The Use of Timed Efficient Stream Loss-Tolerant Authentication (TESLA) in IPsec
This document specifies Timed Efficient Stream Loss-tolerant Authentication (TESLA), a secure source authentication mechanism for multicast or broadcast data streams. RFC 4082 introduces and describes TESLA in detail, and this document specifies the format of the TESLA authentication field as it is used with IPsec ESP. In addition to the source authentication using TESLA there may be a message authentication code for group authentication to protect against DoS attacks. The proposed addition to ESP combines group- secrecy, group-authentication, and source-authentication transforms in an ESP packet.