Countermeasure

My idea is to reuse the MAC over all the packages, after the packages have been built:

Package	Serial	Message	MAC
1	1	Hi Larry	523105
2	1	Hi Bob	465231
3	2	Meet me at	782290
4	2	I'll call you at	793122
5	3	6PM	891231
6	3	7PM	344287
7	4	Yours-Susan	553419
8	4	Love-Alice	312265
9	4	Love-Philipp	823949
MAC	682343

The last MAC has to be calculated from the secret and all the packages together. Let´s have a look at the new algorithm:

1. Read all the packages and the MAC.
2. Calculate the MAC over all packages.
3. If the MAC is not correct, then Rerequest all packages, start again, until the MAC is correct.
4. For each package:
5. Calculate the MAC, if it is ok, then add the message to the plaintext.

Another method could be to create a MAC for every serial number. This could be more efficient for huge amounts of data (You do not need all packages in memory to create the MAC):

Package	Serial	Message	MAC
1	1	Hi Larry	523105
2	1	Hi Bob	465231
MAC	345725
3	2	Meet me at	782290
4	2	I'll call you at	793122
MAC	434634
5	3	6PM	891231
6	3	7PM	344287
MAC	825236
7	4	Yours-Susan	553419
8	4	Love-Alice	312265
9	4	Love-Philipp	823949
MAC	380313

There is one open question: What could have happened when there are still no authentic packages for a serial number, although the MAC over all the packages is correct? We could make a feature out of that, by ``inventing'' fake serial numbers, and say ``When there are no valid packages for a serial number, then just leave it out''.