An authentication system and method for anonymous authentication of a data processing system from a group of data processing systems by a service provider are disclosed. A group key (110) is assigned to each data processing system (100) of the group of data processing systems. A service provider (120) is arranged to provide an encrypted authenticator (140) that is decryptable using the group key (110) to one of the data processing systems (100) to be authenticated and positively authenticate the data processing system upon receipt of data associated with the decrypted authenticator (130). Upon revocation of authentication rights of one of the data processing systems of the group, a new group key is distributed to the other data processing systems of the group using broadcast encryption.