This system uses a shared key to create an encrypted authenticated connection which is resistant to weak-key, chosen plaintext and known-plaintext attacks. It's much safer than using the shared secret directly.

A shared key is a shared secret (for instance a long passphrase). This is hashed (e.g. SHA256) and used as a setup key.

Machine A choses a random number (the intermediate key) encrypts it using the setup key and sends it to machine B, which decrypts it using its own copy of the setup key. Only machines which begin with the shared key can obtain the intermediate key.

Machine B decrypts the intermediate key, generates another random number (the session key), encrypts the session key with the intermediate key and sends the result back to machine A. Only machine A (and other michines with the intermediate key) can decrypt this and obtain the session key.

If you want an additional confirmation of the connection, machine B can send an additional encrypted packet. This packet can have (say) the lowest quarter of its bits set to zero and the rest set to entropy before encryption by the session key. If you don't use plenty of entropy, this may be used as the target of a (partially) known plaintext attack.

As with any security system you should start the design process with two prime assumptions: that the attacker knows the system design fully, and understands how to break it at least as well as you do. Design a security system this way or expect to get cracked.

Finally, remember that while shared key systems are easy for non-technical people to administer, they are vulnerable to a physical access attack upon *any* of the machines which share the key. If the bad guys break just one of these, they break everything. Asymmetric systems like IPSec are more complex, but way more robust.

What do you think of this idea or comment?
(You can change your vote at any time)

I agree

No opinion

I disagree