基于数字签名的实时数据流认证方法研究

Authentication Method for Real-time Data Stream based on Digital Signature

针对实时数据流认证的时效性需求,研究了基于数字签名的实时数据流认证方案。在散列函数和数字签名技术的基础上,根据实时数据流的传输特点,提出了认证窗口的思想,设计了三种实时数据流认证方案,第一种方案由数据包自带认证信息;第二种方案由后数据包带前包认证信息;第三种方案由前数据包带后包认证信息。给出了各方案的认证结构和流程,并进行了仿真分析,分别从传输密度和认证窗口两个方面来研究认证效率,结果表明:在不同的传输密度条件下,各种方案各具优势,因此,应根据实时数据流的传输密度来动态选择认证方案和认证窗口,提高认证效率。

In this paper, the authentication issue for real-time data stream is solved, and three authentication schemes are designed based on the digital signature technology. Firstly, the character of real-tirne data stream is analyzed, and the concept of authentication window is proposed. Then, we proposed three schemes, which are the authentication information of a packet is taken by itself, the next one, and the previous one, respectively. Relationship among the authentication efficiency, the transmission density and the authentication window is studied. Simulation results show that in condition of different transmission density, every scheme has its superiority. So the authentication scheme and authentication window should be dynamically selected according to the transmission density of the real-time data stream, improving the performance