Method and apparatus for three-party entity authentication and key distribution using message authentication codes

Assignee

• International Business Machines Corporation · US

Inventors

• Mihir Bellare · San Diego, US
• Phillip Rogaway · Davis, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L9/3273
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A method is provided for authenticating communication partners utilizing communication flows which are passed over an insecure communication channel. The method includes a number of method steps. A trusted intermediary is provided which is capable of communication with the communication partners over the insecure communication channel. A plurality of long-lived secret keys are provided, one for each communication partner. The plurality of long-lived secret keys are distributed to a particular one of the communication partners, and to the trusted intermediary. Therefore, the long-lived secret key is known only by the particular communication partner to which it is assigned, and the trusted intermediary. A request for communication between communication partners is provided to the trusted intermediary. The trusted intermediary is utilized to generate a short-lived secret key for utilization in a communication session between the communication partners. The short-lived secret key for each particular partner is masked in a manner which is dependent upon that particular partner's long-lived secret key. The masked short-lived secret keys are distributed in a plurality of communication fl…