Split-key key-agreement protocol
First Claim
1. A method for generating a shared secret value between entities (A, B) in a data communication system, one or more of said entities having a plurality of members (Ai, Bi) for participation in said communication system, each member having a long term private key and a corresponding long term public key said method comprising the steps of:
- (a) generating an entity long term public key for each entity by combining the long term public keys of each members of the entity;
(b) generating a short term private and a corresponding short term public key for each of the members;
(c) making said short term public keys available to members within an entity;
(d) for each member;
i. computing an intra-entity shared key by mathematically combining said short term public keys of each said member;
ii. computing an intra-entity public key by mathematically combining its short-term private key, the long term private key and said intra-entity shared key;
(e) for each entity combining intra-entity public keys to derive a group short-term public key;
(f) each entity making its intra-entity shared key and its entity long term public key available to said other entities; and
(g) each entity computing a common shared key K by combining its group short term public key, with the intra-entity shared key, and an entity long term public key received from the other entity.
3 Assignments
0 Petitions
Accused Products
Abstract
This invention relates to a method for generating a shared secret value between entities in a data communication system, one or more of the entities having a plurality of members for participation in the communication system, each member having a long term private key and a corresponding long term public key. The method comprises the steps of generating a short term private and a corresponding short term public key for each of the members; exchanging short term public keys of the members within an entity. For each member then computing an intra-entity shared key by mathematically combining the short term public keys of each the members computing an intra-entity public key by mathematically combining its short-term private key, the long term private key and the intra-entity shared key. Next, each entity combines intra-entity public keys to derive a group short-term Si public key; each entity transmitting its intra-entity shared key and its group short term public key to the other entities; and each entity computing a common shared key K by combining its group short term public key (Si), with the intra-entity shared key ({overscore (X)}i), and a group short term public ({overscore (S)}i) key received from the other entities.
43 Citations
10 Claims
-
1. A method for generating a shared secret value between entities (A, B) in a data communication system, one or more of said entities having a plurality of members (Ai, Bi) for participation in said communication system, each member having a long term private key and a corresponding long term public key said method comprising the steps of:
-
(a) generating an entity long term public key for each entity by combining the long term public keys of each members of the entity; (b) generating a short term private and a corresponding short term public key for each of the members; (c) making said short term public keys available to members within an entity; (d) for each member; i. computing an intra-entity shared key by mathematically combining said short term public keys of each said member; ii. computing an intra-entity public key by mathematically combining its short-term private key, the long term private key and said intra-entity shared key; (e) for each entity combining intra-entity public keys to derive a group short-term public key; (f) each entity making its intra-entity shared key and its entity long term public key available to said other entities; and (g) each entity computing a common shared key K by combining its group short term public key, with the intra-entity shared key, and an entity long term public key received from the other entity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
Specification