Related papers: Security issues in a group key establishment proto…
A significant security vulnerability in a recently published group key establishment protocol is described. This vulnerability allows a malicious insider to fraudulently establish a group key with an innocent victim, with the key chosen by…
Serious weaknesses in two very closely related group authentication and group key establishment schemes are described. Simple attacks against the group key establishment part of the schemes are described, which strongly suggest that the…
Two recent papers describe almost exactly the same group key establishment protocol for wireless sensor networks. Quite part from the duplication issue, we show that both protocols are insecure and should not be used - a member of a group…
A paper presented at the ICICS 2019 conference describes what is claimed to be a `provably secure group authentication [protocol] in the asynchronous communication model'. We show here that this is far from being the case, as the protocol…
In this paper we present a new key establishment protocol based on the decomposition problem in non-commutative groups which is: given two elements $w, w_1$ of the platform group $G$ and two subgroups $A, B \subseteq G$ (not necessarily…
Today's Internet utilizes a multitude of different protocols. While some of these protocols were first implemented and used and later documented, other were first specified and then implemented. Regardless of how protocols came to be, their…
Two recently published papers propose some very simple key distribution schemes designed to enable two or more parties to establish a shared secret key with the aid of a third party. Unfortunately, as we show, most of the schemes are…
A recently proposed group key distribution scheme known as UMKESS, based on secret sharing, is shown to be insecure. Not only is it insecure, but it does not always work, and the rationale for its design is unsound. UMKESS is the latest in…
A new proposal for group key exchange is introduced which proves to be both efficient and secure and compares favorably with state of the art protocols.
Providing security for messages in group communication is more essential and critical nowadays. In group oriented applications such as Video conferencing and entertainment applications, it is necessary to secure the confidential data in…
To remove key escrow problem and avoid the need of secure channel in ID based cryptosystem Lee et al. proposed a secure key issuing protocol. However we show that it suffers from impersonation, insider attacks and incompetency of the key…
In this work we provide a suite of protocols for group key management based on general semigroup actions. Construction of the key is made in a distributed and collaborative way. Examples are provided that may in some cases enhance the…
We give new arguments in support of \emph{signed quantum key establishment}, where quantum cryptography is used in a public-key infrastructure that provides the required authentication. We also analyze more thoroughly than previous works…
In recent years, a great amount of secure communications systems based on chaotic synchronization have been published. Most of the proposed schemes fail to explain a number of features of fundamental importance to all cryptosystems, such as…
Recently, in the area of Mobile Edge Computing (MEC) applications, Wu et al. proposed an authentication and key establishment scheme and claimed their protocol is secure. Nevertheless, cryptanalysis shows the scheme fails to provide…
A simple counter-example is given on the prevalent interpretation of the trace distance criterion as failure probability in quantum key distribution protocols. A summary of its ramifications is listed.
We show the security of multi-user key establishment on a single line of quantum communication. More precisely, we consider a quantum communication architecture where the qubit generation and measurement happen at the two ends of the line,…
Group communication implies a many-to-many communication and it goes beyond both one-to-one communication (i.e., unicast) and one-to-many communication (i.e., multicast). Unlike most user authentication protocols that authenticate a single…
This work is intended as an introduction to cryptographic security and a motivation for the widely used Quantum Key Distribution (QKD) security definition. We review the notion of security necessary for a protocol to be usable in a larger…
Some protected password change protocols were proposed. However, the previous protocols were easily vulnerable to several attacks such as denial of service, password guessing, stolen-verifier and impersonation atacks etc. Recently, Chang et…