Group-Testing Aggregate Entity Authentication

Challenge-response entity authentication can be implemented with a MAC function. In such an entity authentication scheme, if a server has to authenticate a large number of entities simultaneously, for example, in an IoT network, aggregate MAC is applicable. Aggregate MAC allows multiple tags (responses to the challenge) of entities to be aggregated into a single short tag so that the server can authenticate the entities only with it. If the pair of a challenge and the corresponding aggregate tag is valid, then all the involved entities are valid. However, a drawback of this method is that the server cannot identify invalid entities if they exist. We propose group-testing aggregate entity authentication by adapting group testing for entity authentication using aggregate MAC to solve this problem. We formalize its security requirements and reduces the security of our generic construction to that of aggregate MAC and group testing. We also extend our generic construction to produce a secure scheme from a weaker but efficient and plausible aggregate MAC scheme.