Staggered TESLA: A multicast authentication scheme resistant to DoS attacks

Qing Li, Wade Trappe

Research output: Chapter in Book/Report/Conference proceedingConference contribution

9 Scopus citations


Many techniques for multicast authentication employ the principle of delayed key disclosure. These methods introduce delay in the verification of authentication, employ receiver-side buffers, and consequently are susceptible to denial of service (DoS) attacks. This paper introduces a method to reduce the delay needed to filter forged multicast packets, and consequently mitigates the effects of DoS attacks. Specifically, this paper introduces suitable modifications to the popular multicast authentication scheme, TESLA, through the use of multiple, staggered authentication keys that are used in creating message authentication codes (MACs) for a multicast packet. We provide guidelines for determining the appropriate buffer size, and show that the use of multiple MACs allows the receiver to flush potentially forged packets quicker than in conventional TESLA. As a result, Staggered TESLA provides an advantage against DoS attacks as it requires an adversary to attempt a DoS at a higher attack rate than is necessary in conventional TESLA.

Original languageEnglish (US)
Title of host publicationGLOBECOM'05
Subtitle of host publicationIEEE Global Telecommunications Conference, 2005
Number of pages6
StatePublished - 2005
EventGLOBECOM'05: IEEE Global Telecommunications Conference, 2005 - St. Louis, MO, United States
Duration: Nov 28 2005Dec 2 2005

Publication series

NameGLOBECOM - IEEE Global Telecommunications Conference


OtherGLOBECOM'05: IEEE Global Telecommunications Conference, 2005
Country/TerritoryUnited States
CitySt. Louis, MO

All Science Journal Classification (ASJC) codes

  • Engineering(all)


Dive into the research topics of 'Staggered TESLA: A multicast authentication scheme resistant to DoS attacks'. Together they form a unique fingerprint.

Cite this