Extended authenticated key exchange
First Claim
1. A computer-implemented method for extended authenticated key exchange using a mathematical group, the method comprising:
- determining an identity (IDA) of an initiator and an identity (IDB) of a responder;
computing, by a first party, a session key based at least on IDA and IDB;
the first party being the initiator or the responder; and
wherein a second party that is not the first party uses at least IDA and IDB to compute a corresponding session key, the second party being the initiator or the responder, the session key and the corresponding session key, if equal, providing for secure exchange of data between the initiator and the responder.
2 Assignments
0 Petitions
Accused Products
Abstract
Extended authenticated key exchange is described. In one aspect, an identity (IDA) of an initiator and an identity (IDB) of a responder are determined. A first party (i.e., the initiator or the responder) computes a session key based at least on IDA and IDB. A second party (i.e., the initiator or the responder) that is not the first party, uses at least IDA and IDB to compute a corresponding session key. The initiator'"'"'s session key and the responder'"'"'s corresponding session key, if equal, provide for secure exchange of data between the initiator and the responder.
54 Citations
20 Claims
-
1. A computer-implemented method for extended authenticated key exchange using a mathematical group, the method comprising:
-
determining an identity (IDA) of an initiator and an identity (IDB) of a responder;
computing, by a first party, a session key based at least on IDA and IDB;
the first party being the initiator or the responder; and
wherein a second party that is not the first party uses at least IDA and IDB to compute a corresponding session key, the second party being the initiator or the responder, the session key and the corresponding session key, if equal, providing for secure exchange of data between the initiator and the responder. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-implemented method for extended authenticated key exchange using a mathematical group, the method comprising:
-
registering, by an initiator, an identity (IDA) of the initiator with a certificate authority;
registering, by a responder, an identity (IDB) of the responder with the certificate authority;
computing, by the initiator and the responder, a respective session key based at least on IDA and IDB; and
wherein the respective session keys, if equal, provide for secure exchange of data between the initiator and the responder. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computing device for extended authenticated key exchange using a mathematical group, the computing device comprising:
-
determining means to determine an identity (IDA) of an initiator and an identity (IDB) of a responder;
computing means to compute, by a first party, a session key based at least on IDA and IDB;
the first party being the initiator or the responder; and
wherein a second party that is not the first party uses at least IDA and IDB to compute a corresponding session key, the second party being the initiator or the responder, the session key and the corresponding session key, if equal, providing for secure exchange of data between the initiator and the responder. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification