基于消息认证码的组播源认证研究  被引量：1

作　　者：赵安军[1] 郭雷[1] 姚俊[1] 

机构地区：[1]西北工业大学自动化学院,陕西西安710072

出　　处：《西北工业大学学报》2004年第1期45-49,共5页Journal of Northwestern Polytechnical University

基　　金：国家自然科学基金 (6 0 175 0 0 1)资助

摘　　要：在组播安全技术中 ,源认证技术一直是其主要的问题。文中就基于消息认证码的源认证技术 ( TESLA)进行了详细的分析和研究 ,对其存在的问题进行了改进 ,并给出了在此认证技术中关键参数——公开延迟时间间隔——的计算方法 ,最后给出了实验结果。TESLA (Timed Efficient Stream Loss Tolerant Authentication) is a new and, more importantly, authoritative type of multicast source authentication technology based on MAC (Message Authentication Code). But TESLA still suffers, in our opinion, from two shortcomings that hurt its efficiency in providing security. This paper aims to overcome these two shortcomings as much as possible. Section 1 reviews the principles involved in TESLA in some detail so as to be in a position to explain clearly our improvements. Section 2 gives quite detailed description of our improvements. Subsection 2.1 deals with the first improvement. According to TESLA, each data packet must be stored for a time, however short, before decoding, thus making the receiver vulnerable to DoS (Denial of Service) attack. Subsection 2.1 explains a method that does not require storage of each data packet for a time, thus making receiver not vulnerable to DoS attack. Subsection 2.2 deals with the second improvement concerning time of disclosure delay d , which is an important parameter in multicast source authentication. Disclosure delay d should be suitably chosen: too small is bad for security; too big is burdersome on the system. TESLA does not explain how to select the suitable value for d ; subsection 2.2 does explain how to select the suitable value of d . Section 3 gives and discusses experimental results; the discussion shows preliminarily that our two improvements on TESLA are indeed effective for providing better security.

关 键 词：组播源认证 TESLA 消息认证码 组播安全 公开延迟时间间隔 通信安全 网络安全 

分 类 号：TP393.08[自动化与计算机技术—计算机应用技术]