A Novel Authentication Protocol for Sensitive Information Privacy Protection Using Dynamic key Based Group Key Management

This paper presents a secure authentication and authorization protocol for protecting privacy in sensitive information systems. It allows involved individuals and group participants to achieve high security levels and tight authorization control. The need of long term shared secrets to authenticate individuals and group users is eradicated in the proposed protocol by dynamic keys. It overcomes the secrets compromising during authentication via open networks. Furthermore, it also offers an ability allowing information owners to have fine-gained control of their critical data. Finally, the paper gives a formal analysis to demonstrate how secure the proposed protocol together with discussions of security issues. It is argued that the proposed protocol achieves strong authentication and authorization, and solves the involved participants' plausible deniability issues.