一种组认证密钥协商协议的安全分析及改进-JournalofNortheastern.PDF

第28 卷第9期 东 北 大 学 学 报 ( 自 然 科 学 版 ) Vol128, No. 9 2 00 7 年 9 月 Journal of Northeastern U ni ersity( Natural Science) Sep. 2 0 0 7 朱宏峰, 刘天华, 常桂然 ( , 110004) : / 0N-Party EKE-U # / 0 , ; , N-Part y # EKE-UI N-Party EKE-UI RO , # , , # : ; ; ; ; : TP 393 : A : 1005-3026( 2007) 09-1254-04 A Security- Provable Analysis of Group Authenticated Key Agreement Protocol and Its Improvement ZH U H ong-f eng , L I U Tian-hua, CH A N G Gui-ran ( School of Information Science Engineering , Northeastern Uni ersity, Shenyang 110004, China. Correspondent: ZHU Hong-feng , E-mail: zhfzpku @ sina. com) Abstract: It is erified that there are possibly a alid attack on the negotiated open-ended cryptographic protocol N-Party EKE-U and a flaw w hich will make the protocol in alid. The attack refers to the peculiarity that the identity of e ery participant in the open-ended protocol is unlimited, then the protocol cannot resist the finite coordinated attack. The flaw refers to the uncertainty of message identity , w hich leads the protocol to be unable to execute normally . Analyzing the causes of such flaws in security, an impro ed protocol named N-Party EKE-UI is proposed to ensure not only the pro able security in RO model but also no higher complexity found due to increasing communication rounds arising from the increasing number of participants. Furthermore, the protocol N-Party EKE-U I introduces the PAKE ( password-authenticated key exchange) made to con enience users. So, it is of actual significance to sol e the problem of / open-ended0 security pr