Security enhancement to a password-authenticated group key exchange protocol for mobile Ad-hoc networks

Group key exchange protocols allow a group of parties communicating over a public network to come up with a common secret key called a session key. Due to their critical role in building secure multicast channels, a number of group key exchange protocols have been suggested over the years for a variety of settings. Among these is the so-called NEKED protocol proposed by Byun et al. for password-authenticated group key exchange in mobile ad-hoc networks overseen by unmanned aerial vehicles. In the current work, we are concerned with improving the security of the NEKED protocol. We first show that the NEKED protocol is vulnerable not only to an attack against backward secrecy but also to an attack against password security. We then figure out how to eliminate the security vulnerabilities of NEKED.