MLCC: A new hash‐chained mechanism for multicast source authentication

Asymmetric cryptography has been widely used to generate a digital signature for message authentication. However, such a strategy cannot be used for packet authentication. Neither the source nor the receiver will be capable of handling the computational cost of asymmetric cryptography. For unicast communication, the solution adopted is based on symmetric cryptography. Solutions based on symmetric cryptography do not scale for multicast communication. Several solutions have been reported to authenticate multicast streams, with the possibility of packet losses. Proposed solutions are based on the concept of signature amortization, where a single signature is amortized on several packets. In this paper we present a new mechanism for multicast data source authentication based on signature amortization. Multi‐layers connected chains divides the packet stream into a multi‐layer structure, where each layer is a two‐dimensional matrix. The hash of a packet is included into a forward chain of packets within the same layer as well as a downward chain of packets across multiple layers. The values of the key parameters that influence the mechanism efficiency as well as its performance are selected following a mathematical analysis. Comparisons of performance results with the well‐known efficient multi‐chained stream signature scheme as well as a recently reported scheme multiple connected chains model show that the proposed mechanism achieves a stronger resistance to packet losses with low overhead and high authentication probability. Copyright © 2008 John Wiley & Sons, Ltd.