查看文章

Authenticated key exchange protocols play an important role in securing communications and are extensively deployed for use in various real-world network applications. Diffie-Hellman key exchange protocol has been widely used for establishing a secret key in two-party communications without using any third-party key management entity. But, Diffie-Hellman key exchange protocol does not authenticate the users in the communication and is vulnerable to man-in-the-middle attack when the environment is wireless. In this paper, a variant of Diffie-Hellman key exchange protocol based on string comparison has been presented that addresses the security vulnerabilities identified in the trivial Diffie-Hellman Protocol. It uses a combination of commitment scheme and authentication strings to withstand man-in-the-middle attack and can be used in both wired as well as wireless networks.