Cryptanalysis of a Password-based Group Key Exchange Protocol Using Secret Sharing
R. Olimid

Yuan et al. recently introduced a password-based group key transfer protocol that uses secret sharing, which they claim to be efficient and secure. We remark its resemblance to the construction of Harn and Lin, which Nam et al. proved vulnerable to a replay attack. It is straightforward that the same attack can be mount against Yuan et al.'s protocol, proving that the authors' claim is false. In the same paper, Nam et al. propose a countermeasure that may also apply to Yuan et al.'s protocol. However, we show that their protocol remains susceptible to an insider attack (even if it stands against the replay attack): any malicious participant can recover the long-term secret password of any other user and therefore becomes able to compute group keys he is unauthorized to know.