Recently, Teng, Wu and Tang proposed a new ID-based authenticated dynamic group key agreement (DGKA) protocol. They claimed that leaving users cannot calculate subsequent group session keys and joining users cannot calculate previous group session keys. In this paper, we will show that Teng et al.’s protocol cannot provide forward confidentiality or backward confidentiality.

In this paper we propose the self-healing feature for group key distribution through Subset Difference (SD) method proposed by D. Naor et al. The subset difference method is one of the efficient proposals for group key distribution, however, recently a polynomial based solution for key distribution was proposed by D. Liu et al., which has the similar message size but also provides self-healing ...

A self-healing key distribution scheme enables a group of users to establish a group key over an unreliable channel. In such a protocol, a group manager, to distribute a session key to each member of the group, broadcasts packets along the channel. If some packet gets lost, then users are still capable of recovering the group key using the received packets, without requesting additional transmi...

Password-authenticated group key exchange protocols enable communication parties to establish a common secret key (a session key) by only using short secret passwords. Such protocols have been receiving significant attention. This paper shows some security weaknesses in some recently proposed passwordauthenticated group key exchange protocols. Furthermore, a secure and efficient password-authen...

Decentralized group key management schemes for supporting secure group communication systems have been studied in the two flavors of contributory key agreement and decentralized key distribution. However, the primary focus has been on the former because the latter have been criticized for additional overheads of establishing secure channels and for the possibility of weak keys produced by the g...

When a group key exchange protocol is executed, the session key is typically extracted from two types of secrets; long-term keys (for authentication) and freshly generated (often random) values. The leakage of this latter so-called ephemeral keys has been extensively analyzed in the 2-party case, yet very few works are concerned with it in the group setting. We provide a generic group key excha...

In sensor networks, sensors are likely to be captured by attackers because they are usually deployed in an unprotected or even a hostile environment. If an adversarial compromises a sensor, he/she uses the keys from the compromised sensor to uncover the keys of others sensors. Therefore, it is very important to renew the keys of sensors in a proactive or reactive manner. Even though many group ...

Broadcast encryption (BE) schemes allow a sender to securely broadcast to any subset of members but requires a trusted party to distribute decryption keys. Group key agreement (GKA) protocols enable a group of members to negotiate a common encryption key via open networks so that only the members can decrypt the ciphertexts encrypted under the shared encryption key, but a sender cannot exclude ...