Probabilistic Non-Repudiation for Source Authentication with TESLA Certificates in Hybrid Satellite/Wireless and Performance Analysis of the Authentication Protocol
Date: September 23 - September 25, 2009
In this work, we describe a novel non-repudiation mechanism for an authentication protocol based on the extended TESLA certificate construct. With the non-repudiation mechanism, the authentication protocol is ideally suited for source authentication of low-powered nodes that participate in group communication in hybrid satellite/wireless networks. Security is a necessary parameter in hybrid wireless networks (consisting of groups of terrestrial wireless nodes interconnected by a satellite overlay) if the communication between a pair of nodes, or amongst a group of nodes, is to be protected from unauthorized The focus of our research work is on user authentication and message integrity protocols, which are required to enable communications and ensure that messages between communicating nodes are correctly delivered. This is a non-trivial problem in group communication, where authentication has been traditionally done using asymmetric cryptographic techniques such as public key certificates and digital signatures. However, such asymmetric techniques can be very expensive in terms of processing power and node energy for wireless nodes in hybrid networks. As a solution to this problem, we have proposed a new class of lightweight, symmetric key certificates called extended TESLA certificates, and we have designed an energy-efficient source authentication protocol for group communication that utilizes the infrastructure present in hybrid satellite networks. In our authentication protocol based on the extended TESLA certificate, we propose to add non-repudiation by taking advantage of the satellite infrastructure and the proposed mechanism of key disclosure by proxy. This is a major improvement over previous authentication algorithms based on TESLA, which does not provide for non-repudiation due to the symmetric nature of the underlying cryptographic primitive, Message Authentication Codes. In this paper, we describe the mechanism by which non-repudiation is achieved in our authentication protocol. The non-repudiation is probabilistic in nature, and we analyze the tradeoff between the degree of non-repudiation and the overhead due to the additional information necessary for non-repudiation. Furthermore, through simulations, we compare the performance between the basic authentication protocol and authentication with non-repudiation, and also compare the latter to public key-based schemes.