Signature Packets

An important requirement of our scheme signature scheme is that the receiver can continuously verify the signature of packets. Clearly, the receiver can only verify the signature once it can trace the authentication links to a signature packet. Hence, the verification delay depends on the frequency and the transmission reliability of signature packets. The signature packet rate depends on the available computation and communication resources. If we use $1024$-bit RSA signatures, a dedicated server can compute on the order of $100$ signatures per second. The corresponding communication overhead is $128$ bytes for the signature plus $10$ bytes for each hash included.

We also performed simulations with signature packets. The parameters included the signature rate, the loss probability of signature packets, and the number of hashes per signature packet. Figure 11 shows the sawtooth-shaped verification probability for a stream with $10\%$ packet loss (bursty loss), the average burst length of dropped packets is $10$, the hash is split up into $9$ chunks of $27$ bits each (spanning a maximum length of $100$ packets), hence $3$ chunks are necessary to verify a packet, which gives us $81$ bits of the signature. The communication overhead per packet is therefore about $35$ bytes per packet. The signature packets are sent every $250$ packets and they contain $80$-bit hashes of $40$ packets, and one $1024$-bit RSA digital signature which amounts to $128$ bytes. Each signature packet is sent twice, so the loss probability of a signature packet is reduced to $1\%$. The average per-packet overhead in this case is $40$ bytes.

 
Figure 11: The verification probability for the extended scheme including periodic signature packets.