Pitfalls in a server-aided authenticated group key establishment Articles uri icon

publication date

  • October 2016

start page

  • 1

end page

  • 7


  • 363

International Standard Serial Number (ISSN)

  • 0020-0255

Electronic International Standard Serial Number (EISSN)

  • 1872-6291


  • In this paper, we present a cryptanalysis of a recently proposed server-aided group key agreement scheme by Sun et al. This proposal is designed for mobile environments, in which a group of users aim at establishing a common secret key with the help of a semi trusted server. At this, authentication is achieved using certificateless public key cryptography. We evidence that the scheme does not achieve forward secrecy, is vulnerable to a known session attack (that can, for instance, be mounted by a semi-honest server) and is not (as claimed by the authors) contributory. Further security hardships in more restricted models (i.e. in which stronger corruptions are allowed) are also discussed.


  • Computer Science
  • Mathematics


  • provable secure group key agreement; certificateless signatures; cryptanalysis; server-aided key exchange