| 摘要 |
The invention relates to a method allowing secure communication in a telecommunications network, in which a transaction between an entity A and an entity B of the network comprises the following steps, namely: entity A sends an authorisation request to an authorisation server S, in which entity A is identified and authenticated; entity A informs the authorisation server S of the intention thereof to communicate with entity B; the authorisation server S determines a secret key K SB that it shares with entity B; the authorisation server S creates a session key K AB,N which it sends to entity A, said session key K AB,N being a one-way function of the secret key K SB and also being a function of an integer N, known as the transaction number, assigned to said transaction; the authorisation server S also creates a transaction identifier which is a function dependent on at least said transaction number N in a non-reversible manner; the authorisation server S provides entity B with elements comprising at least the transaction identifier; entity B checks at least that the value of the received transaction identifier appears in a set of values pre-calculated by entity B and corresponding to at least one predicted value for the transaction number; and, if this is the case, entity B first deduces therefrom the current value of the transaction number N and subsequently the value of the session key K AB,N. |
