Bundle authentication, which ensures the authenticity and integrity of bundles, is critical in space Delay/ disruption-Tolerant Networks (DTNs). When bundle fragment services are needed, the previous solutions directly using digital signatures suffer from heavy computational costs and bandwidth overheads. This paper addresses the issue of fragment authentication for Bundle Protocol by exploiting erasure codes and the batch transmission characteristic of DTNs. Erasure codes are adopted to allow all the fragments of a bundle to equally share only one signature, to tolerate high delays as well as unexpected loss of connectivity. Following this generic idea, we present two approaches, both of which are effective in filtering inauthentic fragments as early as possible. The first one takes a surprisingly low bandwidth overhead, while it makes all received fragments of a bundle to be removed when there is an inauthentic one, because of its failure in locating the inauthentic fragments. Considering this defect, we present an improved scheme which is able to detect inauthentic fragments thanks to a special hash chain and then only remove these inauthentic ones. The performance simulation demonstrates that both our schemes significantly reduce bandwidth overheads and computational costs as compared to the prior works. Abstract-Delay Tolerant Networks (DTNs), as the principal technology for space internet, implement and support internetworking via the Bundle Protocol (BP). Bundle authentication is a critical security service in DTNs which ensures the authenticity and integrity of bundles during parallel multi-hop transmissions, especially when the bundle fragment service is needed. The authentication based on digital signatures, suggested in the CCSDS bundle security protocol specification, inevitably adds computational cost, transmission overhead and energy consumption. In this paper, we address the issue of fragment authentication for BP by exploiting the well known erasure codes and the batch transmission characteristic of DTNs. In our schemes, erasure codes are adopted to allow the receipts to recover the signature and the hashes of all the fragments of a bundle no matter how many fragments they receive. In other words, only a part of authentication information are sufficient to authenticate the received fragments from a bundle. Such an approach tolerates the high delay and unexpected loss of connectivity of DTNs, and also the BP nature of routing fragments of the same bundle possibly via different paths. With this main idea based on erasure codes, we present three approaches, all of which work well in resisting injection attacks and eradicating traffic storms. The first one takes a surprisingly low communication cost due to fragment authentication, while it makes all received fragments of a bundle to be removed when there is an injected one, because of its failure in locating the false fragments. Considering this defect, we present an improved scheme which is able to detect injected fragments thanks to the spe...