Attack on An ID-based Authenticated Group Key Exchange Protocol with Identifying Malicious Participants

An authenticated group key exchange (AGKE) protocol allows a group of participants to establish a common session key and then provides secure group communications in collaborative and distributed applications. Recently, Wu et al. proposed an ID-based authenticated group key exchange protocol based on bilinear pairings. They claimed that their protocol can detect and identify the malicious participants, which means it not only can check whether malicious participants exist in the protocol or not, but also can find out who the malicious participants are. However, their protocol is not as secure as claimed. In this letter, we show that Wu et al.’s protocol is insecure against an insider colluding attack. Two malicious participants can collude to impersonate several honest participants to the rest participants in the group. In addition, we also figure out what has gone wrong with Wu et al.’s protocol and how to fix it.