Reducing delay and enhancing DoS resistance in multicast authentication through multigrade security

Qing Li, Wade Trappe

Research output: Contribution to journalArticle

17 Scopus citations


Many techniques for multicast authentication employ the principle of delayed key disclosure. These methods introduce delay in authentication, employ receiver-side buffers, and are susceptible to denial-of-service (DoS) attacks. Delayed key disclosure schemes have a binary concept of authentication and do not incorporate any notion of partial trust. This paper introduces staggered timed efficient stream loss-tolerant authentication (TESLA), a method for achieving multigrade authentication in multicast scenarios that reduces the delay needed to filter forged multicast packets and, consequently, mitigates the effects of DoS attacks. Staggered TESLA involves modifications to the popular multicast authentication scheme, TESLA, by incorporating the notion of multilevel trust through the use of multiple, staggered authentication keys in creating message authentication codes (MACs) for a multicast packet. We provide guidelines for determining the appropriate buffer size, and show that the use of multiple MACs and, hence, multiple grades of authentication, allows the receiver to flush forged packets quicker than in conventional TESLA. As a result, staggered TESLA provides an advantage against DoS attacks compared to conventional TESLA. We then examine two new strategies for reducing the time needed for complete authentication. In the first strategy, the multicast source uses assurance of the trustworthiness of entities in a neighborhood of the source, in conjunction with the multigrade authentication provided by staggered TESLA. The second strategy achieves reduced delay by introducing additional key distributors in the network.

Original languageEnglish (US)
Pages (from-to)190-204
Number of pages15
JournalIEEE Transactions on Information Forensics and Security
Issue number2
StatePublished - Jun 1 2006

All Science Journal Classification (ASJC) codes

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications


  • Denial-of-service (DoS) attacks
  • Forge-capable area
  • Message authentication code (MAC)
  • Multigrade source authentication
  • Queueing theory
  • Timed efficient stream loss-tolerant authentication (TESLA)
  • Trust

Fingerprint Dive into the research topics of 'Reducing delay and enhancing DoS resistance in multicast authentication through multigrade security'. Together they form a unique fingerprint.

  • Cite this