I am looking for a protocol that will provide mutual authentication and key exchange with a minor twist: the client and server have RSA key pairs, but they cannot use them in the same way. In particular, the server has full use of its keys, but the only use the clients can make of their private keys is for signing. I would rather not roll my own protocol, given the amount of rope available for self-hanging. And seeing as how there are some pretty obscure protocols out there, chances are someone has already published one that would cover this case.
All clients have the public key of the server, and the server has all of the public keys of the clients. The client can only use its private key for signing. In particular, the client cannot decrypt data that has been encrypted with that client's public key. Is there a protocol out there already that provides AKE, or are the clients too underpowered, or...? Thanks and regards, Brian _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
