Design-flow Methodology for Secure Group Anonymous Authentication

Rashmi Agrawal1,a, Lake Bu2, Eliakin Del Rosario1,b and Michel A. Kinsy1,c

1Adaptive and Secure Computing Systems (ASCS) Laboratory, ECE Department, Boston University
arashmi23@bu.edu
bedelrosa@bu.edu
cmkinsy@bu.edu
2The Charles Stark Draper Laboratory, Cambridge, MA
lbu@draper.com

ABSTRACT

In heterogeneous distributed systems, computing devices and software components often come from different providers and have different security, trust, and privacy levels. In many of these systems, the need frequently arises to (i) control the access to services and resources granted to individual devices or components in a context-aware manner and (ii) establish and enforce data sharing policies that preserve the privacy of the critical information on end users. In essence, the need is to authenticate and anonymize an entity or device simultaneously, two seemingly contradictory goals. The design challenge is further complicated by potential security problems, such as manin-the-middle attacks, hijacked devices, and counterfeits. In this work, we present a system design flow for a trustworthy group anonymous authentication protocol (GAAP), which not only fulfills the desired functionality for authentication and privacy, but also provides strong security guarantees.

Keywords: Authentication, Anonymity, Group, Counterfeitresistant, Double Blindness



Full Text (PDF)