Error- and loss-tolerant bundle fragment authentication for space DTNs

摘要

To ensure the authenticity and integrity of bundles, the in-transit PDUs of bundle protocol (BP) in space delay/disruption-tolerant networks (DTNs), the bundle security protocol specification (IRTF RFC6257) suggested using a digital signature directly over each bundle. However, when bundle fragment services are needed, this mechanism suffers from heavy computational costs, bandwidth overheads and energy consumption. In this paper, we address the fragment authentication issue for BP by exploiting the combination of RS error correction and erasure codes with the help of batch transmission characteristic of DTNs. The RS error correction and erasure codes are adopted to allow the receivers to locate the false/injected fragments and reconstruct the only one signature shared by all fragments of a bundle, even if some other fragments are lost or routed to a different path. Getting only partial authentic fragments, a DTN node is able to detect and filter the false/injected fragments, and authenticate the origin of a bundle as well. Such an approach tolerates high delays, unexpected link disruption and the BP nature of routing fragments of the same bundle possibly via different paths. The performance analysis demonstrates that both of our schemes, which follow our generic idea based on RS codes, significantly reduce bandwidth overheads and computational costs as compared to the prior works.