An authenticated key exchange mechanism using one-time shared key

Abstract

In order to exchange secure information over the Internet, it is necessary to provide a shared encryption key after dual authentication between the communication parties for data confidentiality. To find an effective authenticated key exchange scheme, many researchers have studied improvement of the Diffie-Hellman key exchange scheme to overcome the weakness of computation complexity and man-in-the-middle attacks. This paper proposes an efficient authentication and key exchange scheme that does not use certificates and public key cryptography, while protecting against man-in-the-middle attacks, replay attacks, DOS attacks and privacy intrusion. This scheme performs a dual authentication using one-time shared authentication key and generates an encryption key which is used in a symmetric block cipher. Our mechanism also includes a secure method that generates an initial seed for creating a one-time shared secret key. In addition, it solves the problem of identity privacy as well as perfect forward secrecy for future data confidentiality. © Springer-Verlag Berlin Heidelberg 2005.