Group Authentication: A New Paradigm for Emerging Applications

Abstract

Traditional secure registration protocols rely on client-server authentication procedures. This concept has been extended to support single client registration to multiple servers, using single sign-on protocols. In this paper, we design a framework to solve the reverse single sign-on problem: How can multiple clients securely register with the same server/network in a single registration procedure? The main advantage of our framework is that it allows multiple clients to register with an infrastructure, such as a cellular network, as a group, yet generate individual session keys as well as a group session key. With this, the process of authenticating a large number of clients is greatly simplified, thereby dramatically reducing overheads. With a view towards simplifying the exposition, we describe how our framework can be applied for performing group authentication of devices in the machine-to-machine context. While this is an immediate area of application, we outline other extensions of the framework in the application layer including webcasting in a social networking environment. (c) 2012 Alcatel-Lucent.