On the Vulnerability of a Group Key Transfer Protocol based on Secret Sharing
R. Olimid

Group Key Transfer (GKT) protocols allow multiple parties to share a common secret key: a trusted entity selects a private key and securely distributes it to the qualified participants. Hsu et al. introduced a GKT protocol based on secret sharing, which they claimed to be secure. Unlike their affirmation, we report a vulnerability: an insider can cancel key consistency such that at the end of the protocol distinct users own different keys. This leads to the futility of the protocol. Even more, the attacker is able to choose the values of the injected keys on his own wish. Finally, we propose a simple and efficient countermeasure that stands against the revealed attack.