In today's information age, communication networks are becoming ever more pervasive as more and more communication consumers utilize on-line services to access information over the communication network. With this increased use of communication networks comes a need for security, and specifically for ensuring that the information is accessed by only those communication consumers that are authorized to do so.
One problem in many communication networks is that any information transmitted across the network is susceptible to interception by unintended and unauthorized entities. Therefore, encryption is often used to prevent those unintended and unauthorized entities from deciphering the intercepted information. Typically, the information is encrypted using symmetric key cryptography, in which a transmitting device (referred to hereinafter as the "server") and an intended receiving device (referred to hereinafter as the "client") share a secret encryption key that is used by the server to encrypt the information and by the client to decrypt the information.
Before symmetric key cryptography can be used to provide secure communication over the communication network, it is necessary for both the sever and the client to possess the shared secret encryption key. One way to distribute the secret encryption key to both the server and the client is to manually enter the secret encryption key into both the server and the client. Unfortunately, a manual key distribution scheme is typically impractical because the server and the client are usually in remote locations. Also, the manual key distribution scheme is generally too time-consuming to be useful for on-line transactions. Furthermore, the manual key distribution scheme is typically considered to be insecure because the secret encryption key is necessarily disclosed to a third party.
A more common way to distribute the secret encryption key to both the server and the client is through a key exchange mechanism performed by the server and the client. The key exchange mechanism permits the server and the client to exchange the secret encryption key over the communication network without any third party intervention, and without compromising the secret encryption key. A commonly used key exchange mechanism requires the server to randomly select the secret encryption key and transmit the secret encryption key to the client using a key exchange protocol. It is important for the key exchange mechanism to work even when communication over the communication network is unreliable. Thus, the key exchange mechanism must work even when there is no guarantee that all messages transmitted by the server will reach the client.
Of course, the secret encryption key is only one type of information that needs to be exchanged between the server and the client. Other types of information, for example, status and control information, may also need to be exchanged between the server and the client. Again, it is important for any such information (referred to hereinafter generically as a "secret," although the information may be secret or non-secret information) to be successfully exchanged even when communication over the communication network is unreliable.
Thus, a need has remained for a technique for exchanging a secret over an unreliable communication network.