Security analysis on a conference scheme for mobile communications

The conference key distribution scheme (CKDS) enables three or more parties to derive a common conference key to protect the conversation content in their conference. Designing a conference key distribution scheme for mobile communications is a difficult task because wireless networks are more susceptible to attacks and mobile devices usually obtain low power and limited computing capability. In this paper we study a conference scheme for mobile communications and find that the scheme is insecure against the replay attack. With our replay attack, an attacker with a compromised conference key can cause the conferees to reuse the compromised conference key, which in turn completely reveals subsequent conversation content.