The present invention relates to a method for establishing a secret key between two nodes in a communication network, in particular in a wireless local area network (WLAN).
In order to establish a secret key between two nodes in a communication network key exchange protocols are commonly used. Known key exchange protocols are, for example, the Diffie-Hellman algorithm, in particular Diffie-Hellman on elliptic curves, or RSA based methods. The security of the known methods is based on the application of so-called one-way functions. In this sense, the Diffie-Hellman algorithm uses the fact the raising to a power operation is a very simple computation operation, but that in contrast the computation of the discrete logarithm of a number is only possible with extremely high effort.
After having performed the known methods, the parties A and B involved in the algorithm dispose of a secret key K which only they will know. But in case of the known methods the key exchange itself is not kept secret which can turn out to be disadvantageous in certain environments. The initiating party, for example, when performing the Diffie-Hellman key exchange first has to transmit two values over the insecure medium. In the common notation this is a prime number p, as well as a generator g, on the base of which the shared key KDH can then be computed according to KDH=(ga mod p)b mod p=(gb mod p)a mod p. The variables a and b denominate random numbers chosen by the parties. Only due to the fact of transmitting a message with the values g, p, as well as generally also A=ga mod p over an insecure medium, an attacker intercepting this message can already draw certain conclusions, for example, in the simplest case, the fact that a key agreement is occurring and who is the initiating party.