A session key establishment protocol using trust

摘要

With the extension of Internet and electronic commerce, the use of cryptographic protocols is increasing. The need for secret keys is also increasing since in more and more applications a specific secret key characterizes individual sessions between users. There is therefore a need for fast and safe key establishment protocols between users that do not share any secret information. In this paper a new key establishment protocol is presented. Its cryptographic strength is based on the strength of two RSA problems, and not on the discrete log problem. It has the characteristic of having a natural structure for resisting "man in the middle" attacks since it has constant quantities that are characteristic of their owner and not of the session key being established. These quantities will give proof of the identity of the user and can therefore be certified by a trusted third party.