The Hsu-Harn-Mu-Zhang-Zhu group key establishment protocol is insecure
share
A significant security vulnerability in a recently published group key establishment protocol is described. This vulnerability allows a malicious insider to fraudulently establish a group key with an innocent victim, with the key chosen by the attacker. This shortcoming is sufficiently serious that the protocol should not be used.
READ FULL TEXT