The (in)security of some recently proposed lightweight key distribution schemes
This work addresses security flaws in key distribution schemes, which is critical for cryptography practitioners, but it is incremental as it critiques existing proposals.
The paper critiques recently proposed lightweight key distribution schemes, demonstrating that most are inherently insecure and all are incompletely specified, while also challenging claims about their lightweight nature.
Two recently published papers propose some very simple key distribution schemes designed to enable two or more parties to establish a shared secret key with the aid of a third party. Unfortunately, as we show, most of the schemes are inherently insecure and all are incompletely specified - moreover, claims that the schemes are inherently lightweight are shown to be highly misleading. We also briefly critique a somewhat related very recent paper by the same authors that uses similar techniques to achieve what are claimed to be secure multiparty computations.