RFC4082 specifies the Timed Efficient Stream Loss-tolerant Authentication (TESLA) scheme as an Internet standard for stream authentication over lossy channels. In this paper, we show that the suggested assumptions about the security of the building blocks of TESLA are not sufficient. This can lead to implementations whose security relies on some obscure assumptions instead of the well-studied security properties of the underlying cryptographic primitives. Even worse, it can potentially lead to insecure implementations. We also provide sufficient security assumptions about the components of TESLA, and present a candidate implementation whose security is based on block ciphers resistant to related-key cryptanalysis. © Springer-Verlag Berlin Heidelberg 2007.
CITATION STYLE
Jakimoski, G. (2007). Some notes on the security of the timed efficient stream loss-tolerant authentication scheme. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4356 LNCS, pp. 342–357). Springer Verlag. https://doi.org/10.1007/978-3-540-74462-7_24
Mendeley helps you to discover research relevant for your work.