Method and apparatus for entity authentication and session key generation

Abstract

A system for authenticating a first entity to a second entity and for simultaneously generating a session key for encrypting communications between the entities. The first entity generates an authentication value by encrypting time-dependent information using a long-lived secret key shared by the entities and transmits the authentication value to the second entity. The first entity independently encrypts other time-dependent information using the long-lived key to generate a session key that cannot be derived from the authentication value without the long-lived key. Upon receiving the transmitted authentication value, the second entity checks the transmitted authentication value using the shared long-lived key to determine whether it is valid. If the authentication value is valid, the second entity authenticates the first entity and generates an identical session key from the same shared secret information and time-dependent information. The encrypted time-dependent information is passed through a key weakening function to generate a weakened key which is used as the session key. The key weakening function includes a one-way function to protect the input value from discovery by an attacker who may have ascertained the weakened session key.