Relative signatures for fault tolerance and their implementation

Abstract

This paper introduces a new authentication concept for fault tolerance (rather than security) called relative signatures. This new approach provides authentication in an a-priori unknown or dynamically changing set of nodes without causing global administration by avoiding the necessity of having a complete and reliable list of authentication functions available at each participating node. To achieve this considerable gain in flexibility relative signatures require about three times the information redundancy of conventional (absolute) signatures, in principle. However, in a real implementation the signature length can be drastically reduced for most of the authenticated messages to be exchanged by a simple optimization. Three implementation schemes are investigated and compared in terms of efficiency and reliability. Examples of fault-tolerant applications point out the usefulness of this new approach.