Abstract
Authentication is one of the most fundamental services in cryptography and information security. Compared with the traditional authentication methods, group authentication allows a group of users to be authenticated at once rather than authenticating each of these users individually. Therefore, it is more desirable in the group oriented environment, such as multicast/conference communications. In this paper, we first demonstrate that a recent group authentication scheme by Chien (Security and Communication Networks, 2017) suffers some security flaws, i.e. an adversary in the asynchronous communication model can pretend to be a legitimate group member without being detected. We then use the Anonymous Veto Networks (AV-net) to patch Chien’s scheme, so that its security can be rigorously proved in a well-defined security model.
Highlights
Authentication confirms whether some entity is who or what it claims to be
After the concept being initially introduced by Harn [3], group authentication has been widely accepted as a useful tool in cryptography to simultaneously prove that a group of users are all legitimate members [6]
We demonstrate that, in the asynchronous communication model, an adversary A who has no valid credential can pretend to be a legitimate group member without being detected
Summary
Authentication confirms whether some entity is who or what it claims to be. It is an important security service in cryptography and information security. E verifier will accept the proof if the prover, possesses the credential This one-to-one authentication approach is inefficient in the group oriented environment, e.g., multicast/conference communications and broadroom elections [1, 2]. E other is that any nonmember with no valid credential cannot pretend to be a Security and Communication Networks group member without being detected. Two other requirements are highly desirable for group authentication schemes: (1) reuse of the credentials in multiple authentication sessions; (2) allowance of players to broadcast their tokens through asynchronous networks. In his work [4], Chien has proposed a group authentication scheme, claiming to satisfy the abovementioned requirements. We first demonstrate that Chien’s scheme fails to achieve its claimed security in the asynchronous networks.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
