Weakness in Jung et al.'s ID-Based Conference Key Distribution Scheme*This research was supported by the University IT Research Center Project funded by the Korean Ministry of Information and Communication.

Authors:
Junghyun Nam;Seungjoo Kim;Dongho Won
Affiliations:
The authors are with the School of Information and Communication Engineering, Sungkyunkwan University, 300 Cheoncheon-dong, Jangan-gu, Suwon-si, Gyeonggi-do 440-746, Korea. E-mail: jhnam@dosan.skk ...;The authors are with the School of Information and Communication Engineering, Sungkyunkwan University, 300 Cheoncheon-dong, Jangan-gu, Suwon-si, Gyeonggi-do 440-746, Korea. E-mail: jhnam@dosan.skk ...;The authors are with the School of Information and Communication Engineering, Sungkyunkwan University, 300 Cheoncheon-dong, Jangan-gu, Suwon-si, Gyeonggi-do 440-746, Korea. E-mail: jhnam@dosan.skk ...
Venue:
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Year:
2006

Citing 0
Cited 1

Secure authenticated group key agreement protocol in the MANET environment

Information Security Tech. Report

Quantified Score

Hi-index	0.00

Visualization

Abstract

In 2000, Xu and Tilborg proposed an ID-based conference key distribution scheme which builds on earlier work of Harn and Yang in the 2-party setting. Recently, Jung et al. have discovered security flaws in the Xu-Tilborg scheme and proposed an improvement of this scheme to fix the security flaws. However, Jung et al.'s improvement introduces another security weakness. We demonstrate this by showing that the improved scheme is vulnerable to a parallel session attack mounted by two colluding adversaries. Further, we recommend changes to the scheme that address this vulnerability.