On the Security of an Efficient Group Key Agreement Scheme for MANETs

Abstract

Yang et al. have proposed an efficient group key agreement scheme for Mobile Adhoc Networks. The scheme is efficient as only one bilinear computation is required for group members to obtain the session key. The scheme is analyzed for security without random oracle model. However, we prove that their scheme is not secure. In particular, we show that any passive adversary (or non-group member) can compute the session key without having access to the individual secret keys of the group members. Hence, Yang et al. scheme cannot be used for secure group communication. We also show that, the scheme cannot be used for secure group communication unless there exists a central entity, and hence cannot be used for secure communication in mobile adhoc networks