Dragonfly is a password authenticated key exchange protocol that has been submitted to the Internet engineering task force as a candidate standard for general internet use. The authors analysed the security of this protocol and devised an attack that is capable of extracting both the session key and password from an honest party. This attack was then implemented and experiments were performed to determine the time-scale required to successfully complete the attack.

For the purposes of information security and privacy between readers and tags, identity authentication is a significant issue for radio frequency identification (RFID) systems. In this study, the authors propose a novel security group-based key array authentication protocol, which is suitable for a large scale RFID environment. Based on a key array, this protocol can generate an authentication key for each pair of reader and tag with lower storage. Adding an identifier update phase, they design the authentication process passing the formal analysis from GNY. The security and performance analysis results show that the protocol they present can achieve better security than previous protocols in resisting external and internal attacks, with lower storage and acceptable communication and computation load.

It is known that the set of rotation symmetric Boolean functions has many functions with various useful properties for cryptography. This study shows how to construct some families of rotation symmetric functions which are balanced or plateaued. The authors also consider vectorial Boolean functions [that is, maps from GF (2) ⁿ to GF (2) ^m ] which are k-rotation symmetric and they give two infinite families of such functions which are permutations with the maximum possible algebraic degree. The families of functions that they give provide a source, which can be searched for functions with other useful cryptographic properties.

Tian et al. have proposed a fair (t, n) threshold secret sharing scheme recently. Three attacks have been introduced and analysed in this study. Among them, two attacks are associated with a synchronous network where the shares are released simultaneously, and one attack is associated with an asynchronous network where the shares are released asynchronously. In this study, the authors want to point out that the scheme only works properly in a synchronous network; but not in an asynchronous network. In other words, Theorem 3 in their paper which was associated with the attack in an asynchronous network is incorrect.