Abstract: An authentication method for trusted communication between a first party (A) and a second party (B) is intended to be efficient and secure. For this purpose, provision is made to combine password-based authentication and certificate-based authentication. For certificate-based authentication, the first party (A) has a static key pair consisting of a private static key and a public static key and a certificate for the public static key issued by a certification body (C). The certification body (C) is assigned a public key which is known by the second party (B). During the certificate-based authentication, the party A calculates a transformation between its own ephemeral key pair from the password-based authentication and its own static key pair from the certificate-based authentication so as to obtain a transformation parameter for carrying out the transformation.

Abstract: An authentication method for trusted communication between a first party (A) and a second party (B) is intended to be efficient and secure. For this purpose, provision is made to combine password-based authentication and certificate-based authentication. For certificate-based authentication, the first party (A) has a static key pair consisting of a private static key and a public static key and a certificate for the public static key issued by a certification body (C). The certification body (C) is assigned a public key which is known by the second party (B). During the certificate-based authentication, the party A calculates a transformation between its own ephemeral key pair from the password-based authentication and its own static key pair from the certificate-based authentication so as to obtain a transformation parameter for carrying out the transformation.