摘要 |
A secure authentication channel (SAC) between two nodes in a communication network is created by the nodes themselves using mutual authentication. The network has two nodes, a coordinating entity, two PKI-based SACs, and one non-PKI SAC which is created by the two nodes and is for use by the nodes. The coordinating entity generates a master key which is transmitted to two nodes via a PKI-based SAC established between the coordinating entity and each of the two nodes. One node uses the master key to generate a first random number and the second node uses the key to generate a second random number. The second node also has an encrypted third random number. The network also has a third SAC, which is not solely based on PKI, between the first node and the second node and is created when the two nodes have authenticated each other. The mutual authentication process occurs without the intervention of the coordinating entity. |