Method and system for authenticating a data stream

The invention claimed is: 1. A method for authenticating, using data transmitted via a secure channel, at least a portion of a data stream transmitted by a sender via an unsecure channel, wherein the sender includes secure hardware storing a secret signing key, the method comprising: receiving, by a verifier from the sender via the unsecure channel, the portion of the data stream transmitted by the sender, wherein the portion of the data stream transmitted by the sender includes a plurality of data fragments on different granularity levels; receiving, by the verifier from the sender via the secure channel, a root, signed with a digital signature corresponding to the secret signing key, of a hierarchical authentication structure, wherein the hierarchical authentication structure includes elements representing hash values of the data fragments of the data stream on the different granularity levels, wherein a hash value for a data fragment on a higher granularity level is based on the hash values of the data fragments on a lower granularity level; receiving, by the verifier from the sender via the secure channel, a portion of the hash values of the data fragments from the hierarchical authentication structure; reconstructing, by the verifier, a top granularity level value of the hierarchical authentication structure by computing the hash values of the plurality of data fragments of the portion of the data stream received by the receiver from the sender via the unsecure channel and using the portion of the hash values received from the sender via the secure channel, and performing authentication of the portion of the data stream received by the verifier from the sender via the unsecure channel by comparing the reconstructed top granularity level value of the hierarchical authentication structure with the root of the generated hierarchical authentication structure signed with the digital signature, wherein an erasure code is used for transmitting partitions of the portion of the hash values received from the sender, and wherein the data stream is analyzed, and based on a result, the erasure code and/or the different granularity levels are determined. 2. The method according to claim 1 , wherein the portion of the hash values received from the sender via the secure channel are hash values on a granularity level selected by the sender. 3. The method according to claim 1 , wherein the granularity levels are at least partially defined based on a semantic representation of the data stream. 4. The method according to claim 2 , wherein the granularity level selected by the sender is adapted during transmission of the data stream via the unsecured channel according to transmission properties between the sender and receiver of the data stream. 5. The method according to claim 4 , wherein packet loss and/or bandwidth between sender and receiver is determined for providing the transmission properties. 6. The method according to claim 1 , wherein a linear error correcting code and/or a cyclic error correcting code is used as the erasure code. 7. The method according to claim 1 , wherein sender identity information is generated and used for authentication of the portion of the data stream received by the verifier. 8. A system for authenticating, using data transmitted via a secure channel, at least a portion of a data stream transmitted by a sender via an unsecure channel, the system comprising: the sender, wherein the sender includes secure hardware storing a secret signing key; and a verifier, wherein the verifier includes a hardware processor, wherein the sender is configured to: analyze the data stream, and based on a result, determine an erasure code and/or different granularity levels of the data stream, generate a hierarchical authentication structure including elements representing hash values of data fragments of the data stream on different granularity levels, wherein the hash values for the data fragments on higher granularity levels are based on the hash values of data fragments on lower granularity levels, select at least a portion of the hash values of the hierarchical authentication structure for transmission, via the secure channel, to the verifier, transmit, to the verifier via the secure channel and using the erasure code, the selected portion of the hash values and a root of the hierarchical authentication structure signed with a digital signature corresponding to the secret signing key, transmit, to the verifier via the unsecure channel, the data stream, and wherein the verifier is configured to: receive, from the sender via the unsecure channel, the portion of the data stream transmitted by the sender, wherein the portion of the data stream transmitted by the sender includes a plurality of the data fragments on different granularity levels, receive, from the sender via the secure channel, the selected portion of the hash values of the data fragments and the root of the hierarchical authentication structure signed with the digital signature corresponding to the secret signing key, reconstruct a top granularity level value of the hierarchical authentication structure by computing the hash values of the plurality of the data fragments of the portion of the data stream received by the receiver from the sender via the unsecure channel and using the selected portion of the hash values transmitted by the sender via the secure channel, and authenticate the portion of the data stream by comparing the reconstructed top granularity level value of the hierarchical authentication structure with the root of the hierarchical authentication structure signed with the digital signature.