In this article, we investigate the issue of authenticating the classical post-processing components of a QKD protocol through an insecure channel. Our analysis starts with state-of-the-art solutions and subsequently introduces an authentication scheme aiming at both Information Theoretic Security and resiliency from particular denial-of-service attacks targeting the authentication procedure. The proposed strategy combines -Almost Strongly Universal hashing for unconditional protection and computationally-secure Message Authentication Codes for DoS detection capability. Specifically, we consider the protocol security in a typical QKD scenario, taking into account partially weak authentication keys. Moreover, we add practical considerations related to authentication parameters and experimentally evaluate the performance of the proposed system in terms of computational complexity and key consumption in a reasonable use case.