Dissertation
K-Time Signatures for Multicast Data Authentication
Doctor of Philosophy (PhD), Washington State University
01/2016
Handle:
https://hdl.handle.net/2376/111788
Abstract
This dissertation focuses on Time-Valid One-Time-Signatures or TV-OTS, an experimental k-time digital signature scheme for source authentication and integrity protection of multicast data streams. Our motivating use case, status data for smart grid applications, requires high throughput, low latency signing and verifying of each data point. TV-OTS provides this but sacrifices "perfect" security to do so: either a very small fraction of messages may be forged or a small number of suspicious messages must be discarded.
TV-OTS's imperfect security can be measured probabilistically which leads to a new idea: signature confidence. Our concept leverages the fact that even TV-OTS signatures that aren't fully verifiable may be partially verifiable. Instead of following the traditional approach of reporting a boolean "yes" or "no" for signature verifiability, we take the approach of reporting a numerical confidence value which is based on the percentage of the signature that is verifiable as well as system state. The reported confidence reflects the receiver's belief that the signature originated at the expected sender and was not forged by an adversary. In our work, we analyzed the probability of successful attacks against signatures, as well as the effectiveness of confidence metrics in detecting these forged messages. Our results show that confidence based evaluation successfully detects simulated attacks against TV-OTS.
We use results of our security analysis to choose applicable settings for a performance evaluation of TV-OTS. Our implementation is fully functional, including a streamed key distribution service that distributes new public keys as necessary. TV-OTS showed better average latencies than the standard algorithms that are its closest competitors, namely ECDSA and RSA.
Confidence-based signature evaluation further inspires feedback controlled security. We consider TV-OTS in the context of the emerging field of systems engineering applied to cyber-secure systems. We show how to incorporate TV-OTS into a system designed with these principles, using confidence and other statistical behavior as a way to detect system abnormalities which can be reported to a control layer. Our approach is intended to detect and react to attacks against TV-OTS as well as monitor the overall health of the system.
Metrics
9 File views/ downloads
10 Record Views
Details
- Title
- K-Time Signatures for Multicast Data Authentication
- Creators
- Kelsey Cairns
- Contributors
- Carl H Hauser (Advisor)Adam L Hahn (Committee Member)Ananth Kalyanaraman (Committee Member)Anurag K Srivastava (Committee Member)
- Awarding Institution
- Washington State University
- Academic Unit
- School of Electrical Engineering and Computer Science
- Theses and Dissertations
- Doctor of Philosophy (PhD), Washington State University
- Number of pages
- 200
- Identifiers
- 99900581720801842
- Language
- English
- Resource Type
- Dissertation