TESLA: Timed Efficient Stream Loss-tolerant Authentication

 

In this section, we describe five schemes for stream authentication. Each scheme builds up on the previous one and improves it to solve its shortcomings. Finally, scheme V, which we call TESLA(short for Timed Efficient Stream Loss-tolerant Authentication), satisfies all the properties we listed in the introduction. The cryptographic primitives used in this section are reviewed in Appendix A, which also contains a sketch of a security analysis for our scheme.

We use the following notation: $x,y$ denotes the concatenation of $x$ and $y$, $S$ stands for sender, and $R$ stands for receiver. A stream $S$ is divided into chunks $M$_i (which we also call messages), $S\; =\; M$₁, M₂, &ldots;, M_l. Each message $M$_i is sent in a packet $P$_i, along with additional authentication information.

 
• Threat Model and security guarantee
• Initial synchronization (preliminary discussion)
• Scheme I: The Basic Scheme
• Scheme II: Tolerating Packet Loss
• Scheme III: Achieving Fast Transfer Rates
• Scheme IV: Dealing with Dynamic Packet Rates
• Scheme V: Accommodate a Broad Spectrum of Receivers
• Initial Synchronization - Further Discussion
  • Combining with multicast group control centers.
  • Dealing with clock drift.
• Implementation Issues