Multicast Security
This is the only multicast protocol in our list; the security goals to be verified are Implicit Destination Authentication and Source Authentication.
The purpose of the MSEC WG is to standardize protocols for securing group communication over the Internet, initially focusing on scalable solutions for groups with a single source and a very large number of recipients.
Protocol TESLA (52), the Multicast Source Authentication Transform, is defined in [148,46]. It is a secure source authentication mechanism for multicast or broadcast data streams, for example for audio and video Internet broadcasts, or data distribution by satellite. TESLA provides authentication of individual data packets, regardless of the packet loss rate. The symmetric MAC authentication used in unicast communication is not secure in a broadcast setting: every receiver knows the MAC key, and hence could impersonate the sender and forge messages to other receivers. TESLA uses mainly symmetric cryptography, and uses time delayed key disclosure requiring loosely synchronized clocks between the sender and the receivers.
Protocol TESLA should provide Implicit Destination Authentication and Source Authentication (G4,5).