Recursive protocol for group-oriented authentication with key distribution

The authors propose a recursive protocol for group-oriented authentication with key exchange, in which a group of n entities can authenticate with each other and share a group session key. The proposed protocol has the following characteristics: First, it requires O(n) rounds of messages, O(log n) completion time, O(log n) waiting time, and O(n log n) communication overhead in average for the completion of the recursion. Second, it not only meets the five principles suggested by Diffie et al. [Diffie, W., van Oorschot, P.C., Wiener, M.J., 1992. Authentication and authenticated key exchange. Designs, Codes, and Cryptography 2 (2), 107-125] on the design of a secure key exchange protocol, but also achieves the properties of nondisclosure, independency, and integrity addressed by Janson and Tsudik [Janson, P., Tsudik, G., 1995. Secure and minimal protocols for authenticated key distribution. Computer Communications 18 (9), 645-653] for the authentication of the group session key. Third, we describe the beliefs of trustworthy entities involved in our authentication protocol and the evolution of these beliefs as a consequence of communication by using BAN logic. Finally, it is practical and efficient, because only one-way hash function and exclusive-or (XOR) operations are used in implementation.