| CPC H04L 9/3093 (2013.01) [H04L 9/0841 (2013.01); H04L 9/14 (2013.01)] | 28 Claims |
|
1. A second cryptographic device comprising:
a communication interface circuit, wherein the communication interface circuit is arranged to communicate with a first cryptographic device; and
a processor circuit,
wherein the processor circuit is arranged to obtain a first public key,
wherein the first public key is associated with the first cryptographic device,
wherein the processor circuit is arranged to generate a second private-key,
wherein the processor circuit is arranged to compute a second public-key from the second private-key,
wherein the processor circuit is arranged to compute a second raw shared key from the second private key and the first public key,
wherein computing the second raw shared key comprises a noisy multiplication between the second private key and the first public key,
wherein the processor circuit is arranged to encapsulate a key seed with at least part of the second raw shared key by applying an encapsulation function so as to obtain encapsulated data,
wherein the processor circuit is arranged to transfer the second public-key, and the encapsulated data to the first cryptographic device,
wherein the processor circuit is arranged to apply a validation procedure to the obtained public key to determine if the public key is secure for encapsulation of a key seed,
wherein the key seed is not encapsulated or the encapsulated data is not transferred if the validation procedure determines that the public key is insecure.
|