End-to-end security in the presence of intelligent data adapting proxies: the case of authenticating transcoded streaming media

Authors:
C. Gentry;A. Hevia;R. Jain;T. Kawahara;Z. Ramzan
Affiliations:
DoCoMo Commun. Labs., San Jose, CA, USA;-;-;-;-
Venue:
IEEE Journal on Selected Areas in Communications
Year:
2006

Citing 0
Cited 7

A study of content authentication in proxy-enabled multimedia delivery systems: Model, techniques, and applications

ACM Transactions on Multimedia Computing, Communications, and Applications (TOMCCAP)
Authentication schemes for multimedia streams: Quantitative analysis and comparison

ACM Transactions on Multimedia Computing, Communications, and Applications (TOMCCAP)
Achieving end-to-end authentication in intermediary-enabled multimedia delivery systems

ISPEC'07 Proceedings of the 3rd international conference on Information security practice and experience
Multi-Source stream authentication framework in case of composite MPEG-4 stream

ICICS'05 Proceedings of the 7th international conference on Information and Communications Security
An improved authentication scheme for H.264/SVC and its performance evaluation over non-stationary wireless mobile networks

NSS'12 Proceedings of the 6th international conference on Network and System Security
Technique for authenticating H.264/SVC and its performance evaluation over wireless mobile networks

Journal of Computer and System Sciences
Content-Based Web Watermarking

International Journal of Knowledge Society Research

Quantified Score

Hi-index	0.07

Visualization

Abstract

We consider the problem of maintaining end-to-end security in the presence of intelligent proxies that may adaptively modify data being transmitted across a network. The video coding community considers this problem in the context of transcoding media streams, but their approaches either fail to address authentication or fail to provide meaningful security guarantees. We present two provably-secure schemes, LISSA and TRESSA, that allow an intelligent network intermediary to intercept a stream signed by a content provider, and adapt it dynamically, while preserving the ultimate receiver's ability to securely verify the content provider's signature (and, hence, authenticity and integrity of the data received). Our schemes allow the intermediary to selectively remove portions of the stream and, thus, permit common media transcoding techniques such as scalable compression and multiple file switching. Moreover, a content provider only has to encode and sign its entire data stream once, as opposed to nondynamically encoding and signing different versions for each anticipated combination of device, network configuration, and channel condition. Our implementation results demonstrate efficiency.