Security Weakness of Flexible Group Key Exchange with On-Demand   Computation of Subgroup Keys

Qingfeng Cheng; Chuangui Ma

arXiv:1008.1221·cs.CR·August 9, 2010

Security Weakness of Flexible Group Key Exchange with On-Demand Computation of Subgroup Keys

Qingfeng Cheng, Chuangui Ma

PDF

Open Access

TL;DR

This paper analyzes the security flaws in the mBD+P and mBD+S group key exchange protocols, revealing insider attack vulnerabilities and proposing a countermeasure to enhance security.

Contribution

The paper identifies security weaknesses in existing protocols and introduces a simple countermeasure to mitigate insider attacks.

Findings

01

Both mBD+P and mBD+S are vulnerable to malicious insider attacks

02

A simple countermeasure effectively prevents insider attacks

03

The protocols' security assumptions are challenged by the identified vulnerabilities

Abstract

In AFRICACRYPT 2010, Abdalla et al. first proposed a slight modification to the computations steps of the BD protocol, called mBD+P. Then they extended mBD+P protocol into mBD+S protocol. In this paper, we show that both of mBD+P and mBD+S protocols are vulnerable to malicious insiders attack. Further, we propose a simple countermeasure against this attack.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsSecurity in Wireless Sensor Networks · Advanced Authentication Protocols Security · User Authentication and Security Systems