Secure mutual network authentication protocol

Abstract

A password-only mutual network authentication protocol and key exchange protocol using a public key encryption scheme in which a server generates a public key/secret key pair and transmits the public key to a client. The client determines whether the public key was chosen in an acceptable manner, and if so, continues with the protocol. Otherwise, the client rejects authentication. If the protocol is continued, in one embodiment the client generates a parameterp as a function of the public key and a password (or, in an alternate embodiment, as a function of the public key and a function of a password). If the public key space mapping function F applied to p, F (p), is an element of the public key message space, then the protocol continues. If F (p) is not an element of the public key message space, then the client determines to reject authentication, but continues with the protocol so that the server does not gain any information about the password. If the client determines to reject authentication, it will terminate the protocol at a later step at which time the termination of the protocol cannot leak any sensitive information. If both the client and the server accept authentication, then session keys are generated for subsequent secure communication between the client and server. Specific embodiments are disclosed in which RSA is used as the public key encryption scheme.