Next: Achieving Asymmetric Security Properties
Up: Discussion
Previous: Discussion
The security of TESLA relies on the following assumptions:
- The receiver's clock is time synchronized up to a maximum error of
. (We suggest that because of clock drift, the receiver periodically
re-synchronizes its clock with the sender.)
- The functions are secure PRFs, and the function furthermore
provides weak collision resistance.
As long as these assumptions are satisfied, it is computationally intractable
for an attacker to forge a TESLA packet that the receivers will authenticate
successfully.
Next: Achieving Asymmetric Security Properties
Up: Discussion
Previous: Discussion
Adrian Perrig
Mon Aug 5 22:55:55 PDT 2002