Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and apparatus for authentication of data streams with adaptively controlled losses

Inactive Publication Date: 2006-06-22
NTT DOCOMO INC
View PDF5 Cites 109 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0033] According to one aspect of this invention, Linear Scheme for Subsequence Authentication, the intermediary or source can remove arbitrary blocks (irrespective of their location) while still permitting the receiver to authenticate information. The scheme involves computing a two-layer hash chain and providing the recipient with various values in this chain. The scheme is online for the receiver in the sense that the receiver does not have to incur any delay in verifying the authentication information. In an optimization and generalization to this scheme, one second layer-hash is computed for every bundle of r first-layer hashes. When r=1, the scheme is the original linear scheme for subsequence authentication. In an improvement to this scheme, several first-layer hashes are aggregated before performing the second-layer hash. Consequently, fewer second-layer hashes need to be performed.
[0038] The present invention permits a situation in which an intermediary may adaptively and intelligently decide which blocks are to be dropped. The schemes of the present invention readily adapt to any model for dropping blocks. Moreover, the intermediary is not required to know of any cryptographic keying material. Furthermore, if the source provides the intermediary with various hash values, then the intermediary can avoid having to do any cryptographic related computation. Instead, it just has to forward the blocks it desired together with the hash information for those blocks that are dropped.

Problems solved by technology

The key is split in such a way that it is not possible to derive the private portion from the public portion.
Of course, the signature owner can always claim that the secret signing key was stolen by some adversary.
Because of their nature, traditional authentication schemes do not tolerate any transformations to the data made by the source or by an intermediate.
If the entire stream has been digitally signed or authenticated in conventional ways, then by removing the enhancement layers, the original tag or signature becomes invalid.
First, in the case of using digital signatures, a fairly expensive computation must be performed for each packet.
Second, in both the digital signature and MAC case, authentication information must be appended to each packet, which may not be feasible in consideration of efforts to remove portions of the stream stem to meet bandwidth constraints. levels.
Thus, this approach does not deal with the controlled loss authentication problem, and is not bandwidth efficient.
However, the above Homomorphic Signature Scheme takes precautions, via a GGM tree, to protect the confidentiality of censored data and requires all uncensored message blocks, all co-nodes, and all keying information in order to permit verification, and thus is not efficient.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and apparatus for authentication of data streams with adaptively controlled losses
  • Method and apparatus for authentication of data streams with adaptively controlled losses
  • Method and apparatus for authentication of data streams with adaptively controlled losses

Examples

Experimental program
Comparison scheme
Effect test

first embodiment

[0085] The scheme of the first embodiment permits the role of an intermediary which can adaptively and intelligently choose to remove any number of blocks without requiring knowledge of any cryptographic keying material. Moreover, the intermediary can be proximate to the receiver and can control the loss (and therefore the amount of hash information) dynamically. Furthermore, the authentication information can be verified in an online manner by the receiver. That is, the receiver can verify the authentication information as it receives the stream, and will not be required to do any form of extensive buffering. Also, the first layer hash computations are not required for any block that will not be dropped. For example, an MPEG I-frame or the base layer of a scalable coding scheme will not be intentionally dropped. For these blocks, only the second layer is required. In this instance, the first layer hash function for that block can be replaced with the identity function h(x)=x. In a ...

third embodiment

[0104] Now, assume the original sender S transmits k different streams M(1), M(2), . . . , M(k) simultaneously. Each stream consists of n blocks of length b, M(j)=M1(j), . . . , Mn(j). The scheme of the third embodiment allows the intermediate node not only to select one stream and retransmit it in an authenticated fashion, but also to “switch” to some other stream adaptively (at any point during block transmission). Of course, the receiver should be able to authenticate the resulting stream.

3.1 Signing

[0105]FIG. 9 shows a basic linear simulcast authentication scheme according to one embodiment of the present invention. Given a message M, signature generation follows the same approach as in the first and second embodiments, i.e., reverse iterated hash, but computing partial hashes of every block in each stream.

[0106] Given messages M(1), M(2), . . . , M(k), where M(j)=M1(j), M2(j), . . . , Mn(j), the scheme of the third embodiment of the present invention generates the partial ha...

fourth embodiment

[0119] the present invention is a scheme for authenticating subsequences using Merkle Trees. Like the linear subsequence authentication scheme, the tree-based scheme allows stream authentication even when arbitrary blocks from the message are removed. As long as the blocks sent by the intermediate node are a proper subsequence of the original message, the receiver can authenticate the stream. By exploiting certain aspects of the tree structure, the tree scheme is more efficient with respect to bandwidth than the linear scheme.

4.1 Signing

[0120]FIG. 10 illustrates a tree-based subsequence authentication scheme according to one embodiment of the present invention. Given a message M=M1M2 . . . Mn, the scheme of the fourth embodiment generates a Merkle tree shown in FIG. 6. If v denotes the root of the tree and x denotes the value associated with the root, then the initial sender transmits (M, σSk(x)).

4.2 Signature Update

[0121] If an intermediary wants to strip off k arbitrarily loc...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Methods, components, and systems for efficient authentication, either through a digital signature or message authentication codes, and verification of a digital stream sent from a source to a receiver via zero or more intermediaries, such that the source or intermediary (or both) can remove certain portions of the data stream without inhibiting the ability of the ultimate receiver to verify the authenticity and integrity of the data received. According to the invention, a source may sign an entire data stream once, but may permit either itself or an intermediary to efficiently remove certain portions of the stream before transmitting the stream to the ultimate recipient, without having to re-sign the entire stream. Applications may include the signing of media streams which often need to be further processed to accommodate the resource requirements of a particular environment. Another application allows an intermediary to choose an advertisement to include in a given slot.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS [0001] This application claims the benefit of Provisional Application No. 60 / 495,787, filed Aug. 15, 2003. The present application incorporates the disclosure of this provisional application by reference.BACKGROUND OF THE INVENTION [0002] 1. Field of the Invention [0003] The present invention relates to data stream authentication, and more specifically to authentication schemes with adaptively controlled packet loss. [0004] 2. Description of the Related Art [0005] In many cases, it is desirable to append authentication information to a stream of data to assure a recipient that the data came from a specific source and was not modified en-route. For example, if the data is being provided to an application, then it would be important for the application that the data has not been corrupted either maliciously or by accident. [0006] In cryptography, there are two traditional mechanisms for permitting such authentication: [0007] 1. Message Authentic...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/00G06F12/14H04L9/32G06F11/30G06K
CPCG11B20/00086G11B20/0021H04L2209/30H04L2209/34H04L2209/38H04L2209/80H04N7/1675H04L9/3242H04L9/3247H04L9/50
Inventor GENTRY, CRAIG B.HEVIA, ALEJANDROKUMAR, RAVIKAWAHARA, TOSHIRORAMZAN, ZULFIKAR AMIN
Owner NTT DOCOMO INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com