Signature Amortization Technique for Authenticating Delay Sensitive Stream

Transcription

1 Signature Amortization Technique for Authenticating Delay Sensitive Stream M Bruntha 1, Dr J. Premalatha Ph.D. 2 1 M.E., 2 Professor, Department of Information Technology, Kongu Engineering College, Perundurai, Erode. ID:bruntha027@gmail.com, premalatha1969@yahoo.com Abstract-A Content Distribution Network (CDN) is a collection of large number of server deployed in different area across the internet. CDN serves end-users with high availability of content and high performance. It mainly supports application like ecommerce, live digital streaming media, on demand streaming media, etc. In such application end-users involve with very low tolerance for high latency, low data rate, varying communication overhead. The Existing work use Digital Signature technique to authenticate delay sensitive streams which does not overcome the above mentioned requirements. In the proposed work, a security mechanism known as Trapdoor hash based signature amortization technique is implemented. This authenticates individual data blocks in a stream and the signature is generated using DL-SA signature scheme. The proposed technique provide high tolerance for loss of intermediate blocks, higher signing and verification rate, limited communication overhead. Keyword- Signature amortization, trapdoor hash function, content distribution, digital signature. I. INTRODUCTION A Content Distribution Network (CDN) is a collection of large number of server deployed in different area across the internet. The main goal of a CDN is to serve content to end-users with high availability and high performance. It provides large content over the internet and mainly supports application like ecommerce, live digital streaming media, on demand streaming media, etc. In addition to high availability and performance, CDN provides protection of data while transmitting from the unauthorized user and monitor their access. Streaming media is multimedia that provides data to the end-user constantly while being delivered by a provider. A client receives a part of a data before the entire file has been transmitted. To deliver such Streaming content over the internet a content distribution network is used to distribute and deliver the content. In a streaming application end-users involve with very low tolerance for high latency, low data rate, varying communication overhead. A. Digital Signature A Digital Signature is mainly used for authenticating a digital message or document. A valid digital signature provides an assurance to end users that the message was created by a sender, such that the sender cannot deny having sent the message and that the message was not altered during transmission. Digital Signature employs a public key cryptography where a private key along with message is used to provide a signature, public key along with message and signature is used to perform a signature verification where the message is either accepted or rejected for authentication. B. Network Security Services Network security is mainly used to protect data and monitor unauthorized access of the user over network. Network provides a various services to protect data. 1. Authentication Authentication is used to confirm the truth of a data or entity. Authentication done by message encryption is the process of encoding the entire message using the private key. An encryption algorithm is used for encoding. Authentication done by Message Authentication Code (MAC) is the process of generating code and that code is encrypted using private key. MAC is used to authenticate a message and to provide integrity and authenticity assurances on the message. Integrity assurances detect changes in message, while authenticity assurances affirm the message origin. Authentication done by Hash function is the process of generating a hash value and this value is used to authenticate the message. Hash functions are primarily used to generate fixed-length output data for the original data of variable length. 2. Authorization Authorization is the process of verifying the access rights of the user. The process of authorization is distinct from that of authentication. A client whose authentication request is approved becomes authorized to access the data. PSG Polytechnic College, Coimbatore (ISO 9001 Certified Institution), Tamil Nadu, INDIA. Page 41

2 3. Access control Authorization is done with help of access control. Access to data is therefore usually controlled by insisting on an authentication procedure to establish with some degree of confidence, the identity of the user, granting privileges established for that identity. C. Cryptographic Hash Function A cryptographic hash function is a hash function that takes an arbitrary block of data and returns a fixed-size bit string called the cryptographic hash value. Hash value is also called as message digest. If any changes made to the data it automatically changes the hash value. D. One Way Hash Function A One-way function is a function that maps a domain into a range such that every function value has a unique inverse, with the condition that the calculation of the function i.e easy whereas the calculation of the inverse is infeasible. Y=f(X) easy X=f -1 (Y) infeasible Easy is defined to mean a problem that is solved in polynomial time as a function of input length. A problem is infeasible if the effort to solve it grows faster than polynomial time as a function of input size. E. Trapdoor Hash Function A trapdoor function is a function that is easy to compute in one direction, and difficult to compute in the opposite direction without special information, called the Trapdoor. Trapdoor functions are widely used in security purpose. It is one way and collision resistant hash function i.e given message m and hash value it is hard to find a message which is similar to original message such that both their hash value are same. Y=f k (X) easy, if k and X are known X=f -1 k (Y) easy, if k and Y are known X=f -1 k (Y) infeasible, if Y is known but k is not known F. Problem The existing authentication mechanism for stream poses various challenges. It require high signing rate and verification rate, requires limited communication overhead, and it must tolerate loss of intermediate blocks. The proposed trapdoor hash based signature amortization technique will tolerate out of order of arrival packet at the receiver side by comparing the hash value of individual block with any one of the previously received blocks hash value. It minimizes the delay in signing and verification of individual blocks by performing a fixed number of operations and limits the communication overhead by not appending the same authentication information in the subsequent blocks. PSG Polytechnic College, Coimbatore (ISO 9001 Certified Institution), Tamil Nadu, INDIA. Page 42 II. PROPOSED WORK The proposed signature amortization technique works by authenticating the initial block of a stream using a signature on trapdoor hash of the block s contents, and authenticating subsequent blocks of the stream by finding trapdoor collisions with the hash of the signed initial block. As long as the initial block containing the signature is reliably delivered and verified, the verifier authenticate any block in the stream by matching its trapdoor hash value with any previously computed trapdoor hash because all blocks in the stream hash to the same value, and thus, trapdoor hash of any arbitrary block in the stream is used for comparison during block verification. The proposed signature amortization technique is divided into two phases: Stream signing and Stream verification. The Stream signing phase, for initial block of content is done by first computing trapdoor hash value over the message. This hash value is then encrypted using private key to generate the signature which is used to authenticate the initial block. The signing for subsequent block of content is done by first computing the collision parameter r i. This parameter is used to authenticate the subsequent block only if the trapdoor hash value computed using this r i value matches any one of the previously computed hash value. Hence the sender, append only this r i parameter to the subsequent block and not the signature of the initial block. Because of this overhead is reduced when compared to On-line/Off-line technique where the signature of the initial block to append with the subsequent block also. The Stream verification phase, for initial block of content is done by first decrypting the signature using public key to get the hash value. Then the trapdoor hash value is computed for the received message. If both the hash value are same then the message is accepted, otherwise the block is dropped. The verification for the subsequent block is done by just computing the trapdoor hash value and comparing it with the hash value of any previously received hash value. Content modification attack, occur when an attacker on receiving the block from the sender, modifies the content of the message and pass it with all the other parameter as such to the receiver. Receiver on receiving this block easily identify that the block is attacked just by comparing the trapdoor hash value.

3 Even if this attacked block is dropped, the next immediate subsequent block passes the verification phase as it depends on any previously received hash value. This indicates that the packet loss is tolerated while authenticating a stream using signature amortization technique. The (trapdoor, hash) key pair is used to generate the trapdoor hash values for security purpose. Private keys are known only to sender and the public key is known to receiver. C. Fragmentation The stream is divided into blocks of 1024 byes in size. Initial block is authenticated by generating the signature and subsequent block is authenticated by generating collision with any other block. If stream is not a multiple of 1024 bytes then padding bits are added. The Fig.1 indicates the fragmentation of given message. Fig.3.1. Content Modification Attack Thus the proposed signature amortization technique has highly robustness against packet loss Fast signing and verification rate constant per-block communication overhead A. Parameter Generation Module Parameter generation allows entities to choose and agree upon common system public parameters params=<p,q,α,h,g>. Given the prime number p as input, the following public parameters are generated. q prime number (i.e) q p-1 α an element of order q in Z* p (i.e) α q modp=1 H,G cryptographic hash function. Z p group of elements (i.e){0,1,...,p-1} Z q group of elements (i.e) {0,1,...,q-1} Z* p subgroup of Z p (i.e){1,...,p-1} Z* q subgroup of Z q (i.e){1,...,q-1} B. Key Generation Module An entity uses the system public parameters (params) generated from parameter generation to generate two key pairs. (private,public) key pait (i.e) (SK,PK,)=(x,X) Where x є Z* q and X= α x є Z* p (trapdoor,hash) key pair (i.e) (TK 0,HK 0 )=(y 0,Y 0 ) Where y 0 є Z* q and Y 0 = α y0 є Z* p The (private, public) key pair is used to generate and verify the signature of each block of streams. Fig 3.2. Fragmentation D. Generation and verification of signature for Initial block 1. Signature generation The sender first computes trapdoor hash value using the initial block content.the hash value is encrypted using the private key (SK) of the sender to generate the signature(σ) as follows: a) Compute the (private,public) key pair (i.e) (k0,r0). b) The hash value =H(m 0 ǁY 0 ) for the initial block is taken as the mid value. c) Compute the trapdoor hash value (m 0,r 0 ) using d) Compute the signature by DL-Schnorr signature scheme (i.e) σ=<t,r 0 >. This signature is then appended to the content of the first block p 0 to generate the signed block p 0 =<m 0, σ >. 2. Signature verification The receiver on receiving the initial block generates the verification process to authenticate the first block. The hash value is obtained by decrypting the signature using the public key (PK). From the block p 0, <m 0, σ > is extracted and Trapdoor hash value is computed. Both the hash value is compared to authenticate. PSG Polytechnic College, Coimbatore (ISO 9001 Certified Institution), Tamil Nadu, INDIA. Page 43

4 Fig Generation and verification of signature for Initial block Fig 3.4. Generation and verification of signature for Subsequent block a) Compute =H(m 0 ǁY 0 ) for the received initial block. b) Compute trapdoor hash value (m 0,r 0 ). c) Compute r'. If r'=r 0, the block is valid and store (m 0,r 0 ). The Fig 3.3 indicates the Signature generation and verification for initial block E. Generation and verification of signature for subsequent block 1. Signature generation The sender to sign the subsequent block p i (i 1) with the content m i, computes the collision parameter r i which is used to authenticate the subsequent block by finding collision with any one of the previously generated hash value. a) Compute the (Trapdoor,Hash) key pair (i.e) (y i, Y i ) and store it. b) Compute the hash value =H (m i ǁY i ). c) Compute the collision parameter r i. The sender appends r i and Y i to the content of the subsequent block p i to generate the signed subsequent block p i =<m i,r i, Y i > 2. Signature verification The receiver on receiving the subsequent block p i (i 1) parse the block as <m i,r i, Y i > to store Y i and verify the block for authentication. Trapdoor hash value is computed and compared with any one of the previously received hash value. a) Retrieve (m 0,r 0 ). b) Compute hash value and trapdoor hash value (m i, r i ). c) Ckeck (m 0,r 0 )= (m i, r i ).if check do not fails the block is valid. The Fig 3.4 indicates the Signature generation and verification for subsequent block PSG Polytechnic College, Coimbatore (ISO 9001 Certified Institution), Tamil Nadu, INDIA. Page 44

5 III. RESULT ANALYSIS A. Comparison of signing and verification time The algorithm is executed for different file size like 1Kb and 2Kb and the generation and verification rate is compared. As the file size increase, the time also increase gradually. This is because, if the length of the file is larger, the number of blocks increases and the signing and verification process is done for each subsequent block. Fig comparison of signing and verification time The above graph shows the timing for signing is higher than the verification. This is because at the sender side fragmentation of file and parameter generation is done in addition to signature generation, whereas at the receiver side only the signature verification process is performed. IV. CONCLUSION An efficient authentication of live, on-demand content is a challenging task, and requires fast signing and verification, tolerance against transmission loss and small per-block communication overhead. The proposed trapdoor hash-based signature amortization technique meets these challenges to provide efficient authentication of delay sensitive streams in content distribution network. The DL-SA scheme was designed to reduce the signing and verification cost per block and use smallest pre-block communication overhead. REFERENCES [1] Shamir and Y. Tauman, Improved Online/Offline Signature Schemes, CRYPTO 01: Proc. 21st Ann. Int l Cryptology Conf., pp , [2] C.K. Wong and S.S. Lam, Digital Signatures for Flows and Multicasts, IEEE/ACM Trans. Networking, vol. 7, no. 4, pp , Aug [3] C.-P. Schnorr, Efficient Signature Generation by Smart Cards, J. Cryptology, vol. 4, no. 3, pp , [4] P. Rohatgi, A Compact and Fast Hybrid Signature Scheme for Multicast Packet Authentication, Proc. ACM Conf. Computer and Comm. Security (CCS), pp , [5] X. Chen, F. Zhang, H. Tian, B. Wei, W. Susilo, Y. Mu, H. Lee, and K. Kim, Efficient Generic Online/Offline (Threshold) Signatures without Key Exposure, Information Sciences, vol. 178, no. 21, pp ,2008. [6] L. Harn, W.-J. Hsin, and C. Lin, Efficient Online/Offline Signature Schemes Based on Multiple-Collision Trapdoor Hash Families, The Computer J., vol. 53, no. 9, pp , PSG Polytechnic College, Coimbatore (ISO 9001 Certified Institution), Tamil Nadu, INDIA. Page 45