Information Technology Reference
In-Depth Information
messages as soon as received parts of the packets, and in this way the loss of signature
packets is solved. Lysyanskaya proposed the LLT protocol [3] which firstly solved
the forged packets injection problem using the Reed-Solomon error correcting code,
but it needs more computation overhead.
An authentication scheme based on the Reed-Solomon erasure code and the one-
way hash function was proposed by Anna Lysyanskaya et al. in 2010 [4]. Similarly, it
calculates the signature of the whole group and disperses it using the RS erasure code.
This protocol adds only one signature on one group and decreases the computation
and communication cost, but it needs
O
(
n
2
) time delay between the participants.
In 2010, an optimized scheme based on Merkle tree as well as TESLA was pre-
sented by Yang Li [5]. It uses the Merkle tree to authenticate and use delayed disclo-
sure of keys in TESLA algorithm to ensure authenticity of message. This scheme not
only obviously decreased the storage cost, but also could be compatible with complex
network environment and treat burst loss well. But it needs high computation over-
head especially for the receivers.
Then Seyed Ali Ahmadzadeh gave a scheme based on the geometrical model
named GMAC [6]. It maps the hash values of data packets in one group to a vector
space with n degrees to filter the illegal packets. The cost of this protocol is far less
than PRABS and can resist the packet loss and injection, but it has a high computation
complexity due to the use of geometrical model.
In 2012, Yongsheng Liu et al. [7] proposed a kind of signature dispersal authenti-
cation scheme based on the PKC. It calculates only one ECC digital signature for one
group and then disperses it into all the packets in one group. It costs little communica-
tion and computation cost whereas the time delay cannot be avoided.
Kannan Balasubramanian et al. proposed the HTSS scheme [8] in 2012. It gene-
rates the keys by the hash tree and after signing the messages, it divides the signature
to the packets in its period with the SDA. This protocol decreases the overhead added
to every packet and can resist the packet loss well. However, it has nothing to do with
the packet injection or forgery.
Hong Tang et al. proposed a kind of broadcasting data origin authentication proto-
col called EPJRSA [9] based on the Merkle HASH tree in 2008. This protocol com-
bines the erasure coed as well as the Merkle HASH tree, and by adding all the brother
nodes' hash values in the tree to one packet, it can resist the packet injection as well
as the packet loss. This guarantees the reliability of the authentication. But it also
increases the communication cost and the time delay.
Gaolei Fei and Guangmin Hu proposed the unicast network loss tomography based
on
k
-th order Markov chain in 2011 [10]. This protocol introduces the
k
-th order Mar-
kov chain (
k
-MC) to describe the link packet loss process, and then uses the pseudo
maximum likelihood protocol to estimate the state transition probabilities of the
k
-th
order Markov chain. When the
k
is large enough, this protocol can be capable of ob-
taining an accurate loss probability estimate of each packet based on unicast end-to-
end measurements. However, this protocol can only be used in the unicast network
and the computation overhead is high.
