Key-exchange authentication using shared secrets

Transport Layer Security standard provides connection security with peer entity authentication, data confidentiality and integrity, key generation and distribution, and security parameters negotiation. Its native integration in browsers and Web servers makes TLS the most frequently deployed security protocol. The TLS specifications use public-key certificates for mutual authentication and key establishment. We extend the TLS protocol with a new authentication scheme based on an out-of-band shared secret. Our extension, the TLS key-exchange method (KEM), ensures an end-to-end authenticated session-key exchange and allows identity protection, perfect forward secrecy (PFS), and anonymity. Furthermore, it reduces message flow and thus bandwidth on both wired and wireless networks.