Active colluding attack to the dynamic participation in a secure conference scheme for mobile communication

Dynamic participation is a feature of the secure conference schemes that allows new conferees to join and the old conferees to leave. The conferees who have left should not he able to decrypt the secure conference communication anymore. This is a basic security requirement for dynamic participation. A secure conference scheme was proposed in (M. S. Hwang, IEEE Trans. on Vehic. Tech., vol.48, p.1469-1474, 1999) and later it was pointed out that the security requirement had failed to be satisfied due to an attack presented in (S. L. Ng, IEEE Trans. on Vehic. Tech., vol.50, p.334-335, 2001). A counter measure against the attack was proposed in the latter to secure the scheme. The improved scheme can resist the attack. In this paper, we propose a more powerful attack that breaks both the original scheme and the improved scheme. The attack is conducted by a group of colluding conferees to obtain a session secret, which can still be used after all the colluding conferees leave.