| 摘要 |
<p>Nodes I, I=1, N are communicating with each other encrypted. They each have static private (Si) and public (Pi) keys, which never change and dynamic private (Sidyn) and public (P¿i?dyn) keys, which are functions of time (t). A key recovery authority (KRA) also has static private (S¿KRA?) and public (PKRA) keys, which never change. The KRA exchanges static public keys with each of the nodes, thus develops a static common key (session key), KKRA,i, with each of them using, for example, the Diffie-Hellman protocol. The KRA maintains a list of the static public keys of all nodes. Thus, the (static) session key with any of the nodes can be 'recovered' at any time. When two nodes, say i and j, exchange their dynamic public keys (encrypted with their static session key K?st¿ij(t)), then each one attaches its dynamic secret key, encrypted with the static session key between it and the KRA. A time stamp is also included. With knowledge of the session key, KKRA,i, which can be recovered from the KRA, the dynamic private keys of each node, Sidyn(t), can be recovered (and P¿i?dyn(t) calculated) from a recording of any session (70). From S¿i?dyn(t) and P¿j?dyn(t) one can calculate the dynamic session key between the two nodes (K¿i,j?dyn(t)) (75). However, all other parties are still protected since their dynamic public keys are exchanged encrypted. Note that all nodes are still protected, and their session concealed, because their private keys are encrypted.</p> |
