To search, Click below search items.


All Published Papers Search Service


Lightweight Authentication with User Anonymity among a Group of Users Sharing Common Credentials


Jun-Cheol Park


Vol. 13  No. 2  pp. 1-6


This paper addresses the user authentication problem that allows a user to be authenticated as a group member rather than as an individual user. We present a simple and lightweight scheme to ensure strong user anonymity so that no one including the verifying server is able to identify the real source of a protocol session or link any two protocol sessions to a same user. For convenience, each user of a group can use his own, freely chosen ID and password for logging on as a member of the group and then establishing a unique session key. Also a user can easily change his ID and/or password without the server being intervened. While the scheme uses the same credentials for logon as a group member, it shows a strong resistance against various attacks targeting on the two peers as well as the communication channel in between. In fact, even if both the server’s storage and a user’s smart card are compromised at the same time, no one can identify the source of a certain protocol session or impersonate a user to the server as a member of the group the user joined.


Anonymity, Group Authentication, Lightweight, Smart Card