A Flexible Framework for Secret Handshakes or: How to Achieve Multi-Party Interactive Anonymous Mutual Authentication

In the society increasingly concerned with the erosion of privacy, privacy-preserving techniques are becoming very important. Secret handshakes offer anonymous and unobservable authentication and serve as an important tool in the arsenal of privacy-preserving techniques. Relevant prior research focused on 2-party secret handshakes with one-time credentials, whereby two parties establish a secure, anonymous and unobservable communication channel only if they are members of the same group. This paper breaks new ground on two accounts: (1) it shows how to obtain secure and efficient secret handshakes with reusable credentials, and (2) it provides the first treatment of multi-party secret handshakes, whereby m ≥ 2 parties establish a secure, anonymous and unobservable communication channel if they all belong to the same group. An interesting new issue encountered in multi-party secret handshakes is the need to ensure that all parties are indeed distinct. (This is a real challenge since the parties cannot expose their identities.) We tackle this and other challenging issues in constructing GCD – a flexible secret handshake framework. GCD can be viewed as a “compiler” that transforms three main building blocks (a Group signature scheme, a Centralized group key distribution scheme, and a Distributed group key agreement scheme) into a secure multi-party secret handshake scheme. The proposed framework lends itself to multiple practical instantiations, and offers several novel and appealing features such as self-distinction and strong anonymity with reusable credentials. In addition to describing the motivation and step-by-step construction of the framework, this paper provides a security analysis and illustrates several concrete framework instantiations.