End-to-End Security in the Presence of Intelligent Data Adapting Proxies: the Case of Authenticating Transcoded Streaming Media

Authors: Craig Gentry, A.H., Ravi Jain, Toshiro Kawahara, and Zulfikar Ramzan.

Abstract: We consider the problem of maintaining end-to-end security in the presence of intelligent proxies that may adaptively modify data being transmitted across a network. The video coding community considers this problem in the context of transcoding media streams (cf. Wee and Apostolopoulos, 2001, Apostolopoulos, Tan, and Wee, 2002, and Lin and Chen, 1999) but their approaches either fail to address authentication or fail to provide meaningful security guarantees. We present two provably-secure schemes, LISSA and TRESSA, that allow an intelligent network intermediary to intercept a stream signed by a content provider, and adapt it dynamically while preserving the ultimate receiver's ability to securely verify the content provider's signature (and, hence, authenticity and integrity of the data received). Our schemes allow the intermediary to selectively remove portions of the stream and thus permit common media transcoding techniques such as scalable compression and multiple file switching. Moreover, a content provider only has to encode and sign its entire data stream once, as opposed to non-dynamically encoding and signing different versions for each anticipated combination of device, network configuration and channel condition. Our implementation results demonstrate efficiency.

Ref: To appear in IEEE Journal on Selected Areas of Communications, Special Issue on Intelligent Services and Applications in Next Generation Networks, IEEE Press, 2005.

Not available yet.