Authenticating Streamed Data in the Presence of Random Packet Loss

Authors: P. Golle and N. Modadugu.

We propose a new scheme for authenticating streamed data delivered in real-time over an insecure network. The difficulty of signing live streams is twofold. First, authentication must be efficient so the stream can be processed without delay. Secondly, authentication must be possible even if some packets in the sequence are missing. Streams of audio or video are a good example to consider. They must be processed in real-time and are commonly exchanged over UDP, with no guarantee that every packet will be delivered. Existing solutions to the problem of signing streams have been designed to resist worst-case packet loss. No matter what packets are lost, what remains of the sequence is always authenticable. In practice however, network loss is not malicious but occurs in patterns of consecutive packets known as bursts. Based on this realistic model of network loss, we propose a solution which achieves better performance as well as much lower communication overhead.