A new type of authentication, called group authentication, has been proposed recently which can authenticate all users belonging to the same group at once in a group communication. However, the group authentication can only detect the existence of nonmembers but cannot identify who are the nonmembers. Furthermore, in a group communication, it needs not only to authenticate memberships but also to establish a group key among all members. In this paper, we propose a novel design to provide both membership authentication and group key establishment. Our proposed membership authentication can not ...