Many applications of communications devices require secure communications to exchange data with one or more other communications devices or a communications network. In the present context, a communications device is an electronic device capable of effecting communications using a wired or wireless technology in combination with one or more suitable communication protocols.
A first example is to exchange a document, a message, an email, or an image, between a first mobile terminal, such as a mobile phone, a smartphone, a User Equipment (UE), a tablet, or a laptop, and a second mobile terminal. A second example is Machine-to-Machine (M2M) communications between a mobile terminal and a sensor or actuator. A third example is the communication between a mobile terminal and a payment terminal for effecting a financial transaction at a point-of-sale.
Encryption may be used to provide a certain level of security for data and messages transmitted between two or more communications devices, or a communications device and a communications network. Several encryption schemes, in particular symmetric schemes, are based on the availability of a shared secret, i.e., information such as a bit string or a string of symbols which is shared between, and only available to, the communications devices which are engaged in a communications sessions. Such a shared secret may be generated in software or hardware at one communications device, or at a separate network entity, and distributed to the other communications devices. The process of sharing the secret is not straightforward and is vulnerable to attacks. For instance, the shared secret may be revealed as a result of eavesdropping, man-in-the-middle attacks, or the like.