Method for establishing a secure communication channel

1. A method for establishing a secure communication channel between a client (C) and a remote server (S), said client (C) and remote server (S) exchanging data through an intermediate entity (G), said client (C) having a long-term key pair (sk_c,pk_c), the method comprising:

• said remote server generating an ephemeral key (sk_s,pk_s), a mutual authentication step wherein the client (C) sends a public key (pk_c) of said long-term key pair (sk_c, pk_c) and the proof that said public key (pk_c) is valid to the server (S), and wherein the remote server (S) sends the public key (pks) of said ephemeral key pair (sk_s, pk_s) to the client (C), the client (C) generates an ephemeral key pair (sk_cc,pk_cc) and sends the public key (pk_cc) of said ephemeral key pair (sk_cc,pk_cc) to the server (S) so as to enable the independent determination of a secret common to the client (C) and to the remote server (S) for opening the secure communication channel, said common secret being calculated by the client using the long-term key pair of the client (sk_c,pk_c), the ephemeral secret key (sk_cc) of said ephemeral key pair (sk_cc,pk_cc) of the client (C) and the ephemeral public key (pk_s) of the server, and being calculated by the server using the long-term public key (pk_c) of the client, the ephemeral secret key (sk_s) of the server (S) and the ephemeral key (pk_cc) of the client (C) wherein the common secret is calculated by both the client and the server without using a long-term key pair of the server.