4.1.2 Key Exchange

Another objective of the negotiation phase is key exchange between peer entities. This exchange should be done in a secure manner. In this key exchange, ``a public key certificate,'' discussed later, is introduced in order to protect this key exchange against eavesdroppings. After the key exchange, peer entities share session keys for datagram integrity and confidentiality.

Before a procedure of the key exchange is carried out, peer entities of communication have a public key certificate that is signed by a reliable certificate authority(CA).

We explain symbols and notations used throughout the rest of this paper. They are summarized in Table 2.

 
Table 2:  Symbols used in key distribution

Figure 3:   Key Issue and Exchange Procedures

Public Key Certificate Issue \ The procedure to issue a public key certificated by CA to a host is shown in Figure 3(a).

CA makes PKca available to the public and maintains its own secret key SKca. The procedure for issuing a public key certificated is put into practice as follows.

1. A host J sends a public key PKj and its network address IPj to CA.

2. The CA adds VP which indicates a term of validation to (PKj, IPj), and encrypts it with CA's secret key. Resulting certificate (PKj, IPj, VP)^{SKca} is sent to the host J.

Procedure of Key Exchange \ The procedure of shared session keys exchange is illustrated in Figure 3(b).

The procedure is carried out as follows.

1. Host B sends (IPb, PKb, VP)^{SKca} to Host A.
2. Host A decrypts (IPb, PKb, VP)^{SKca*PKca} = (IPb, PKb, VP) and verifies the public key for the IPb is PKb.

3. Host A encrypts shared keys WKc, WKi with its own secret key SKa and ,PKb and sends resulting (WKc, WKi)^{SKa*PKb} together with the A's public key certificate (IPa, PKa, VP)^{SKca} to Host B.
4. Host B decrypts (IPa, PKa, VP)^{SKca*PKca} = (IPa, PKa, VP) and verifies the public key for the IPa is PKa. Then, Host B decrypts (WKc, WKi)^{SKa*PKb} to obtain the conventional shared keys.