The TESLA Broadcast Authentication Protocol

Abstract

One of the main challenges of securing broad-cast communication is source authentication, or enabling receivers of broadcast data to verify that the received data really originates from the claimed source and was not modified en route. This problem is complicated by mutually un-trusted receivers and unreliable communication environments where the sender does not retrans-mit lost packets. This article presents the TESLA (Timed Efficient Stream Loss-tolerant Authentication) broadcast authentication protocol, an efficient protocol with low communication and computa-tion overhead, which scales to large numbers of receivers, and tolerates packet loss. TESLA is based on loose time synchronization between the sender and the receivers. Despite using purely symmetric cryptographic functions (MAC functions), TESLA achieves asymmetric properties. We discuss a PKI appli-cation based purely on TESLA, assuming that all network nodes are loosely time synchronized.