Skip to Main Content
In 2009, Zeng Ping et al. proposed a new Group Key Agreement protocol Based on the ID-AGKA protocol which uses full binary tree structure and each tree node represents a user. Their protocol support users to join or leave the group at any time and the session key will be changed with the users' dynamic changes. In this paper, we point out that Zeng Ping et al.'s Group Key Agreement protocol is non-authenticated and easy to be forged or modified. Then we give a method that attacker can force all group members accepted the modified session private key in BR security model. So, It means that the Zeng Ping et al.'s Protocol can not meet the attribute of implicit key authentication and key control. Finally, we propose an improved protocol to overcome this problem.