SKEME

Secure Key Exchange Mechanism for (E)nternet

 

Three Basic Phases

 

SHARE

A->B: {Ka}Kb+

B->A: {Kb}Ka+

Ko = hash(Ka, Kb) // Shared secret for A & B

 

EXCH

A->B: g^x mod p

B->A: g^y mod p

 

AUTH

A->B: hash(Ko, (g^y, g^x, IDa, IDb))

B->A: hash(Ko, (g^x, g^y, IDb, IDa))

 

Combination of Phases and efficiency

 

Efficient Full Version

A->B: {IDa, Ka}Kb+

B->A: {Kb}Ka+, g^y, hash(Ko, (g^x, g^y, IDb, IDa))

A->B: hash(Ko, (g^y, g^x, IDa, IDb))

 

Ko = hash(Ka, Kb)

SK = hash(g^xy)

 

Share Only (no PFS)

A->B: {IDa, Ka}Kb+

B->A: {Kb}Ka+, Nb, hash(Ko, (Na, Nb, IDb, IDa))

A->B: hash(Ko, (Nb, Na, IDa, IDb))

 

Ko = hash(Ka, Kb)

SK = hash(Ko, (g^y, g^x, IDa, IDb))

 

Pre-Shared Key

A->B: g^x

B->A: g^y, hash(Ko, (g^x, g^y, IDb, IDa))

A->B: hash(Ko, (g^y, g^x, IDa, IDb))

Ko = pre-shared secret

SK = hash(g^xy)

 

Fast Re-Key

A->B: Na

B->A: Nb, hash(Ko, (Na, Nb, IDb, IDa))

A->B: hash(Ko, (Nb, Na, IDa, IDb))

 

Ko = pre-shared secret

SK = hash(Ko, (g^y, g^x, IDa, IDb))