A Novel Approach to Many-to-Many User Authentication in Different Information Systems

In this paper, we propose a novel approach to many-to-many user authentication in heterogeneous information systems. The described solution is based on the use of wireless keys – special devices that identify the user by transmitting the requested key information over a wireless network. The key feature of the proposed approach is noninteractive operating mode that allows to use a special encryption algorithm instead of two-way authentication. The algorithm is built on the basis of existing cryptographic primitives that prevents unauthorized system participants from getting access to the data of other users, even with physical access to the memory of the key. This approach does not require computational power or the battery on the key side and does not involve the user in the authentication process that allows implementing a method on passive NFC tags. To proof the concept, software implementation of the described system was developed and a qualitative comparison of the resulting solutions with existing analogues was conducted.