Summary
Most of the key agreement protocols (e.g., Menezes–Qu–Vanstone [MQV] family) generate one common key per session. This leaves the session key vulnerable against various attacks. This article proposed an enhanced multiple session key (EMSK) protocol which is based on the elliptic curve Diffie–Hellman (ECDH), HMQV, and the YAK protocols. The EMSK generates multiple session keys per session. Unlike the MQV protocol, the EMSK needs only two messages to be exchanged in order to create nine session keys. However, the MQV requires 18 messages to be exchanged in order to produce these nine session keys. In EMSK, one of the session keys is used to encrypt the plaintext using the one‐time pad cipher. The encrypted message is then embedded in an RGB‐image in order to provide confidentiality service of communication. The EMSK is evaluated theoretically against various types of attacks and practically using the Scyther simulator. The results from the simulator showed that the EMSK protocol withstand various types of attacks on the MQV, HMQV, and the YAK protocols, and provided perfect forward secrecy. In addition, the EMSK provides a digital signature feature which validates the authenticity and integrity of a digital message using the zero knowledge prove.