1 are 2 l 1 values v l 1 v l 1 2 l 1 1 the 2 l 1

Info icon This preview shows pages 52–54. Sign up to view the full content.

View Full Document Right Arrow Icon
1 are 2 L 1 values V L 1 0 · · · V L 1 2 L 1 1 . The 2 L 1 values at depth L 1 of the tree are likewise paired and hashed together to get 2 L 2 commitments at depth L 2. The binary tree proceeds this way until a single hash V O 0 is reached at the root of the tree. The root serves as the commitment for all 2 L values. The root value V O 0 is distributed to all potential verifiers. The 2 L leaves are certificates, binding commitments to identities. As each node may be associated with several commitments, several leaves of the tree may be reserved for each node. Corresponding to a node A with (say) n A such certificates (leaves) the CA (or KDC) provides L hashes from the Merkle hash tree to A - one from each level of the tree. Thus A will receive and store i) n A keys; ii) n A certificates; and iii) n A L values from the tree. For a network with 8 million nodes (2 23 ), where each node is assigned n = 2 9 = 512 OTS commitments, the KDC will need to create a Merkle tree with 4 billion leaves (or depth L = 32). C 0 C 1 C 2 C 3 C 4 C 5 C 6 C 7 V 3 0 V 3 1 V 3 2 V 3 3 V 3 4 V 3 5 V 3 6 V 3 7 V 2 0 V 2 1 V 2 2 V 2 3 V 1 0 V 1 1 V 0 0 Fig. 1. Merkle hash tree. To authenticate any commitment, the sender appends the leaf value and L hashes. To authenticate certificate C 3 (say, a certificate A, u o , indicating that u o is an OTS commitment of A ), the source A includes (along with its OTS) the certificate C 3 , and values V 3 2 , V 2 0 and V 1 1 . Any verifier can compute V 3 3 = h ( C 3 ), V 2 1 = h ( V 3 2 , V 3 3 ), V 1 0 = h ( V 1 0 , V 1 1 ), and V 0 0 = h ( V 1 0 , V 1 1 ), and thus be satisfied that the certificate C 3 = A, u o is authentic. In the figure, circles with darker shades indicate values appended by A along with its authentication. The circles with lighter shades (and Copyright © 2010. World Scientific Publishing Company. All rights reserved. May not be reproduced in any form without permission from the publisher, except fair uses permitted under U.S. or applicable copyright law. EBSCO Publishing : eBook Collection (EBSCOhost) - printed on 2/16/2016 3:46 AM via CGC-GROUP OF COLLEGES (GHARUAN) AN: 340572 ; Beyah, Raheem, Corbett, Cherita, McNair, Janise.; Security in Ad Hoc and Sensor Networks Account: ns224671
Image of page 52

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
40 M. Ramkumar lighter outlines) represent values that are computed by any verifier using the values sent by the signer. Note that the overhead required to verify certificates - bandwidth over- head for appending L hashes and computation of L hash functions - grows logarithmically with the number of committed certificates. If the CA re- quires to authenticate a trillion (2 40 ) certificates, L = 40. 3.1.4. Per-use (PU) Hash Chains The one-to-many schemes discussed thus far enable any verifier to verify 1) the source of the message; and that 2) the message has not been modified en route. The per-use (PU) hash-chain schemes however only permit any verifier to verify that “the sender has sent at least i messages,” and provides no assurances regarding the contents of messages (the message could have been modified en route). PU schemes, which require low overhead, have some useful applications in securing routing protocols.
Image of page 53
Image of page 54
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern