A User Centric Group Authentication Scheme for Secure Communication

TL;DR

This study proposes an improved version of third-generation GAS, utilizing inner product spaces and polynomial interpolation to resolve the issue of preventing malicious actions by legitimate group members.

Abstract

Group Authentication Schemes (GAS) are methodologies developed to verify the membership of multiple users simultaneously. These schemes enable the concurrent authentication of several users while eliminating the need for a certification authority. Numerous GAS methods have been explored in the literature, and they can be classified into three distinct generations based on their foundational mathematical principles. First-generation GASs rely on polynomial interpolation and the multiplicative subgroup of a finite field. Second-generation GASs also employ polynomial interpolation, but they distinguish themselves by incorporating elliptic curves over finite fields. While third-generation GASs present a promising solution for scalable environments, they demonstrate a limitation in certain applications. Such applications typically require the identification of users participating in the authentication process. In the third-generation GAS, users are able to verify their credentials while maintaining anonymity. However, there are various applications where the identification of participating users is necessary. In this study, we propose an improved version of third-generation GAS, utilizing inner product spaces and polynomial interpolation to resolve this limitation. We address the issue of preventing malicious actions by legitimate group members. The current third-generation scheme allows members to share group credentials, which can jeopardize group confidentiality. Our proposed scheme mitigates this risk by eliminating the ability of individual users to distribute credentials. However, a potential limitation of our scheme is its reliance on a central authority for authentication in certain scenarios.

Figures (6)

• Figure 1: Communication Model: Channel (1) is designated as a dedicated line, while channels (2) and (3) are publicly accessible.
• Figure 2: The Scyther tool results show that our proposed method is resistant to all attack scenarios considered by the tool.
• Figure 3: Total performance comparison with respect to the number of users. Since the work of Semal et al. takes a long time to run with a large number of users, the four studies were evaluated in the zoom-in graph for 2–10 users. For fast algorithms, it is normal that the line appears irregular for a small number of users because the differences are very small. The other three studies were evaluated for 100–500 users.
• Figure 4: GM/CA/KGC/Verifier performance comparison with respect to the number of users. Since the work of Semal et al. takes a long time to run with a large number of users, the four studies were evaluated in the zoom-in graph for 2–10 users. For fast algorithms, it is normal that the line appears irregular for a small number of users because the differences are very small. The other three studies were evaluated for 100–500 users.
• Figure 5: Total performance comparison between Aydin et al. and our proposed scheme. Since they demonstrated good performance, the evaluation was extended to the range of 1,000–10,000 users. For these numbers of users, the performance of our proposed scheme still appears to be satisfactory.

Theorems & Definitions (19)

• Theorem 1
• Theorem 2
• Theorem 3
• Definition 1
• Definition 2
• Definition 3
• Theorem 4
• proof
• Theorem 5
• proof