In network coding, intermediate nodes are allowed to transmit a function of the packets, instead of the traditional scheme where unmodified packets travel through the network. Some of the advantages of this mechanism are: a unified way to represent Broadcast, Multicast and Unicast, robustness in link and node failures and robustness to routing loops. However, allowing intermediate nodes to change information, introduces new points where byzantine attackers may try to disrupt the network. In this paper, we present a Message Authentication Code (MAC) Based protocol which can identify misbehaving nodes. Our construction uses only fast symmetric cryptographic operations, making it suitable for multicast networks, where latency is an important factor. For its construction, we used an efficient key assignment based on Blom's scheme, and a Merkle tree to provide authenticity during our identification routine. We show our construction is relevant in the context of network coding, by showing its execution time compared to that of pollution detection routines and other schemes used for authentication.