Affiliation-hiding authenticated asymmetric group key agreement
We introduce the concept of Affiliation-Hiding Authenticated Asymmetric Group Key Agreement AH-AAGKA and construct a concrete one-round AH-AAGKA protocol. An AH-AAGKA protocol allows the participants of a group to establish a common encryption key associated with several decryption keys; each of which can only be computed by the corresponding legitimate group member. An AH-AAGKA protocol has the following privacy feature. For a member i of a group G, if i participates in an AH-AAGKA protocol, any protocol participant j cannot learn whether i is a member of G, unless j himself is a member of group G. Our scheme demonstrates new features in comparison with other existing AH-AGKA protocols. If non-group members participate in our protocol, honest parties can identify these non-group members. Our scheme also captures Unlinkability and Perfect Forward Secrecy PFS, which are missing in other existing schemes. We propose a novel security model to prove that our protocol holds PFS and present a new privacy model to prove that our scheme meets Affiliation-Hiding property.