A protocol for establishing secure communication channels in a large network

Knowledge exchange and information access in a truly distributed network often require transmitting of data through open media. Consequently, data presented through such an environment are vulnerable to attacks. To minimize such vulnerability, data transformation or encryption/decryption techniques are often utilized among senders and receivers to achieve secure communication. Since data encryption/decryption requires sharing of a secret session key, finding an efficient way to distribute the session key in a large-scale, truly distributed network has been a nontrivial task. This paper presents a protocol for efficiently distributing session keys in such an environment to establish a secure channel. We assume the target network consists of many locally trusted centers, and each center has many users attached to it. The scheme incorporates the public-key distribution concept and the RSA encryption scheme as the basic mathematical tools, but eliminates the storage problem associated with huge public-key files. In addition, the proposed scheme has the added feature of providing the authenticate session key to the two parties in a secure communication