Research On Password Authenticated N-party Key Exchange Protocol

User identity authentication is essentially basic for user in computer network security, in the variety of identity authentication technology, password-based mechanism is efficient, low-cost and convenient, so password-based authenticated mechanism is most commonly used. Password-based authenticated key exchange protocol allowed user shares a password with a trusted server to achieve mutual authentication and generate a shared session key through the server's assistance. In recent years, some commercial applications like emergency medical treatment, video conference, need a lot of people work together to complete a task, so password-authenticated N-party key exchange protocol catch more attention.In 2005, strengthened N-party EKE-M (Encrypted Key Exchange-Multicast) protocol with DPWA(Different Password Authentication)-type was proposed by Bynn et al., but the group session key generated through the protocol maybe suffer the tampering attacks. In this paper, different password authenticated N-party EKE-M protocol is presented. It adopts client-server mutual authentication to ensure the safety of the protocol, and also lowers the communication cost.In 2007, Zhiguo Wan et al. proposed nPAKE+ protocol, using Diffie-Hellman binary key tree structure in the password-based key exchange protocol, which enhances the protocol security against dictionary attacks. In this paper, Weil pairing based password authenticated N-party key exchange protocol is presented, which combine Weil pairing with the ternary tree model. This protocol adopts simple point multiplication and bilinear pairing to instead of exponentiations, which make the protocol security and enhance the efficiency.N-Party EKE-U (Encrypted Key Exchange-Unicast) protocol with DPWA-type was proposed by Bynn et al. in 2005, but later it was found that the protocol is vulnerable to a dictionary attack. In order to solve this problem, we use ring structure in the N-Party EKE-U protocol, and make the server generate a temporary encryption key for adjacent users. Not only do we improve authenticated mechanism, but also it can avoid the communication waste when user changes the password each time. We also give the simulation of the protocol, which further reflect the security and usability.