It is known for two devices to share a secret key. By performing a bidirectional authentication, the two devices can authenticate. This solution is efficient but requires a share of the same secret key among the concerned devices. This secret key becomes a “master” key. Breaking a single device is thus sufficient to break a whole system as soon as the secret key is shared by a group of devices.
For such situation where devices rely to a group of devices, each group may publish a public key. Each device may store the private key of the group. The two devices may perform a bidirectional authentication by using the group public key of the remote device. This solution is efficient but it also requires to share the same secret key between all devices. This secret key becomes a “master” key and by breaking a single device then, again, the whole system is broken. The above solution presents the advantage to avoid any traceability of each individual device.
Another solution could be, for each device, to host a private key and a certificate of its public key. By exchanging the two certificates then the two devices may perform a bidirectional authentication. Here the key system is diversified. Breaking a device is no more sufficient to break a whole group. However, here, certificate is unique per device. The certificate acts as constant allowing a correlation and a traceability of each device.
Further alternative and advantageous solutions would, accordingly, be desirable in the art.