Key establishment protocols are fundamental for establishing secure communication channels over public insecure networks. Security must be given the topmost priority in the design of a key establishment protocol. In this work, we provide a security an...
Key establishment protocols are fundamental for establishing secure communication channels over public insecure networks. Security must be given the topmost priority in the design of a key establishment protocol. In this work, we provide a security analysis on two recent key establishment protocols: Harn and Lin`s group key transfer protocol and Dutta and Barua`s group key agreement protocol. Our analysis shows that both the Harn-Lin protocol and the Dutta-Barua protocol have a flaw in their design and can be easily attacked. The attack we mount on the Harn-Lin protocol is a replay attack whereby a malicious user can obtain the long-term secrets of any other users. The Dutta-Barua protocol is vulnerable to an unknown key-share attack. For each of the two protocols, we present how to eliminate their security vulnerabilities. We also improve Dutta and Barua`s proof of security to make it valid against unknown key share attacks.