摘要 |
In a communication network comprising a central unit (CU) having a secret master key (MK), and a number of local units (LU1, LU2, ... LUN) each having its own public key (PK1, PK2, ... PKN), to enable encrypted communication between local units (LU1, LU2, ... LUN), the local units (LU1, LU2, ... LUN) transfer their public keys (PK1, PK2, ... PKN) to the central unit (CU) which calculates functional values (FV1, FV2, ... FVN) from the master key (MK) and the respective public key (PK1, PK2, ... PKN), and which transfers the functional values (FV1, FV2, ... FVN) to the respective local unit (LU1, LU2, ... LUN). Each local unit (LU1, LU2, ... LUN) then transferts its public key (PK1, PK2, ... PKN) to the other local units (LU1, LU2, ... LUN), and each local unit (LU1, LU2, ... LUN) calculates respective session keys from its own individual functional value (FV1, FV2, ... FVN) received from the central unit (CU), and the respective public key (PK1, PK2, ... PKN) received from the other local units (LU1, LU2, ... LUN). Communication being enabled only between local units (LU1, LU2, ... LUN) having calculated identical session keys. |