Security issues are important in communication systems. It is currently known to use authentication and encryption algorithms to improve security of communication systems. These mechanisms generally imply that the user uses a computer device storing corresponding algorithms and keys.
It would be desirable for a user to have a secured communication session even when the user does not hold a computer device storing all the necessary security algorithms and keys. It may be the case for instance when the user is traveling and can only use unknown and untrusted computer devices, such as personal computers (PCs), for instance in a cyber cafe.
The problem of establishing a secured communication is especially challenging when, for instance a user has to use a public, untrusted PC to access a remote server and download some confidential information from that remote server. In this case not only the user has to be reliably authenticated but also the information downloaded from the server should be reliably encrypted.
The user may hold a storage device with limited memory such as a universal serial bus (USB) key or a chip card, capable of storing some sensitive information relating to security. But in other cases the user may have no personal device at all.
The invention proposes a way of allowing a secured communication session in such situations.