To set up a secure communications channel only the requesting node (not the receiving node) communicates with a trusted third party

摘要

A method of establishing a secure communication channel between two nodes in a wireless communications network using a private public key system is disclosed. Each node has a unique certificate used to certificate communications from that node, and the certificates are stored on a trusted third party (TTP) device. The initiating node (A) sends a request for communication with a receiving node (B) to the TTP. The TTP responds with a message for A to forward to B. The message includes the certificate of A encrypted such that only B can decrypt the part of the message containing the certificate of A and preferably also includes the certificate of B encrypted such that only A can decrypt the message containing the certificate of B after B has decrypted the certificate of A. As there is no need for the receiving node (B) to communicate directly with the TTP, the number of messages required in order to establish secure communication is reduced. Preferably the method is used to establish a symmetric session key, KAB.