The (in)security of some recently proposed lightweight key distribution schemes

Abstract: Two recently published papers propose some very simple key distribution schemes designed to enable two or more parties to establish a shared secret key with the aid of a third party. Unfortunately, as we show, most of the schemes are inherently insecure and all are incompletely specified - moreover, claims that the schemes are inherently lightweight are shown to be highly misleading. We also briefly critique a somewhat related very paper by the same authors that uses similar techniques to achieve what are claimed to be secure multiparty computations.