This architecture requires a reliable multicast to deliver both the multicast messages and their associated security information. The picture looks like the following:
Alice, the sender, has a public/private key pair for the digital signature. Alice publishes her public key using the public key infrastructure. Bob, the receiver, can verify Alice's public key using the same public key infrastructure. Note that Bob is anonymous because he does not need to authenticate to Alice to receive the broadcast message.
The protocol runs as follows:
Alice Group: [ M, H(M), {H(M)}K.Alice.priv ]