Aggregating Message Authentication Codes (MACs) promises to save valuable bandwidth in resource-constrained environments. The idea is simple: Instead of appending an authentication tag to each message in a communication stream, the integrity protection of multiple messages is aggregated into a single tag. Recent studies postulate, e.g., based on simulations, that these benefits also spread to wireless, and thus lossy, scenarios despite each lost packet typically resulting in the loss of integrity protection information for multiple messages. In this paper, we investigate these claims in a real deployment. Therefore, we first design a MAC aggregation extension for the Datagram Transport Layer Security (DTLS) 1.3 protocol. Afterward, we extensively evaluate the performance of MAC aggregation on a complete communication protocol stack on embedded hardware. We find that MAC aggregation can indeed increase goodput by up to 50% and save up to 17% of energy expenditure for the transmission of short messages, even in lossy channels.

翻译：消息认证码（MAC）聚合技术有望在资源受限环境中节省宝贵的带宽资源。其核心思想十分简洁：无需为通信流中的每条消息单独附加认证标签，而是将多条消息的完整性保护聚合至单个标签中。近期研究（例如基于仿真的研究）推测，尽管每个丢失的数据包通常会导致多条消息的完整性保护信息丢失，但该技术优势同样适用于无线等有损传输场景。本文通过实际部署验证了这些论断。为此，我们首先为数据报传输层安全（DTLS）1.3协议设计了MAC聚合扩展方案。随后，我们在嵌入式硬件上基于完整通信协议栈对MAC聚合性能进行了全面评估。研究发现，即使在有损信道中，MAC聚合技术仍能使短消息传输的良吞吐量提升最高达50%，并节省高达17%的传输能耗。