摘要 |
A key agreement method is carried out by a first system in conjunction with a second system over a bidirectional communication path, including generating a first key pair having a first public key and a first private key, sending the first public key to the second system, receiving a second public key generated by the second system, and calculating a master key based upon the first private key, the second public key, a long-term private key, and a long-term public key. The long-term private key was generated by the first system during a previous key-agreement method as part of a long-term key pair. The long-term public key was generated by the second system and received during the previous key-agreement method. The previous key-agreement method required a secret to be known to the first system and the second system, thus conferring authentication based on the secret to the long-term public key.
|