Abstract: A method, computer system, and program product provides for authentication of user messages using PKI technology in environments where limited capacity prevents direct PKI technology use, and strong security is provided using magnetic swipe cards or the like, and a pass phrase is used for enhanced security and to avoid the need for special purpose devices. The invention is advantageous where there are limitations on the space available for PKI credentials, such as in the userid and password fields of a remote access protocol. PKI techniques are used without transferring lengthy keys or certificates once an initial registration process is complete. A secret key is used. A digest is computed of the secret key, the user's certificate serial number, and a time stamp. The digest, together with the user's certificate serial number and the time stamp, forms a compact message that may be transmitted. Private keys and secret keys are not sent during authentication. Replay attacks are prevented.