SKEME

SKEME

Secure Key Exchange Mechanism for (E)nternet

Three Basic Phases

SHARE

A->B: {Ka}Kb+

B->A: {Kb}Ka+

Ko = hash(Ka, Kb) // Shared secret for A & B

EXCH

A->B: g^x mod p

B->A: g^y mod p

AUTH

A->B: hash(Ko, (g^y, g^x, IDa, IDb))

B->A: hash(Ko, (g^x, g^y, IDb, IDa))

Combination of Phases and efficiency

Efficient Full Version

A->B: {IDa, Ka}Kb+

B->A: {Kb}Ka+, g^y, hash(Ko, (g^x, g^y, IDb, IDa))

A->B: hash(Ko, (g^y, g^x, IDa, IDb))

Ko = hash(Ka, Kb)

SK = hash(g^xy)

Share Only – (no PFS)

A->B: {IDa, Ka}Kb+

B->A: {Kb}Ka+, Nb, hash(Ko, (Na, Nb, IDb, IDa))

A->B: hash(Ko, (Nb, Na, IDa, IDb))

Ko = hash(Ka, Kb)

SK = hash(Ko, (g^y, g^x, IDa, IDb))

Pre-Shared Key

A->B: g^x

B->A: g^y, hash(Ko, (g^x, g^y, IDb, IDa))

A->B: hash(Ko, (g^y, g^x, IDa, IDb))

Ko = pre-shared secret

SK = hash(g^xy)

Fast Re-Key

A->B: Na

B->A: Nb, hash(Ko, (Na, Nb, IDb, IDa))

A->B: hash(Ko, (Nb, Na, IDa, IDb))

Ko = pre-shared secret

SK = hash(Ko, (g^y, g^x, IDa, IDb))