摘要 |
A password base authentication and a key exchange method are provided to rapidly authenticate without weakening the security intensity between the client and the server. The client produces and stores the random number(b) without concerning the password(pi). The server produces and stores the random number(c) without concerning the user ID(C). The server produces and stores the random number(y) by concerning the user ID. If the client receives the user ID and password from user, transmits the user ID and m. After the server receives the user ID and m, the server calculates the session key generation coefficient(mu), and transmits mu and c to the client. The client receives mu and c, and extracts the key material information(alpha), and computes the key exchange element(k1), and transmits to the server. The server receives k1, and computes the key exchange element(k2). If the k1 and k2 are equal, the server transmits k2, and the client produces the session key(skc). |