Skip to Main Content
In 2003, Huang et al. proposed: an authenticated key exchange protocol for secure communications between a sensor and a security manager in a self-organizing sensor network. The protocol is, based on elliptic curve cryptography. In this letter, we show that a security manager will learn the long-term private key of a sensor after having one normal run of-the protocol with the sensor. This contradicts to some of their security claims. We explain why this is undesirable in practice and also-propose an improvement which solves the problem and makes all of their security claims hold again.