主权项 |
1. A key agreement protocol method performed between a pair of entities communicating over a data communication system, each of the entities comprising a memory, each of the entities having associated therewith a long term private key stored in the memory, a cryptographic corresponding long term public key generated using the long term private key and a generator point, and an identity, the key agreement protocol method comprising:
generating for each entity a respective session private key and a cryptographic corresponding session public key; a first of the pair of entities communicating to a second of the pair of entities the first of the pair of entity's session public key; the second of the pair of entities communicating to the first of the pair of entities, the second of the pair of entity's session public key; obtaining at each entity the identities of the first of the pair of entities and the second of the pair of entities; generating a common value comprising combining at each entity the session public key of the entity, the session public key of the other entity and the identities of each entity; generating for each entity a respective secret value comprising combining the common value with the entity's session private key and long term private key; computing at each entity an ephemeral value comprising combining the session public key of the other entity, the common value and the long term public key of the other entity; and generating at each entity a shared secret from the entity's secret value and the ephemeral value and storing said shared secret in the memory. |