A Chain of Attacks and Countermeasures Applied to a Group Key Transfer Protocol
Yuan et al. have recently introduced a Group Key Transfer (GKT) protocol  that permits multiple entities to share a common secret key. Starting from the original version of the protocol, we describe a chain of alternating attacks and countermeasures. First, we present a replay attack and indicate a possible fix, inspired by the analogous work of Nam et al.  (applied to the similar protocol of Harn and Lin ). Second, we review a successfully insider attack against the improved version that we have revealed in a previous work  and introduce a countermeasure that stands against the latter attack. Finally, we mention a password guessing attack inspired by the work of Kim et al.  that can be mounted against the original protocol and both the improved versions.
Keywordsgroup key transfer insider attack replay attack guessing attack cryptanalysis
Unable to display preview. Download preview PDF.
- 2.Hsu, C., Zeng, B., Cheng, Q., Cui, G.: A novel group key transfer protocol. Cryptology ePrint Archive, Report 2012/043 (2012)Google Scholar
- 4.Manulis, M.: Survey on security requirements and models for group key exchange. Technical Report 2006/02, Horst-Görtz Institute, Network and Data Security Group (2008)Google Scholar
- 5.Nam, J., Kim, M., Paik, J., Jeon, W., Lee, B., Won, D.: Cryptanalysis of a Group Key Transfer Protocol Based on Secret Sharing. In: Kim, T.-h., Adeli, H., Slezak, D., Sandnes, F.E., Song, X., Chung, K.-i., Arnett, K.P. (eds.) FGIT 2011. LNCS, vol. 7105, pp. 309–315. Springer, Heidelberg (2011)CrossRefGoogle Scholar
- 7.Olimid, R.F.: On the Security of an Authenticated Group Key Transfer Protocol Based on Secret Sharing. In: Mustofa, K., Neuhold, E.J., Tjoa, A.M., Weippl, E., You, I. (eds.) ICT-EurAsia 2013. LNCS, vol. 7804, pp. 399–408. Springer, Heidelberg (2013)Google Scholar
- 8.Olimid, R.F.: A Chain of Attacks and Countermeasures Applied to a Group Key Transfer Protocol (abstract). Pre-Proceedings of WEWoRC, pp. 27–28 (2013)Google Scholar
- 9.Olimid, R.F.: On the Vulnerability of a Group Key Transfer Protocol based on Secret Sharing. To appear in Proceeding of IEEE 9th International Symposium on Applied Computational Intelligence and Informatics (2014)Google Scholar