[Download postscript version]

Architecture and Protocol

This architecture requires a reliable multicast to deliver both the multicast messages and their associated security information. The picture looks like the following:

Alice, the sender, has a public/private key pair for the digital signature. Alice publishes her public key using the public key infrastructure. Bob, the receiver, can verify Alice's public key using the same public key infrastructure. Note that Bob is anonymous because he does not need to authenticate to Alice to receive the broadcast message.

The protocol runs as follows:

1. For a given message M, a given one-way hash algorithm H, and a given signature key pair, (K.Alice.priv, K.Alice.pub), Alice signs the hash of the message, and broadcasts to the group:

   Alice $\Rightarrow$ Group: [ M, H(M), {H(M)}K.Alice.priv ]

2. Bob, upon receiving the message, verifies that the signature is correct based on his knowledge of Alice's public key, and that the hash H(M) corresponds to the message M.