Encryption techniques have been developed to enable secure data exchange over an insecure communication channel. Internet Protocol (IP) is an example of an insecure communication channel. These encryption techniques use one or more keys to provide the security. One example of a cryptographic protocol is the Diffie-Hellman key agreement protocol in which data is exchanged between two parties in order to generate a shared secret key known by only the two parties. Such a symmetric key can then be used to secure the communications between the two parties over an insecure communication channel. While Diffie-Hellman enables a secret key to be securely created over an insecure channel, the protocol does not provide any authentication of the communicating parties.
An example of an authentication technique uses public key cryptography which is an asymmetric technique and where each party owns a private secret key and the associated public key. Such a technique usually relies on a public key infrastructure (PKI) where at least one of the parties has a public key that is signed by a trusted entity, such as a certification authority (CA). The authentication of parties is based on the fact that both parties trust the CA of the PKI. In effect, the PKI creates a trust relationship between two parties that try to communicate and hence can be used to enable the authentication of the parties.
The embodiments described below are not limited to implementations which solve any or all of the disadvantages of known encryption techniques.