Technical reports: CMU-CyLab-08-014
| Title: | Low Latency and Congestion Broadcast Authentication in Fixed Topology Networks |
|---|---|
| Authors: | Haowen Chan, Adrian Perrig |
| Publication Date: | December 22, 2008 |
| Full Report: | CMU-CyLab-08-014 (.pdf) |
Abstract
We present several latency optimizations on two classes of broadcast authentication schemes for networks where the topology and the identities of the receiving nodes are known a-priori. Let n be the number of receivers in the network. The first class of protocols involves the construction and dissemination of a hash tree with message authentication codes (MACs) at the leaves. We show that this authentication method can be performed on linear network topologies with n latency and at most 2 ⌈log2 n⌉ communication overhead per node. On a fully-connected network, this method can be implemented with 3⌈log2n⌉ + 1 latency and at most 5⌈log2n⌉ communication overhead per node. The second class of protocols uses an idea related to TESLA where a single MAC for the broadcast message is released, and the key for the MAC is released (or reconstructed) later, once all receivers have received the MAC. Like TESLA, this class of protocols requires an additional minor bootstrapping assumption where an hash chain anchor value needs to be preloaded onto all receivers and all receivers are required to have a consistent view of the current hash chain status. However, unlike TESLA, in the new scheme we can remove the loose time synchronization requirement completely. We show that this allows messages to be authenticated on the any topology in two passes and low constant communications overhead per node. Hence, we can perform the protocol on the linear topology with with 2n latency and on the fully connected topology with 4.32 log2 n + 2 latency.