Security Weakness in Ren et al.’s Group Key Agreement Scheme Built on Secure Two-Party Protocols

  • Junghyun Nam
  • Seungjoo Kim
  • Dongho Won
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3786)


A group key agreement protocol is designed to allow a group of parties communicating over an insecure, public network to agree on a common secret key. Recently, in WISA’04, Ren et al. proposed an efficient group key agreement scheme for dynamic groups, which can be built on any of secure two-party key establishment protocols. In the present work we study the main EGAKA-KE protocol of the scheme and point out a critical security flaw in the protocol. We show that the security flaw leads to a vulnerability to an active attack mounted by two colluding adversaries.


Group key agreement key authentication collusion attack 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ateniese, G., Steiner, M., Tsudik, G.: New multiparty authentication services and key agreement protocols. IEEE Journal on Selected Areas in Communications 18(4), 628–639 (2000)CrossRefGoogle Scholar
  2. 2.
    Becker, K., Wille, U.: Communication complexity of group key distribution. In: Proceedings of the 5th ACM Conference on Computer and Communications Security (CCS 1998), pp. 1–6 (1998)Google Scholar
  3. 3.
    Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)Google Scholar
  4. 4.
    Boyd, C., Nieto, J.M.G.: Round-optimal contributory conference key agreement. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 161–174. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  5. 5.
    Bresson, E., Chevassut, O., Pointcheval, D., Quisquater, J.-J.: Provably authenticated group Diffie-Hellman key exchange. In: Proceedings of the 8th ACM Conference on Computer and Communications Security (CCS 2001), pp. 255–264 (2001)Google Scholar
  6. 6.
    Burmester, M., Desmedt, Y.: A secure and efficient conference key distribution system. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 275–286. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  7. 7.
    Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. on Information Theory 22(6), 644–654 (1976)zbMATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    Dolev, D., Dwork, C., Naor, M.: Nonmalleable cryptography. SIAM Journal on Computing 30(2), 391–437 (2000)zbMATHCrossRefMathSciNetGoogle Scholar
  10. 10.
    Ingemarsson, I., Tang, D., Wong, C.: A conference key distribution system. IEEE Trans. on Information Theory 28(5), 714–720 (1982)zbMATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    Just, M., Vaudenay, S.: Authenticated multi-party key agreement. In: Kim, K.-c., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, pp. 36–49. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  12. 12.
    Katz, J., Yung, M.: Scalable protocols for authenticated group key exchange. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 110–125. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  13. 13.
    Kim, Y., Perrig, A., Tsudik, G.: Tree-based group key agreement. ACM Trans. on Information and System Security 7(1), 60–96 (2004)CrossRefGoogle Scholar
  14. 14.
    Nam, J., Kim, S., Won, D.: A weakness in the Bresson-Chevassut-Essiari-Pointcheval’s group key agreement scheme for low-power mobile devices. IEEE Communications Letters 9(5), 429–431 (2005)CrossRefGoogle Scholar
  15. 15.
    Pereira, O., Quisquater, J.-J.: A security analysis of the Cliques protocols suites. In: Proceedings of the 14th IEEE Computer Security Foundations Workshop (CSFW 2001), pp. 73–81 (2001)Google Scholar
  16. 16.
    Ren, K., Lee, H., Kim, K., Yoo, T.: Efficient authenticated key agreement protocol for dynamic groups. In: Lim, C.H., Yung, M. (eds.) WISA 2004. LNCS, vol. 3325, pp. 144–159. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  17. 17.
    Steiner, M., Tsudik, G., Waidner, M.: Key agreement in dynamic peer groups. IEEE Trans. on Parallel and Distributed Systems 11(8), 769–780 (2000)CrossRefGoogle Scholar
  18. 18.
    Zhang, F., Chen, X.: Attack on an ID-based authenticated group key agreement scheme from PKC 2004. PKC 2004 91(4), 191–193 (2004)zbMATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Junghyun Nam
    • 1
  • Seungjoo Kim
    • 1
  • Dongho Won
    • 1
  1. 1.School of Information and Communication EngineeringSungkyunkwan UniversityRepublic of Korea

Personalised recommendations