• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)

Security Weaknesses in Harn-Lin and Dutta-Barua Protocols for Group Key Establishment

Vol. 6, No.2, February 28, 2012
10.3837/tiis.2012.02.018, Full Text:

Abstract

Key establishment protocols are fundamental for establishing secure communication channels over public insecure networks. Security must be given the topmost priority in the design of a key establishment protocol. In this work, we provide a security analysis on two recent key establishment protocols: Harn and Lin’s group key transfer protocol and Dutta and Barua’s group key agreement protocol. Our analysis shows that both the Harn-Lin protocol and the Dutta-Barua protocol have a flaw in their design and can be easily attacked. The attack we mount on the Harn-Lin protocol is a replay attack whereby a malicious user can obtain the long-term secrets of any other users. The Dutta-Barua protocol is vulnerable to an unknown key-share attack. For each of the two protocols, we present how to eliminate their security vulnerabilities. We also improve Dutta and Barua’s proof of security to make it valid against unknown key share attacks.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article

[IEEE Style]
Junghyun Nam, Moonseong Kim, Juryon Paik and Dongho Won, "Security Weaknesses in Harn-Lin and Dutta-Barua Protocols for Group Key Establishment," KSII Transactions on Internet and Information Systems, vol. 6, no. 2, pp. 751-765, 2012. DOI: 10.3837/tiis.2012.02.018

[ACM Style]
Nam, J., Kim, M., Paik, J., and Won, D. 2012. Security Weaknesses in Harn-Lin and Dutta-Barua Protocols for Group Key Establishment. KSII Transactions on Internet and Information Systems, 6, 2, (2012), 751-765. DOI: 10.3837/tiis.2012.02.018