| 摘要 |
<p>A key agreement method between a pair of entities i and j in a digital data communication system, wherein each entity has a private and corresponding public key pair Si,Pi and Sj,Pj respectively and the system, having global parameters for generating elements of a group, the method comprising the steps of: (a) entity i selecting a random private session value Ri; (b) forwarding a public session value corresponding to the private session value Ri to the entity j; (c) entity j computing a long term shared secret key k' derived from entity i's public key and j's private key utilizing a first function H1; (d) the entity j utilizing entity j utilizing the key k' and computing an authenticated message on entity identities i, j and entities public session keys and forwarding the authenticated message to entity i; (e) the entity i verifying the received authenticated message; (f) the entity i computing the long term shared secret key k' derived from the entity j's public key and i's private key in accordance with the first function H1; (g) the entity i utilizing the long term shared secret key k' and computing an authenticated message on the entities i and j identity information and the entities public session keys and forwarding the authenticated message to the entity j; (h) entity j verifying the received authenticated message; and (i) upon both the entities i and j verifying the authenticated message, computing a short term shared secret key utilizing a respective entity's session public and private keys.</p> |
