Group authentication: A new paradigm for emerging applications

Traditional secure registration protocols rely on client-server authentication procedures. This concept has been extended to support single client registration to multiple servers, using "single sign-on" protocols. In this paper, we design a framework to solve the "reverse single sign-on" problem: How can multiple clients securely register with the same server/network in a single registration procedure? The main advantage of our framework is that it allows multiple clients to register with an infrastructure, such as a cellular network, as a "group," yet generate individual session keys as well as a group session key. With this, the process of authenticating a large number of clients is greatly simplified, thereby dramatically reducing overheads. With a view towards simplifying the exposition, we describe how our framework can be applied for performing group authentication of devices in the machine-to-machine context. While this is an immediate area of application, we outline other extensions of the framework in the application layer including webcasting in a social networking environment. © 2012 Alcatel-Lucent.