MULTICAST AUTHENTICATION BASED ON BATCH SIGNATURE

Amritha Alex Panicker Parvathy C Sneha Anne Jacob

MABS

1. Introduction
1.1 Introduction
Multicat is an efficient method to deliver multimedia content from a sender to a group of receivers and is gaining popular applications such as realtime stock quotes, interactive games, video conference, live video broadcast, or video on demand. Authentication is one of the critical topics in securing multicast in an environment attractive to malicious attacks. Basically, multicast authentication may provide the following security services: 1. Data integrity: Each receiver should be able to assure that received packets have not been modified during transmissions. 2. Data origin authentication: Each receiver should be able to assure that each received packet comes from the real sender as it claims. 3. No repudiation: The sender of a packet should not be able to deny sending the packet to receiver in case there is a dispute between the sender and receiver. All the three services can be supported by an asymmetric key technique called signature. In an ideal case, the sender generates a signature for each packet with its private key, which is called signing, and each receiver checks the validity of the signature with the senders public key, which is called verifying. If the verification succeeds, the receiver knows the packet is authentic. Designing a multicast authentication protocol is not an easy task. Generally, there are following issues in real world challenging the design. First, efficiency needs to be considered, especially for receivers. Compared with the multicast sender, which could be a powerful server, receivers can have different capabilities and resources. The receiver heterogeneity requires that the multicast authentication protocol be able to execute on not only powerful desktop computers but also resource-constrained mobile handsets. In particular, latency, computation, and communication overhead are major issues to be considered. Second, packet loss is inevitable. In the Internet, congestion at routers is a major reason causing packet loss. An overloaded router drops buffered packets according to its preset control policy. Though TCP provides a certain retransmission capability, multicast content is mainly transmitted over UDP, which does not provide any loss recovery support. In mobile

1
College of Engineering, Chengannur

MABS

Designing a multicast authentication protocol is not an easy as, there are following issues in real world challenging the design. First, efficiency needs to be considered, especially for receivers. Second is the packet loss that happens during the implementation phase. Therefore, for applications where the quality of service is critical to end users, a multicast authentication protocol should provide a certain level of resilience to packet loss. Specifically, the impact of packet loss on the authenticity of the alreadyreceived packets should be as small as possible.

2 Software Requirement Specifications

2.1 Introduction
2.1.1 Purpose This document specifies the requirements and specification set forth for Multicast Authentication based on Batch Signature. Multicast Authentication based on Batch Signature provides a framework for perfect resilence to data loss over a network. This SRS document covers the entire project at this stage of development. The final software will have the features according to the document. 2.1.2 Scope Conventional block-based multicast authentication schemes overlook the heterogeneity of receivers by letting the sender choose the block size, divide a multicast stream into blocks, associate each block with a signature, and spread the effect of the signature across all the packets in the block through hash graphs or coding algorithms. The correlation among packets makes them vulnerable to packet loss, which is inherent in the Internet and wireless networks. We propose a novel framework, Multicast Authentication based on Batch Signature to eliminate the correlation among packets and thus to provide the perfect resilience to packet loss. Also we introduce an enhanced scheme which combines the basic scheme with a packet filtering mechanism to alleviate the Denial-of-Service(DoS) impact while preserving the perfect resilience to packet loss.Multicast is an efficient method to deliver multimedia content from a sender to a group of receivers and is gaining popular applications such as real-time stock quotes, interactive games, video conference, live video broadcast, or video on demand.

2
College of Engineering, Chengannur

MABS

2.1.3 Definitions,Acronyms and Abbrevations MABS-Multicast Authentication based on Batch Signature DoS-Denial-of-Service DSA-Digital Signal Algorithm BLS- BonehLynnShacham signature RSA- Rivest- Shamir-Adleman signature 2.1.4 Overview The SRS document provides description about the system requirements, interfaces, features and functionalities.

2.2 General Description

2.2.1 Product Perspective In the proposed system multicast authentication protocol, namely MABS, the correlation among packets is eliminated and thus it provides a perfect resilience to packet loss. It is also efficient in terms of latency, computation, and communication overhead due to an efficient cryptographic primitive called batch signature, which supports the authentication of any number of packets simultaneously. We also present an enhanced scheme which combines the basic scheme with a packet filtering mechanism to alleviate the DoS impact while preventing packet loss. 2.2.2 Product Function In the proposed system multicast authentication protocol, namely MABS, including two schemes. The basic scheme (MABS-B) eliminates the correlation among packets and thus provides the perfect resilience to packet loss, and it is also efficient in terms of latency, computation, and communication overhead due to an efficient cryptographic primitive called batch signature, which supports the authentication of any number of packets simultaneously. We also present an enhanced scheme MABS-E, which combines the basic

3
College of Engineering, Chengannur

MABS

scheme with a packet filtering mechanism to alleviate the DoS impact while preserving the perfect resilience to packet loss. 2.2.3 User characteristics The software has a user who will be registering in the Desktop application that we would be developing. At this point he would be provided with a password. This password is being stored in the database which is used for further login by the user . Users include: y y Clients who wish to access the facilities in application MABS Admin

The user interface has to be developed in Netbeans IDE 6.9.1. The user has several options such as: 1. Registration 2. Signing 3. Updating profile 4. Data transfer mode 5. View report

2.2.4 General Constraints 1. There exists a client server communication. A high bandwidth communication is necessary. 2. This system can be supported in only those systems which provide Java support. 2.2.5 Database Requirements The list of clients along with login details of each user is maintained at the server in a database which is accessed by the application running at the server side. 2.2.6 Assumptions and Dependencies y Proper network connection is necessary between the computers for the proper working of the system. y Software must be installed at all the systems.

4
College of Engineering, Chengannur

MABS

2.2.7 User Interface The user interface is provided such that firstly the user has to login for using the facilities provided by the application. A help menu will also be provided in the main window. A login option is provided where the user has to enter password. The password is validated and the user gets access to the application. Options for transferring, receiving and reports are provided in the application. User is also provided with an option to change password. After carrying out intended operations user is logged out using logout option. A help menu will be provided in the interface. This menu driven support facilitates user to

use the facilities provided by the software and describes the initial user how to move through the application.

2.3 External Interface Requirements

2.3.1 Hardware and Software Requirements Software Requirements y y y y Front end Back end Operating system IDE : : : : Java My SQL Windows Net Beans

Hardware Requirements y y y Processor Primary Memory Storage : Pentium IV OR Above : : 256 MB RAM 40 GB Hard Disk

2.3.2 Functional Requirements MABS can achieve perfect resilience to packet loss in lossy channels in the sense that no matter how many packets are lost the already-received packets can still be authenticated by receivers.MABS-B is efficient in terms of less latency, computation, and communication overhead. Though MABS-E is less efficient than MABS-B since it includes the DoS defense, its overhead is still at the same level as previous schemes.Two new batch signature schemes based on BLS and DSA are introduced

5
College of Engineering, Chengannur

MABS

2.4 Non-Functional Requirements

2.4.1 Performance The system is expected to fit according to the performance.It should use less memory and should be easily accessible by user. Memory management should be done wisely so that none of the memory goes wasted. The system should provide perfect resilience to packet loss, and it is also efficient in terms of latency, computation, and communication overhead along with a secure multicast.

2.4.2 Maintainability The application will be designed in a manner that it is easy to modify the software system later when required and to incorporate new requirements in the individual modules.

2.4.3 Security Requirements The system is expected to give a secure multicast using batch signature along with a user authenticated password protection to access the application.

2.4.4 Portability This application will be developed using platform independent java technology. Hence it provides portability.

3. Data Flow Diagram

Context diagram Context diagrams are used early in a project to get agreement on the scope under investigation. Context diagrams are typically included in a requirements document. These diagrams must be read by all project stakeholders and thus should be written in plain language, so the stakeholders can understand items within the document. It shows the system as a whole in its environment. It defines what/who will interact with the system and the high-level of data/materials into/out of the system.

6
College of Engineering, Chengannur

MABS

Level 0

Level 1

7
College of Engineering, Chengannur

MABS

Level 2

Module Description User Management: A user is allowed to enter the application after authentication of that particular user. Users have to provide user name and password .If a particular user is not in the login table, then he cant access the system .For unregistered users there is an option for signing. After login the user will be provided with options for broadcasting, unicasting and multicasting data. The user will be provided with an inbox containing with files sent to the user by others. User will also be provided with options to join and unjoin multicast

8
College of Engineering, Chengannur

MABS

groups. User can also add or remove others from multicast groups owned by him. Users will be provided with reports to review details of previous transmission.

Network Management : Network management is concerned with division of data into packets, grouping of packets into batches, encryption of data, signature generation at the sender side and detection of batches, decryption of data, signature verification at the receiver side. It also consists of generation of acknowledgement system for UDP packets, resending of unacknowledged packets and detection of duplicate packets. Detection and prevention of DoS attack is also the function of this module. Various schemes:

Batch RSA RSA is a very popular cryptographic algorithm in many security protocols. In order to use RSA, a sender chooses two large random primes P and Q to get N=PQ, and then calculates two exponents e, d such that ed=1mod (N), where (N)=(P-1)(Q-1). The sender publishes (e, N) as its public key and keeps d in secret as its private key. A signature of a message m can be generated as = (h(m))d mod N, where h( ) is a collision resistant hash function. The

sender sends {m, } to a receiver that can verify the authenticity of message m by checking e = h(m) mod N.

Batch DSA A DSA digital signature is computed using a set of domain parameters, a private key x, a per message secret number k, data to be signed, and a hash function. A digital signature is verified using the same domain parameters, a public key y that is mathematically associated with the private key x used to generate the digital signature, data to be verified, and the same hash function that was used during signature generation. p= a prime modulus, where 2L1 < p < 2L, and L is the bit length of p. q =a prime divisor of (p 1), where 2N1 < q < 2 N, and N is the bit length of q. g =a generator of the subgroup of order q mod p, such that 1 < g < p. x =the private key that must remain secret; x is a randomly or pseudo randomly generated integer, such that 0 < x < q, i.e., x is in the range [1, q1].
9
College of Engineering, Chengannur

MABS

y =the public key, where y = gx mod p. k =a secret number that is unique to each message; k is a randomly or pseudo randomly generated integer, such that 0 < k < q, i.e., k is in the range [1, q1]. h() =a hash function.

Given message m, the signer generates a signature by randomly selecting an integer k with 0 < k < q. Computing h = h(m). Computing r = (gk mod p) mod q, and computing s = rk hx mod q. The signature for m is (r,s). The receiver can verify message m by first computing h=h(m) and then checking whether ((gsr-1 yhr-1) mod p) mod q = r This is because if the packet is authentic, then ((gsr-1 yhr-1) mod p) mod q =((g(s+hx)r-1) mod p) mod q =( gk mod p) mod q =r

Batch BLS The BLS signature scheme uses a cryptographic primitive called pairing.Let

be a non-degenerate, efficiently computable, bilinear pairing function where G, GT are groups of prime order, r. Let g be a generator of G. The key generation algorithm selects a random integer x in the interval [0, r 1]. The private key is x. The holder of the private key publishes the public key, gx. Signing: Given the private key x, and some message m, we compute the signature by hashing the string m, as h = H(m). We output the signature Verification: Given a signature = hx.

and a public key gx, we verify that e( ,g) = e(H(m),gx).

Admin Management: Admin is allowed to enter the application after authentication. Admin has to provide user name and password .After login admin can change the network, firewall settings, set the key for signing of packets.

10
College of Engineering, Chengannur

MABS

4. Conclusion
To reduce the signature verification overheads in the secure multimedia multicasting, blockbased authentication schemes have been proposed. Unfortunately, most previous schemes have many problems such as vulnerability to packet loss and lack of resilience to denial of service (DoS) attack. To overcome these problems, we develop a novel authentication scheme MABS. MABS is perfectly resilient to packet loss due to the elimination of the correlation among packets and can effectively deal with DoS attack. Moreover, the use of batch signature can achieve the efficiency less than or comparable with the conventional schemes. Finally, we further develop two new batch signature schemes based on BLS and DSA, which are more efficient than the batch RSA signature scheme.

5. References
y Yun Zhou, Xiaoyan Zhu, Yuguang Fang ,MABS: Multicast Authentication Based on Batch Signature IEEE Transactions on mobile computing, July 2010 y P. Judge and M. Ammar, Security Issues and Solutions in Multicast Content Distribution: A Survey, IEEE Network Magazine, vol. 17, no. 1, pp. 30-36, Jan./Feb. 2003. y http://en.wikipedia.org/wiki

11
College of Engineering, Chengannur