Recently Harn and Lin proposed a novel authenticated group key transfer protocol that a mutually trusted key generation center (KGC) can broadcast group key information to all group members at once and only authorized group members can recover the group key. This paper presents that Harn and Lin’s protocol can not withstand man-in-the-middle attack and describes the reasons and detailed processes that the group key is gained by the active attacker who is not included in the member list of that particular group. To fill the gaps, we discuss the problems, possible solutions, and propose an improved protocol.
Yuan, Wei; Hu, Liang; Li, Hongtu; and Chu, Jianfeng
"Security and Improvement of an Authenticated Group Key Transfer Protocol Based on Secret Sharing,"
Applied Mathematics & Information Sciences: Vol. 07:
5, Article 32.
Available at: https://digitalcommons.aaru.edu.jo/amis/vol07/iss5/32