Group-oriented authentication mechanism with key exchange

Abstract

Most of the previously proposed authentication mechanisms are based on the individual-oriented approach and hence may be inefficient and not suitable for group-oriented applications. In this paper, we propose a group-oriented authentication mechanism with key exchange that can effectively resolve the security requirements of group-oriented communications. The proposed mechanism consists of three basics: the entity-to-entity (EE), the entity-to-group (EG) and the group-to-group (GG) subprotocols. All these subprotocols meet the authentication and secure key exchange requirements separately addressed by other authors. By the proposed mechanism, a set of temporal authenticated subgroups can be recursively formed in a divide-and-conquer manner and finally all entities in the target group can authenticate each other and exchange a group session key. Experimental analyses show that the proposed mechanism requires O( n log n) rounds of messages ( n is the number of entities in the target group) for achieving the authentication and key exchange among the entities in the target group, which outperforms the naive approach that is based on iteratively running either two-parties or three-parties authentication protocols for achieving the same purposes. Moreover, the proposed mechanism can be practically implemented in a large-scaled group-oriented application since only one-way hashing functions and exclusive-or operations are involved.