Improved one-to-many authentication scheme for access control in pay-TV systems

Mutual authentication is important in a mobile pay-TV system. Traditional authentication schemes make use of one-to-one delivery, that is, one authentication message per request is delivered from a head-end system to subscriber. This delivery occupies too much bandwidth and therefore is inefficient and costly. One-to-many authentication scheme for access control in mobile pay-TV systems was proposed by Sun et al. in 2009. In one-to-many authentication scheme, only one authentication message for multiple requests is broadcasted from the head-end system (HES) to subscribers. Sun et al. claimed that their scheme is secure and provides anonymous authentication for protecting user privacy. However, the authors demonstrate that their scheme has a critical weakness. An attacker without any secret information can not only successfully impersonate mobile set (MS) to cheat the HES but also impersonate HES to cheat MS. The authors result is important for security engineers who design and develop user authentication systems. Afterwards, the authors design a novel one-to-many authentication scheme from bilinear pairings. They give the formal security proof in the random oracle model. In addition, they present the performance analysis of our scheme. The analysis results showed that their novel authentication scheme has shorter transmission message and can be applied in the environment which has limited bandwidth. At the same time, their scheme is also the first secure one-to-many authentication scheme for access control in pay-TV systems.