FORWARD-SECURE AUTHENTICATED-ENCRYPTION IN MULTI-RECEIVER SETTING

Kan Yasuda, Kazumaro Aoki, Eiichiro Fujisaki, Atsushi Fujioka

2006

Abstract

In this paper we study a generic construction of forward-secure authenticated-encryption in unidirectional, multi-receiver setting. By “multi-receiver setting” we mean the situation in which a single center transmits large data to a dynamically changing group of receivers. In such scenario a direct application of bidirectional, unicast methods would lead to multiple problems. In particular, we focus on the problem of vulnerability against a type of denial-of-service (DoS) attack. We show that this problem can be effectively resolved by a mechanism we call “MAC-then-MAC” structure. As the name suggests, this structure uses two independent MACs, but we illustrate how it can be realized without losing efficiency in transmission rate, storage size and computational overhead. Despite the fact that one of the MACs uses a constant key, our construction guarantees integrity in the sense of forward security. We provide a concrete security model showing that our construction achieves confidentiality and strong integrity (replay avoidance, in-order packet delivery, etc.) both in the sense of forward security.

References

  1. Bellare, M., Desai, A., Jokipii, E., and Rogaway, P. (1997). A concrete security treatment of symmetric encryption. In Proceedings of the 38th Symposium on Foundations of Computer Science, pages 394-403. IEEE Computer Soceity Press.
  2. Bellare, M. and Namprempre, C. (2000). Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. In Okamoto, T., editor, Advances in Cryptology - ASIACRYPT 2000 Proceedings, volume 1976 of Lecture Notes in Computer Science, pages 531-545. Springer-Verlag.
  3. Bellare, M. and Yee, B. S. (2003). Forward-security in private-key cryptography. In Joye, M., editor, Topics in Cryptology - CT-RSA 2003 Proceedings, volume 2612 of Lecture Notes in Computer Science, pages 1- 18. Springer-Verlag.
  4. Golle, P. and Modadugu, N. (2001). Authenticating streamed data in the presence of random packet loss. In Network and Distributed System Security Symposium 2001 Proceedings, pages 13-22. ISOC.
  5. Halevi, S. and Krawcyzk, H. (2006). Strengthening digital signatures via randomized hashing. To appear in Advances in Cryptology - CRYPTO 2006 Proceedings.
  6. Kohno, T., Palacio, A., and Black, J. (2003). Building secure cryptographic transforms, or how to encrypt and MAC. Cryptology ePrint Archive, Report 2003/177. http://eprint.iacr.org/.
  7. Naor, D., Naor, M., and Lotspiech, J. (2001). Revocation and tracing schemes for stateless receivers. In Kilian, J., editor, Advances in Cryptology - CRYPTO 2001 Proceedings, volume 2139 of Lecture Notes in Computer Science, pages 41-62. Springer-Verlag.
  8. Park, J. M., Chong, E. K. P., and Siegel, H. J. (2002). Efficient multicast packet authentication using signature amortization. In Proccedings of the 2002 IEEE Symposium on Security and Privacy, pages 227-240. IEEE Computer Society.
  9. Ray, I., Kim, E., McConnell, R., and Massey, D. (2005). Reliably, securely and efficiently distributing electronic content using multicasting. In Bauknecht, K., Pr öll, B., and Werthner, H., editors, EC-Web 2005 Proceedings, volume 3590 of Lecture Notes in Computer Science, pages 327-336. Springer-Verlag.
  10. Wong, C. K., Gouda, M., and Lam, S. S. (2000). Secure group communications using key graphs. IEEE/ACM Transactions on networking, 8(1):16-30.
Download


Paper Citation


in Harvard Style

Yasuda K., Aoki K., Fujisaki E. and Fujioka A. (2006). FORWARD-SECURE AUTHENTICATED-ENCRYPTION IN MULTI-RECEIVER SETTING . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006) ISBN 978-972-8865-63-4, pages 141-148. DOI: 10.5220/0002101501410148


in Bibtex Style

@conference{secrypt06,
author={Kan Yasuda and Kazumaro Aoki and Eiichiro Fujisaki and Atsushi Fujioka},
title={FORWARD-SECURE AUTHENTICATED-ENCRYPTION IN MULTI-RECEIVER SETTING},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006)},
year={2006},
pages={141-148},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002101501410148},
isbn={978-972-8865-63-4},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006)
TI - FORWARD-SECURE AUTHENTICATED-ENCRYPTION IN MULTI-RECEIVER SETTING
SN - 978-972-8865-63-4
AU - Yasuda K.
AU - Aoki K.
AU - Fujisaki E.
AU - Fujioka A.
PY - 2006
SP - 141
EP - 148
DO - 10.5220/0002101501410148