Multi-receiver Authentication Scheme for Multiple Messages Based on Linear Codes

In this paper, we construct an authentication scheme for multi-receivers and multiple messages based on a linear code C. This construction can be regarded as a generalization of the authentication scheme given by Safavi-Naini and Wang [1]. Actually, we notice that the scheme of Safavi-Naini and Wang is constructed with Reed-Solomon codes. The generalization to linear codes has the similar advantages as generalizing Shamir's secret sharing scheme to linear secret sharing sceme based on linear codes [2—6]. For a fixed message base field , our scheme allows arbitrarily many receivers to check the integrity of their own messages, while the scheme of Safavi-Naini and Wang has a constraint on the number of verifying receivers . We further introduce access structure in our scheme. Masseyä[4] characterized the access structure of linear secret sharing scheme by minimal codewords in the dual code whose first component is 1. We slightly modify the definition of minimal codewords in [4]. Let C be a [V,k] linear code. For any coordinate i ∈ {1,2, ﾿ ,V}, a codeword c in C is called minimal respect to i if the codeword c has component 1 at the i-th coordinate and there is no other codeword whose i-th component is 1 with support strictly contained in that of c. Then the security of receiver R i in our authentication scheme is characterized by the minimal codewords respect to i in the dual code . Finally, we illustrate our authentication scheme based on the elliptic curve codes, a special class of algebraic geometry codes. We use the group of rational points on the elliptic curve to determine all the malicious groups that can successfully make a substitution attack to any fixed receiver.