1. Rating Technical quality 5: Contents are completely correct. There are no errors. 4: Contents are mostly correct. Some improvements suggested below. 3: Some errors which can be easily corrected, as described below. 2: Several errors but most are minor errors 1: Several/major errors 5 Originality 5: New results of publishable quality and good analysis of current state 4: Contains some new ideas, but can be developed as described below; good analysis of current state 3: No significantly new ideas, but good analysis of current state 2: Good survey of current state; no new ideas 1: Survey of current state has gaps 3 Editorial quality 5: Clear, understandable and easy to read 4: Mostly understandable, some improvements identified below 3: Understandable with some effort, several improvements suggested below 2: Hard to understand; several improvements suggested below 1: Very hard to understand 5 Overall grade (overall, how do you rate this paper?) 5: Excellent 4: Very good 3: Good 2: Satisfactory 1: Poor 4 Confidence (how confident are you about this review?) 3: I have good or expert level knowledge of this topic 2: I have some general knowledge of this subject 1: This is a completely new subject to me; I made educated guesses 1 2. Detailed comments 2a. Technical quality Paper concentrates on two contributory key agreement protocols and how to extend these to include key authentication. Paper discusses several authentication methods including preshared secrets, passwords and auxiliary channels. According to the paper, including authentication to the key agreement protocols is challenging, afterall many authentication methods have been broken. I am not very familiar this research field, but I was wondering if there are other contributory key agreement protocols or attempts to make existing key agreement protocols authenticated? If there are, these could be added to the paper, for instance you could add "Related Work" chapter to your paper. 2b. Originality The paper does not present new ideas as far as I understand. It is quite short overview of the subject, however it is well written and could be continued. For instance, protocols could be discussed more detailed. Are the authors made any analysis, measurements, experiments of their protocols? You could include your own comments, thoughts and analysis about the methods that the paper presents. 2c. Editorial quality Language of the paper is very good and understandable. You can explain terms and details very well. In the "Abstract" you state very clearly the scope of the paper. You could include "Introduction" chapter that could tell for instance: why the subject is relevant, what is the current status of these protocols in practice, what are used and what not, what are the real life problems of this field. Also, "Discussion" chapter could be included to summarize how the presented protocols manage to solve the problems. Couple of minor issues: 2.1 You could explain more detailed what are the differences between BD and DH and why BH is secure against passive attackers. 2.2 You mention several times protocol suite Cliques. You could explain briefly what is the Cliques. 2.4 Is Dutta & Barua protocol based on BD-protocol? 3 Explanation of Visual and Push-button chanels could be before protocol overview. Eventhough the abbreviations that you are using are clear, it would be nice if you could write them open when you use them first time For example: ...Internet Protocol (IP)... GKA (in abstract), BD, AKE, DH, GDH (in 2.1), CDH (in 2.2), MAC (3) Generally, you could explain the protocols briefly before you give the mathematical details. Pictures would be helpful. Pictures would also make the attack descriptions easier to understand (the pictures you drew during the presentation were nice). I found only couple of typos: 2.2 GDH.2, is the one that is use -> is used 2.4 They make some modifications -> They made... 2.5 Burmester-Desmedt protool ->protocol