Forward Secure ID-Based Group Key Agreement Protocol With Anonymity

ID-based Group Key Agreement (GKA) has been increasingly researched with the advantage of simple public key management. However, identities of group members can be exposed in the ID-based GKA protocol, so eavesdroppers can easily learn who belongs to the specific group. Recently, Wan et al. proposed a solution for this problem, an anonymous ID-based GKA protocol, which can keep group members' anonymity to outside eavesdroppers; nevertheless, the protocol has some security flaws. This paper shows that Wan et al.'s GKA is insecure against colluding attack and their joining/leaving protocols do not guarantee forward and backward secrecy.