1. Field of the Invention
The invention relates to a method and an arrangement for authenticating a first entity with a second entity and/or vice versa.
2. Description of the Related Art
During an authentication, a first entity declares to a second entity reliably that it actually is the first entity. There is a corresponding need in the transmission of (confidential) data to ensure from whom the data actually originate.
A symmetrical encoding method is known from Christoph Ruland: Informationssicherheit in Datennetzen [Information security in data networks], DATACOM-Verlag, Bergheim 1993, ISBN 3-89238-081-3, (Ruland), pages 42–46. In the symmetric encoding method, a key is used both for the encoding and for the decoding. An attacker who comes into possession of such a key can transform a plain text (the information to be encoded) into encoded text, and vice versa. The symmetrical encoding method is also called private key method or method with a secret key. A known algorithm for symmetrical encoding is the DES (data encryption standard) algorithm. It was standardized in 1974 under ANSI X3.92-1981.
An asymmetrical encoding method is known from Ruland, pages 73–85. In this case, a subscriber is not assigned a single key, but a key system composed of two keys: one key maps the plain text into a transformed one, while the other key permits the inverse operation and converts the transformed text into plain text. Such a method is termed asymmetric because the two parties participating in a cryptographic operation use different keys (of a key system). One of the two keys, for example a key p, can be made publicly known, if the following properties are fulfilled:                It is not possible to derive from the key p with a justifiable outlay; a secret key s required for the inverse operation.        Even if plain text is transformed with the (public) key p, it is not possible to derive the (secret) key s from it.        
For this reason, the asymmetric encoding method is also termed a public key method with a key p which can be made known publicly.
It is possible in principle to derive the secret key s from the public key p. However, this becomes arbitrarily complicated by virtue of the fact, in particular, that algorithms are selected which are based on problems in complexity theory. These algorithms are also spoken of as “one-way trapdoor” functions. A known representative for an asymmetric encoding method is the Diffie-Hellman method A. Menezes, P. v. Oorschot, S. Vanstone: Handbook of Applied Cryptography; CRC Press 1996, ISBN 0-8493-8523-7; chapter 12.6 (pp. 515–524) (Menezes). This method can be used, in particular, for key exchange (Diffie-Hellman key agreement, exponential key exchange).
The term encoding implies the general application of a cryptographic method V(x,k), in which a prescribed input value x (also termed plain text) is converted by means of a secret k (key) into an encoded text c:=V(x,k). The plain text x can be reconstructed using knowledge of c and k by means of an inverse decoding method. The term encoding is also understood as “one-way encoding” with the property that there is no inverse, efficiently calculable decoding method. Examples of such a one-way encoding method are a cryptographic one-way function or a cryptographic hash function, for example the algorithm SHA-1, see NIST, FIPS PUB 180-1: Secure Hash Standard, April 1995, available on-line at hftp://csrc.nist.gov/fips/fip 180-1.ps.
There is a problem in practice of ensuring that a public key which is used to verify an electronic signature really is the public key of the person who is assumed to be the originator of the transmitted data (ensuring the authenticity of the originator). The public key therefore need not be kept secret, but it must be authentic. There are known mechanisms (see Ruland at pages 101–117) which ensure with a high outlay that the authenticity is reliable. Such a mechanism is the setting up of a trust center, which enjoys trustworthiness and with the aid of which general authenticity is ensured. The setting up of such a trust center, and the exchange of the keys from this trust center are, however, very complicated. For example, it must be ensured during the key allocation that it really is the addressee and not a potential attacker who receives the key or the keys. The costs for setting up and operating the trust center are correspondingly high.