Broadcast Authentication with Practically Unbounded One-way Chains

A protocol for assuring the authenticity of information broadcasted over long periods of time is proposed. The protocol is based on time synchronization and uses one-way chains constructed with the squaring function which gives the possibility to construct a one-way chain of whose length is unbounded in practice. Although the computational cost is somewhat increased, compared to the use of hash chains, these computational requirements are affordable for the addressed scenario. In brief, the protocol assures information authenticity at the reduced cost of almost one modular multiplication for each broadcasted packet. Time synchronization issues are discussed and the security of the protocol is equivalent to the integer factorization problem since the squaring function is used in the construction of the one-way chain. A failure mode analysis of the protocol is done; this is an aspect of novelty and applies to other protocols based on time synchronization as well. Also, a formal proof on the security of the protocol is sketched. Index Terms — authentication, broadcast, one-way chain, protocol.