关键词: 开端协议, 可证安全, 组认证, 有限协同攻击, 安全协议

Abstract: It is verified that there are possibly a valid attack on the negotiated open-ended cryptographic protocol N-Party EKE-U and a flaw which will make the protocol invalid. The attack refers to the peculiarity that the identity of every participant in the open-ended protocol is unlimited, then the protocol cannot resist the finite coordinated attack. The flaw refers to the uncertainty of message identity, which leads the protocol to be unable to execute normally. Analyzing the causes of such flaws in security, an improved protocol named N-Party EKE-UI is proposed to ensure not only the provable security in RO model but also no higher complexity found due to increasing communication rounds arising from the increasing number of participants. Furthermore, the protocol N-Party EKE-UI introduces the PAKE (password-authenticated key exchange) made to convenience users. So, it is of actual significance to solve the problem of 'open-ended' security protocol.