RFC 1824 (rfc1824) - Page 1 of 21
The Exponential Security System TESS: An Identity-Based Cryptographic Protocol for Authenticated Key-Exchange (E
Alternative Format: Original Text Document
Network Working Group H. Danisch
Request for Comments: 1824 E.I.S.S./IAKS
Category: Informational August 1995
The Exponential Security System TESS:
An Identity-Based Cryptographic Protocol
for Authenticated Key-Exchange
(E.I.S.S.-Report 1995/4)
Status of this Memo
This memo provides information for the Internet community. This memo
does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.
Abstract
This informational RFC describes the basic mechanisms and functions
of an identity based system for the secure authenticated exchange of
cryptographic keys, the generation of signatures, and the authentic
distribution of public keys.
Table of Contents
1. Introduction and preliminary remarks . . . . . . . . . . . . . 2
1.1. Definition of terms/Terminology . . . . . . . . . . . . 2
1.2. Required mechanisms . . . . . . . . . . . . . . . . . . 4
2. Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2.1. SKIA Setup . . . . . . . . . . . . . . . . . . . . . . . 5
2.2. User Setup . . . . . . . . . . . . . . . . . . . . . . . 5
3. Authentication . . . . . . . . . . . . . . . . . . . . . . . . 7
3.1. Zero Knowledge Authentication . . . . . . . . . . . . . 7
3.2. Unilateral Authentication . . . . . . . . . . . . . . . 8
3.3. Mutual Authentication . . . . . . . . . . . . . . . . . 9
3.4. Message Signing . . . . . . . . . . . . . . . . . . . . 10
4. Enhancements . . . . . . . . . . . . . . . . . . . . . . . . . 10
4.1. Non-Escrowed Key Generation . . . . . . . . . . . . . . 11
4.2. Hardware Protected Key . . . . . . . . . . . . . . . . . 11
4.3. Key Regeneration . . . . . . . . . . . . . . . . . . . . 12
4.4. r ^ r . . . . . . . . . . . . . . . . . . . . . . . . . 13
4.5. Implicit Key Exchange . . . . . . . . . . . . . . . . . 13
4.6. Law Enforcement . . . . . . . . . . . . . . . . . . . . 13
4.7. Usage of other Algebraic Groups . . . . . . . . . . . . 14
4.7.1 DSA subgroup SKIA Setup . . . . . . . . . . . . . 14
4.7.2 Escrowed DSA subgroup User Setup . . . . . . . . 14
4.7.3 Non-Escrowed DSA subgroup User Setup . . . . . . 15
4.7.4 DSA subgroup Authentication . . . . . . . . . . . 15
Danisch Informational