Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

A Group Key Establishment Scheme

Sueda Guzey, Gunes Karabulut Kurt, Enver Ozdemir

TL;DR

This paper tackles scalable, lightweight group authentication and shared-key establishment for resource-constrained IoT networks by shifting from polynomial-interpolation GAS to a vector-space framework based on inner product spaces. Each group fixes a hidden subspace $W$ and distributes a private basis, enabling members to authenticate via projections and derive a group secret $s = \langle Proj_W \mathfrak v, \mathfrak h\rangle$ without exchanging private data. The approach yields a constant per-member cost independent of group size, supports adding non-members with identifiable sponsorship, and includes mechanisms to resist DOS and replay attacks while maintaining forward secrecy through ephemeral session data. The authors provide a detailed security analysis, runtime considerations showing $O(n^2)$ per-member cost, and discuss practical deployment aspects and limitations, such as memory overhead and revocation challenges. Overall, the method offers a decentralized, energy-efficient alternative for secure group communication in large-scale IoT ecosystems, including drone swarms and other autonomous systems.

Abstract

Group authentication is a method of confirmation that a set of users belong to a group and of distributing a common key among them. Unlike the standard authentication schemes where one central authority authenticates users one by one, group authentication can handle the authentication process at once for all members of the group. The recently presented group authentication algorithms mainly exploit Lagrange's polynomial interpolation along with elliptic curve groups over finite fields. As a fresh approach, this work suggests use of linear spaces for group authentication and key establishment for a group of any size. The approach with linear spaces introduces a reduced computation and communication load to establish a common shared key among the group members. The advantages of using vector spaces make the proposed method applicable to energy and resource constrained devices. In addition to providing lightweight authentication and key agreement, this proposal allows any user in a group to make a non-member to be a member, which is expected to be useful for autonomous systems in the future. The scheme is designed in a way that the sponsors of such members can easily be recognized by anyone in the group. Unlike the other group authentication schemes based on Lagrange's polynomial interpolation, the proposed scheme doesn't provide a tool for adversaries to compromise the whole group secrets by using only a few members' shares as well as it allows to recognize a non-member easily, which prevents service interruption attacks.

A Group Key Establishment Scheme

TL;DR

This paper tackles scalable, lightweight group authentication and shared-key establishment for resource-constrained IoT networks by shifting from polynomial-interpolation GAS to a vector-space framework based on inner product spaces. Each group fixes a hidden subspace and distributes a private basis, enabling members to authenticate via projections and derive a group secret without exchanging private data. The approach yields a constant per-member cost independent of group size, supports adding non-members with identifiable sponsorship, and includes mechanisms to resist DOS and replay attacks while maintaining forward secrecy through ephemeral session data. The authors provide a detailed security analysis, runtime considerations showing per-member cost, and discuss practical deployment aspects and limitations, such as memory overhead and revocation challenges. Overall, the method offers a decentralized, energy-efficient alternative for secure group communication in large-scale IoT ecosystems, including drone swarms and other autonomous systems.

Abstract

Group authentication is a method of confirmation that a set of users belong to a group and of distributing a common key among them. Unlike the standard authentication schemes where one central authority authenticates users one by one, group authentication can handle the authentication process at once for all members of the group. The recently presented group authentication algorithms mainly exploit Lagrange's polynomial interpolation along with elliptic curve groups over finite fields. As a fresh approach, this work suggests use of linear spaces for group authentication and key establishment for a group of any size. The approach with linear spaces introduces a reduced computation and communication load to establish a common shared key among the group members. The advantages of using vector spaces make the proposed method applicable to energy and resource constrained devices. In addition to providing lightweight authentication and key agreement, this proposal allows any user in a group to make a non-member to be a member, which is expected to be useful for autonomous systems in the future. The scheme is designed in a way that the sponsors of such members can easily be recognized by anyone in the group. Unlike the other group authentication schemes based on Lagrange's polynomial interpolation, the proposed scheme doesn't provide a tool for adversaries to compromise the whole group secrets by using only a few members' shares as well as it allows to recognize a non-member easily, which prevents service interruption attacks.

Paper Structure

This paper contains 17 sections, 8 theorems, 35 equations, 5 figures, 1 table, 4 algorithms.

Table of Contents

  1. Introduction
  2. Advantages of the Proposed Scheme:
  3. Background
  4. Inner Product Space
  5. Orthogonal Projection
  6. Proposed Method
  7. System Model
  8. Group Authentication
  9. Establishing Group Secret Key
  10. Adding a user to a group by a member
  11. Security Analysis
  12. Cryptanalysis
  13. Known Cyber Attack Analysis:
  14. Run Time
  15. Conclusion and Future Work
  16. ...and 2 more sections

Key Result

Proposition 4.1

Let $\mathfrak v$ be a vector in a universal space $E$ and $t$ be its projection vector onto a subspace $W$ of $E$. Let $\mathfrak h$ be a random vector and It is not feasible to obtain any information about the subspace $W$ from $\mathfrak v, \mathfrak h$.

Figures (5)

  • Figure 1: The best approximation to $h$ is the projection vector.
  • Figure 2: The system model has three distinct connection types. Type (1) represents the first registration via a secure channel. Type (2) demonstrates the channel between the group manager and the users who have completed the first registration phase and are ready to generate the secret key for confidential group communication and Type (3) illustrates the scenario where a user, who belongs to one group, joins another group.
  • Figure 3: The group manager's private information.
  • Figure 4: Comparison of the proposed method with the first and the second generation GASs. The graph represents the computational cost for each member, excluding communication costs. The top graph displays the outcomes of the test conducted on a computer, while the subsequent graph presents the results for the Raspberry Pi 4 Model B.
  • Figure 5: Comparison of the proposed method with Harn's and the second generation GASs. The graph represents the computational cost for each member, excluding communication costs. The computational cost of the proposed algorithm excludes GM orthoganalization process as it is enough to perform it only one time. Again, the top graph displays the outcomes of the test conducted on a computer, while the subsequent graph presents the results for the Raspberry Pi 4 Model B

Theorems & Definitions (17)

  • Example 2.1
  • Proposition 4.1
  • Theorem 4.2
  • proof
  • Remark 4.3
  • Proposition 4.4
  • proof
  • Proposition 4.5
  • proof
  • Proposition 4.6
  • ...and 7 more