The Exponential Security System TESS: An Identity-Based Cryptographic Protocol for Authenticated Key-Exchange (E.I.S.S.-Report 1995/4)
RFC 1824

Document Type RFC - Informational (August 1995; No errata)
Last updated 2013-03-02
Stream Legacy
Formats plain text pdf html bibtex
Stream Legacy state (None)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state RFC 1824 (Informational)
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                         H. Danisch
Request for Comments: 1824                                 E.I.S.S./IAKS
Category: Informational                                      August 1995

                 The Exponential Security System TESS:
                An Identity-Based Cryptographic Protocol
                     for Authenticated Key-Exchange
                        (E.I.S.S.-Report 1995/4)

Status of this Memo

   This memo provides information for the Internet community.  This memo
   does not specify an Internet standard of any kind.  Distribution of
   this memo is unlimited.

Abstract

   This informational RFC describes the basic mechanisms  and  functions
   of  an identity based system for the secure authenticated exchange of
   cryptographic keys, the generation of signatures, and  the  authentic
   distribution of public keys.

Table of Contents

   1.  Introduction and preliminary remarks . . . . . . . . . . . . .  2
       1.1.  Definition of terms/Terminology  . . . . . . . . . . . .  2
       1.2.  Required mechanisms  . . . . . . . . . . . . . . . . . .  4
   2.  Setup  . . . . . . . . . . . . . . . . . . . . . . . . . . . .  5
       2.1.  SKIA Setup . . . . . . . . . . . . . . . . . . . . . . .  5
       2.2.  User Setup . . . . . . . . . . . . . . . . . . . . . . .  5
   3.  Authentication . . . . . . . . . . . . . . . . . . . . . . . .  7
       3.1.  Zero Knowledge Authentication  . . . . . . . . . . . . .  7
       3.2.  Unilateral Authentication  . . . . . . . . . . . . . . .  8
       3.3.  Mutual Authentication  . . . . . . . . . . . . . . . . .  9
       3.4.  Message Signing  . . . . . . . . . . . . . . . . . . . . 10
   4.  Enhancements . . . . . . . . . . . . . . . . . . . . . . . . . 10
       4.1.  Non-Escrowed Key Generation  . . . . . . . . . . . . . . 11
       4.2.  Hardware Protected Key . . . . . . . . . . . . . . . . . 11
       4.3.  Key Regeneration . . . . . . . . . . . . . . . . . . . . 12
       4.4.  r ^ r  . . . . . . . . . . . . . . . . . . . . . . . . . 13
       4.5.  Implicit Key Exchange  . . . . . . . . . . . . . . . . . 13
       4.6.  Law Enforcement  . . . . . . . . . . . . . . . . . . . . 13
       4.7.  Usage of other Algebraic Groups  . . . . . . . . . . . . 14
             4.7.1  DSA subgroup SKIA Setup . . . . . . . . . . . . . 14
             4.7.2  Escrowed DSA subgroup User Setup  . . . . . . . . 14
             4.7.3  Non-Escrowed DSA subgroup User Setup  . . . . . . 15
             4.7.4  DSA subgroup Authentication . . . . . . . . . . . 15

Danisch                      Informational                      [Page 1]
RFC 1824                          TESS                       August 1995

   5.  Multiple SKIAs . . . . . . . . . . . . . . . . . . . . . . . . 15
       5.1.  Unstructured SKIAs . . . . . . . . . . . . . . . . . . . 15
       5.2.  Hierarchical SKIAs . . . . . . . . . . . . . . . . . . . 16
       5.3.  Example: A DNS-based public key structure  . . . . . . . 18
   Security Considerations  . . . . . . . . . . . . . . . . . . . . . 19
   References . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
   Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 21

1.  Introduction and preliminary remarks

   This RFC describes The Exponential Security System TESS [1].  TESS is
   a toolbox set system of different but cooperating cryptographic
   mechanisms and functions based on the primitive of discrete
   exponentiation. TESS is based on asymmetric cryptographical protocols
   and a structure of self-certified public keys.

   The most important mechanisms TESS is based on are the ElGamal
   signature [2, 3] and the KATHY protocols (KeY exchange with embedded
   AuTHentication), which were simultaneously discovered by Guenther [4]
   and Bauspiess and Knobloch [5, 6, 7].

   This RFC explains how to create and use the secret and public keys of
   TESS and shows a method for the secure distribution of the public
   keys.

   It is expected that the reader is familiar with the basics of
   cryptography, the Discrete Logarithm Problem, and the ElGamal
   signature mechanism.

   Due to the ASCII representation of this RFC the following style is
   choosen for mathematical purposes:

   -  a  ^  b  means the exponentiation of a to the power of b, which is
      always used within a modulo context.

   -  a[b] means a with an index or subscription of b.

   -  a = b means equality or congruency within a modulo context.

1.1.  Definition of terms/Terminology

   Key pair

      A key pair is a set of a public and a secret key which belong
      together.  There are two distinct kinds of key pairs, the SKIA key
      pair and the User key pair. (As will be shown in the section about
      hierarchical SKIAs, the two kinds of keys are not really distinct.
      They are the same thing seen from a different point of view.)

Danisch                      Informational                      [Page 2]
Show full document text