摘要 |
The present invention is a method and system for establishing an authenticated and secure communication session for transactions between a server and a client in a wireless data network that generally comprises an airnet, a landline network and a link server therebetween. The client having limited computing resources is remotely located with respect to the server and communicates to the server through the wireless data network. To authenticate each other, the client and the server conduct two rounds of authentication, the client authentication and the server authentication, independently and respectively, each of the authentication processes is based on a shared secret encrypt key and challenge/response mechanism. To reach for a mutually accepted cipher in the subsequent transactions, the server looks up for a commonly used cipher and forwards the cipher along with a session key to the client. The subsequent transactions between the client and the server are then proceeded in the authenticated and secure communication session and further each transaction secured by the session key is labeled by a transaction ID that is examined before a transaction thereof takes place.
|