The invention relates to a code exchange protocol using the Diffie-Hellman protocol with an end-to-end authentication.
Encryption methods and coding devices serve to protect the confidentiality of information which is to be transmitted. In this case, use is made of cryptoalgorithms in which an encoded text, also termed cryptotext, which is not to be capable of interpretation by third parties is generated at the transmitting end from useful information, the plain text, which is to be protected, by using a code which is to be kept secret. The code which is to be kept secret is denoted as session code. In the case of a symmetrical encryption method, the same session code is required at the receiving end in order to recover the plain text from the encoded text.
In the case of a confidential communication, both communication partners must have the same session code, which is not permitted to be accessible to an unauthorized person. In order to ensure this, the session code is generally exchanged at or before the start of the communication by hyperencryption made of a code of a higher hierarchy, or by a special code agreement protocol.
In the case of the use of hyperencryption codes, be they symmetrical methods or modern asymmetrical methods such as, for example, the RSA method, the secret code must be stored permanently in the encryption device. If the device falls into the hands of an attacker, the latter can read out the secret code and thereby subsequently decrypt previously recorded information, that is to say encoded texts. In order to prevent this, substantial technical outlay is frequently undertaken, in order to make it difficult or impossible for codes to be read out from an encryption device (tamper-proof devices).
In the case of code exchange protocols according to the Diffie-Hellman type of method (W. Diffie, M. E. Hellman, New Directions in Cryptography, IEEE Transactions on Information Theory 6, 1976, pages 644 and 654), by contrast, no such code storage is required. In the case of this method, use is made of so-called one-way functions to agree a symmetrical communication code between the subscribers.
A one-way function is understood to be invertible function F of a set X in a set Y, so that y=F(x) is “easy” to calculate for all x from X, while the inverse F−1(y) is “difficult” to calculate. If the decryption mapping belonging to an encryption mapping is not known, the encryption function of any cryptosystem should appear as a one-way function. The code exchange method of Diffie and Hellman is based on a special class of one-way functions which have a particular commutative property.
General advice on cryptography is to be found in the book by W. Fumie and H. W. Ries, Kryptographie, Entwurf und Analyse symmetrischer Kryptosysteme [Cryptography, design and analysis of symmetrical cryptosystems], published by R. Oldenburg Verlag Munich, Vienna, 1998, ISBN 3-486-20868-3.
By contrast with the hyperencryption principle, in the case of a code exchange method in accordance with Diffie-Hellman, there is no safeguarded cryptographic information on the communication partner with whom the connection is established. Consequently, so-called man-in-the-middle attacks are possible, in which the attacker pretends to each of the communication partners to be the respective other one, and can thus also read the information.