SKEME

Secure Key Exchange Mechanism for (E)nternet

Three Basic Phases

SHARE

A->B: {Ka}Kb+

B->A: {Kb}Ka+

Ko = hash(Ka, Kb)            //  Shared secret for A & B

EXCH

A->B:  g^x mod p

B->A:  g^y mod p

AUTH

A->B:  hash(Ko, (g^y, g^x, IDa, IDb))

B->A:  hash(Ko, (g^x, g^y, IDb, IDa))

Combination of Phases and efficiency

Efficient Full Version

A->B:  {IDa, Ka}Kb+

B->A:  {Kb}Ka+, g^y, hash(Ko, (g^x, g^y, IDb, IDa))

A->B:  hash(Ko, (g^y, g^x, IDa, IDb))

Ko = hash(Ka, Kb)

SK = hash(g^xy)

Share Only – (no PFS)

A->B:  {IDa, Ka}Kb+

B->A:  {Kb}Ka+, Nb, hash(Ko, (Na, Nb, IDb, IDa))

A->B:  hash(Ko, (Nb, Na, IDa, IDb))

Ko = hash(Ka, Kb)

SK = hash(Ko, (g^y, g^x, IDa, IDb))

Pre-Shared Key

A->B:  g^x

B->A:  g^y, hash(Ko, (g^x, g^y, IDb, IDa))

A->B:  hash(Ko, (g^y, g^x, IDa, IDb))

Ko = pre-shared secret

SK = hash(g^xy)

Fast Re-Key

A->B:  Na

B->A:  Nb, hash(Ko, (Na, Nb, IDb, IDa))

A->B:  hash(Ko, (Nb, Na, IDa, IDb))

Ko = pre-shared secret

SK = hash(Ko, (g^y, g^x, IDa, IDb))