| 摘要 |
A key agreement method between a pair of entities i and j in a digital communication system, wherein each the entity has a private and corresponding public key pair Si,Pi and Sj,Pj respectively and the system, having global parameters for generating elements of a group, the method comprising the steps of:(a) entity i selecting a random private session value Ri;(b) forwarding a public session value corresponding to the private session value Ri to the entity j;(c) entity j computing a long term shared secret key k' derived from entity i's public key and j's private key utilizing a first function H1;(d) the entity j utilizing entity j utilizing the key' and computing an authenticated message on entity identities i,j and entities public session keys and forwarding the aunthenticated message to entity i;(e) the entity i verifying the received authenticated message;(f) the entity i computing the long term shared secret key k' derived from the entity j's public key and i's private key in accordance with the first function H1;(g) the entity i utilizing the long term shared secret key k' and computing an authenticated message on the entities i and j identity information and the entities public session keys and forwarding the authenticated message to the entity j;(h) entity j verifying the received authenticated message; and(i) upon both the entities i and j verifying the authenticated message, computing a short term shared secret key utilizing a respective entity's session public and private keys. |
