical comparison of the schemes, we use parameters relevant for a smart (power) grid component called wide-area measurement system. Our comparison shows that TV-HORS, while algorithmically unsophisticated and not the best performer in all categories, is the most balanced performer. SCU+, TSV+ and by implication the schemes from which they are extended do not offer clear advantages over BiBa, the oldest among the schemes.

References

M. Adamiak, B. Kasztenny, and W. Premerlani. Synchrophasors: definition, measurement, and application. In 59th Annual Georgia Tech Protective Relaying, 2005.Google Scholar
M. Bellare and P. Rogaway. Random oracles are practical: a paradigm for designing efficient protocols. In CCS '93: Proceedings of the 1st ACM conference on Computer and communications security, pages 62--73. ACM, 1993. Google ScholarDigital Library
R. Bobba, H. Khurana, M. AlTurki, and F. Ashraf. PBES: a policy based encryption system with application to data sharing in the power grid. In Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, ASIACCS '09, pages 262--275, New York, NY, USA, 2009. ACM. Google ScholarDigital Library
P. G. Bradford and O. V. Gavrylyako. Foundations of security for hash chains in ad hoc networks. Cluster Computing, 8(2):189--195, 2005. Google ScholarDigital Library
P. G. Bradford and O. V. Gavrylyako. Hash chains with diminishing ranges for sensors. Int. J. High Performance Computing and Networking, 4(1/2):31--38, 2006. Google ScholarDigital Library
D. Coppersmith and M. Jakobsson. Almost optimal hash sequence traversal. In Financial Cryptography, volume 2357 of Lecture Notes in Computer Science, pages 102--119. Springer Berlin / Heidelberg, 2003. Google Scholar
Q. Dang. Recommendation for applications using approved hash algorithms. NIST Special Publication 800-107, Computer Security Division, Information Technology Laboratory, NIST, Feb. 2009.Google Scholar
D. Dolev and A. Yao. On the security of public key protocols. IEEE Trans. Inf. Theory, 29(2):198--208, Mar. 1983. Google ScholarDigital Library
P. Kansal and A. Bose. Smart grid communication requirements for the high voltage power system. In 2011 IEEE Power and Energy Society General Meeting, pages 1--6, July 2011.Google ScholarCross Ref
J. Katz. Digital Signatures. Springer, 2010.Google Scholar
I. Krontiris and T. Dimitriou. Authenticated in-network programming for wireless sensor networks. Ad-Hoc, Mobile, and Wireless Network, 4104:390--403, 2006. Google ScholarDigital Library
L. Lamport. Constructing digital signatures from a one-way function. Technical Report SRI-CSL-98, SRI Intl. Computer Science Laboratory, Oct. 1979.Google Scholar
Y. W. Law, M. Palaniswami, G. Kounga, and A. Lo. WAKE: Key Management Scheme for Wide-Area Measurement Systems in Smart Grid. IEEE Communications Magazine, Jan. 2013, in press.Google Scholar
J. Lee, S. Kim, Y. Cho, Y. Chung, and Y. Park. HORSIC: An efficient one-time signature scheme for wireless sensor networks. Information Processing Letters, 112(20):783--787, 2012. Google ScholarDigital Library
Q. Li and G. Cao. Multicast authentication in the smart grid with one-time signature. IEEE Transactions on Smart Grid, 2(4):686--696, 2011.Google ScholarCross Ref
C. Martinez, M. Parashar, J. Dyer, and J. Coroas. Phasor Data Requirements for Real Time Wide-Area Monitoring, Control and Protection Applications. White paper, EIPP -- Real Time Task Team, Jan. 2005.Google Scholar
C. Meadows and P. Syverson. Formalizing GDOI group key management requirements in NPATRL. In Proceedings of the 8th ACM conference on Computer and Communications Security, CCS '01, pages 235--244. ACM, 2001. Google ScholarDigital Library
NIST. Guidelines for smart grid cyber security. IR 7628, Aug. 2010.Google Scholar
Y. Park and Y. Cho. Efficient one-time signature schemes for stream authentication. Journal of Information Science and Engineering, 22(3):611--624, 2006.Google Scholar
A. Perrig. The BiBa one-time signature and broadcast authentication protocol. In CCS '01: Proceedings of the 8th ACM conference on Computer and Communications Security, pages 28--37. ACM, 2001. Google ScholarDigital Library
A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J. Tygar. SPINS: Security Protocols for Sensor Networks. In Proceedings of the 7th Ann. Int. Conf. on Mobile Computing and Networking, pages 189--199. ACM Press, 2001. Google ScholarDigital Library
J. Pieprzyk, H. Wang, and C. Xing. Multiple-time signature schemes against adaptive chosen message attacks. In Selected Areas in Cryptography, volume 3006 of Lecture Notes in Computer Science, pages 88--100. Springer Berlin / Heidelberg, 2004.Google Scholar
L. Reyzin and N. Reyzin. Better than BiBa: Short One-Time Signatures with Fast Signing and Verifying. In Information Security and Privacy, volume 2384 of LNCS, pages 144--153. Springer-Verlag, 2002. Google Scholar
S. Seys and B. Preneel. Power consumption evaluation of efficient digital signature schemes for low power devices. In IEEE International Conference on Wireless And Mobile Computing, Networking And Communications (WiMob'2005), pages 79--86, Aug. 2005.Google ScholarCross Ref
R. Steinwandt and V. I. Villányi. A one-time signature using run-length encoding. Information Processing Letters, 108(4):179 -- 185, 2008. Google ScholarDigital Library
D. R. Stinson. Some observations on the theory of cryptographic hash functions. Designs, Codes and Cryptography, 38(2):259--277, 2006. Google ScholarDigital Library
C. Tartary, H. Wang, and S. Ling. Authentication of digital streams. IEEE Transactions on Information Theory, 57(9):6285--6303, Sept. 2011. Google ScholarDigital Library
UCTE. Final Report of the Investigation Committee on the 28 September 2003 Blackout in Italy, Apr. 2004.Google Scholar
O. Ugus, D. Westhoff, and J.-M. Bohli. A ROM-friendly secure code update mechanism for WSNs using a stateful-verifier Ä -time signature scheme. In WiSec '09: Proceedings of the second ACM conference on Wireless network security, pages 29--40. ACM, 2009. Google ScholarDigital Library
U.S.-Canada Power System Outage Task Force. Final Report on the August 14, 2003 Blackout in the United States and Canada: Causes and Recommendations, Apr. 2004.Google Scholar
Q. Wang, H. Khurana, Y. Huang, and K. Nahrstedt. Time valid one-time signature for time-critical multicast data authentication. In IEEE INFOCOM 2009, pages 1233--1241, Apr. 2009.Google ScholarCross Ref
W. Wang, Y. Xu, and M. Khanna. A survey on the communication architectures in smart grid. Computer Networks, 55(15):3604--3629, 2011. Google ScholarDigital Library
J. Zhang and C. A. Gunter. Application-aware secure multicast for power grid communications. International Journal of Security and Networks, 6(1):40--52, 2011. Google ScholarDigital Library

Index Terms

Comparative study of multicast authentication schemes with application to wide-area measurement system
1. Security and privacy
  1. Security services
    1. Authentication

Recommendations

The ForwardDiffsig scheme for multicast authentication

This paper describes ForwardDiffSig, an efficient scheme for multicast authentication with forward security. This scheme provides source authentication, data integrity, and nonrepudiation since it is based on the use of asymmetric cryptography. At the ...
Read More
Efficient non-repudiation multicast source authentication schemes
Abstract
In secure multicast communication, packet source authentication is a bottleneck problem due to the dynamic property of the multicast group, unreliability of data transmission and the large number of data packets. This paper proposes a novel ...
Read More
Public Key Authentication Schemes for Local Area Networks

The invention of public-key cryptography makes many new network applications, such as electronic commerce (CE), possible. However, the widely used Internet is open and unprotected. Therefore, verifying the legitimacy of an individual's public key is ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
ASIA CCS '13: Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
May 2013
574 pages
ISBN:9781450317672
DOI:10.1145/2484313
General Chairs:
Kefei Chen
Shanghai Jiao Tong University, China
,
Qi Xie
Hangzhou Normal University, China
,
Weidong Qiu
Shanghai Jiao Tong University, China
,
Program Chairs:
Ninghui Li
Purdue University, USA
,
Wen-Guey Tzeng
National Chiao Tung University, Taiwan
Copyright © 2013 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 8 May 2013
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
multicast authentication
multiple-time signature scheme
smart grid
wide-area measurement system
Qualifiers
- research-article
Conference

Acceptance Rates
ASIA CCS '13 Paper Acceptance Rate35of216submissions,16%Overall Acceptance Rate418of2,322submissions,18%
More
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 6
  Total Citations
  View Citations
- 220
  Total Downloads
- Downloads (Last 12 months)13
- Downloads (Last 6 weeks)1
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Comparative study of multicast authentication schemes with application to wide-area measurement system

ASIA CCS '13: Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security

ABSTRACT

References

Cited By

Index Terms

Recommendations

The ForwardDiffsig scheme for multicast authentication

Efficient non-repudiation multicast source authentication schemes

Public Key Authentication Schemes for Local Area Networks