Cryptanalysis of an Attribute-based Key Agreement Protocol

A key agreement protocol allows two or more participants to establish a common key via exchanging messages over a public channel. In 2009, motivated by the problem of establishing a common key among participants who do not know each other’s exact identity, Wang et al. proposed a two-party attribute-based key agreement protocol and claimed that it is secure in the random oracle model. In this paper, we show that their claim is not true and two outsiders who possess some special attribute sets are able to determine the secret key