DK3210335T3 - Effektiv opstart til sikre forbindelser og tilknyttede tjenester - Google Patents

Effektiv opstart til sikre forbindelser og tilknyttede tjenester Download PDF

Info

Publication number
DK3210335T3
DK3210335T3 DK15790414.5T DK15790414T DK3210335T3 DK 3210335 T3 DK3210335 T3 DK 3210335T3 DK 15790414 T DK15790414 T DK 15790414T DK 3210335 T3 DK3210335 T3 DK 3210335T3
Authority
DK
Denmark
Prior art keywords
related services
secure connections
efficient start
efficient
connections
Prior art date
Application number
DK15790414.5T
Other languages
English (en)
Inventor
James Mitch Zollinger
Wesley Miaw
Original Assignee
Netflix Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Netflix Inc filed Critical Netflix Inc
Application granted granted Critical
Publication of DK3210335T3 publication Critical patent/DK3210335T3/da

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0841Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/082Access security using revocation of authorisation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0846Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Computer And Data Communications (AREA)
DK15790414.5T 2014-10-24 2015-10-23 Effektiv opstart til sikre forbindelser og tilknyttede tjenester DK3210335T3 (da)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US201462068504P 2014-10-24 2014-10-24
US14/920,641 US10050955B2 (en) 2014-10-24 2015-10-22 Efficient start-up for secured connections and related services
PCT/US2015/057213 WO2016065318A1 (en) 2014-10-24 2015-10-23 Efficient start-up for secured connections and related services

Publications (1)

Publication Number Publication Date
DK3210335T3 true DK3210335T3 (da) 2020-08-24

Family

ID=54427886

Family Applications (1)

Application Number Title Priority Date Filing Date
DK15790414.5T DK3210335T3 (da) 2014-10-24 2015-10-23 Effektiv opstart til sikre forbindelser og tilknyttede tjenester

Country Status (7)

Country Link
US (1) US10050955B2 (da)
EP (1) EP3210335B1 (da)
KR (1) KR102015201B1 (da)
CN (1) CN107005413B (da)
AU (2) AU2015335689B2 (da)
DK (1) DK3210335T3 (da)
WO (1) WO2016065318A1 (da)

Families Citing this family (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10193698B1 (en) 2015-06-26 2019-01-29 Juniper Networks, Inc. Avoiding interdicted certificate cache poisoning for secure sockets layer forward proxy
US9893883B1 (en) * 2015-06-26 2018-02-13 Juniper Networks, Inc. Decryption of secure sockets layer sessions having enabled perfect forward secrecy using a diffie-hellman key exchange
US10291651B1 (en) 2015-06-26 2019-05-14 Juniper Networks, Inc. Unified secure socket layer decryption
US10778439B2 (en) * 2015-07-14 2020-09-15 Fmr Llc Seed splitting and firmware extension for secure cryptocurrency key backup, restore, and transaction signing platform apparatuses, methods and systems
US10504179B1 (en) 2015-12-08 2019-12-10 Fmr Llc Social aggregated fractional equity transaction partitioned acquisition apparatuses, methods and systems
US10644885B2 (en) * 2015-07-14 2020-05-05 Fmr Llc Firmware extension for secure cryptocurrency key backup, restore, and transaction signing platform apparatuses, methods and systems
US10992469B2 (en) * 2015-07-14 2021-04-27 Fmr Llc Seed splitting and firmware extension for secure cryptocurrency key backup, restore, and transaction signing platform apparatuses, methods and systems
US10461940B2 (en) * 2017-03-10 2019-10-29 Fmr Llc Secure firmware transaction signing platform apparatuses, methods and systems
US10129228B1 (en) * 2016-03-30 2018-11-13 Amazon Technologies, Inc. Authenticated communication between devices
US20190268145A1 (en) * 2016-06-28 2019-08-29 Verimatrix Gmbh Systems and Methods for Authenticating Communications Using a Single Message Exchange and Symmetric Key
EP3299988B1 (en) * 2016-09-22 2021-03-10 MARICI Holdings The Netherlands B.V. Secure communication method and system
US10615970B1 (en) * 2017-02-10 2020-04-07 Wells Fargo Bank, N.A. Secure key exchange electronic transactions
US10615969B1 (en) 2017-02-10 2020-04-07 Wells Fargo Bank, N.A. Database encryption key management
US10868673B2 (en) 2017-09-25 2020-12-15 Sap Se Network access control based on distributed ledger
CN108092996B (zh) * 2018-01-29 2020-02-28 平安科技(深圳)有限公司 一种鉴权通道选取方法及终端设备
CN112075051A (zh) * 2018-03-02 2020-12-11 日东电工株式会社 用于保护计算机之间的数据通信的系统和方法
US10819689B2 (en) * 2018-05-03 2020-10-27 Honeywell International Inc. Systems and methods for encrypted vehicle data service exchanges
WO2019223851A1 (en) * 2018-05-21 2019-11-28 ComAp a.s. Method and system for creating a secure communication channel
KR102115828B1 (ko) * 2018-06-08 2020-05-27 금오공과대학교 산학협력단 블록체인을 기반으로 한 시험지 유출 방지 방법
US11138132B2 (en) * 2018-06-20 2021-10-05 Intel Corporation Technologies for secure I/O with accelerator devices
US11336430B2 (en) * 2018-09-07 2022-05-17 Sap Se Blockchain-incorporating distributed authentication system
CN109167802B (zh) * 2018-11-08 2021-07-13 金蝶软件(中国)有限公司 防止会话劫持的方法、服务器以及终端
EP3881517A4 (en) 2018-11-15 2022-01-12 Visa International Service Association RISK-SENSITIVE COLLABORATIVE AUTHENTICATION
US11206131B1 (en) * 2019-05-17 2021-12-21 Wells Fargo Bank, N.A. Post quantum unique key per token system
IL276868A (en) * 2020-08-23 2022-03-01 Google Llc Processing requests to control information stored on multiple servers
CN113542150B (zh) * 2021-07-14 2023-06-02 杭州海康威视数字技术股份有限公司 一种数据传输方法、装置及中心端网桥

Family Cites Families (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7290288B2 (en) * 1997-06-11 2007-10-30 Prism Technologies, L.L.C. Method and system for controlling access, by an authentication server, to protected computer resources provided via an internet protocol network
US6510236B1 (en) 1998-12-11 2003-01-21 International Business Machines Corporation Authentication framework for managing authentication requests from multiple authentication devices
US7523490B2 (en) 2002-05-15 2009-04-21 Microsoft Corporation Session key security protocol
US20040054898A1 (en) 2002-08-28 2004-03-18 International Business Machines Corporation Authenticating and communicating verifiable authorization between disparate network domains
US7706540B2 (en) * 2002-12-16 2010-04-27 Entriq, Inc. Content distribution using set of session keys
KR100523357B1 (ko) 2003-07-09 2005-10-25 한국전자통신연구원 이더넷 기반 수동형 광네트워크의 보안서비스 제공을 위한키관리 장치 및 방법
EP2184934B1 (en) * 2003-12-29 2012-12-05 Telefonaktiebolaget L M Ericsson (PUBL) Method and apparatuses for single sign-on access to a service network through an access network
US8621201B2 (en) 2005-06-29 2013-12-31 Telecom Italia S.P.A. Short authentication procedure in wireless data communications networks
WO2007038896A2 (en) * 2005-10-05 2007-04-12 Privasphere Ag Method and devices for user authentication
CN101278538A (zh) * 2005-10-05 2008-10-01 普里瓦斯菲尔公司 用于用户认证的方法和设备
US20070130463A1 (en) * 2005-12-06 2007-06-07 Eric Chun Wah Law Single one-time password token with single PIN for access to multiple providers
US20080034216A1 (en) 2006-08-03 2008-02-07 Eric Chun Wah Law Mutual authentication and secure channel establishment between two parties using consecutive one-time passwords
CN101064695A (zh) * 2007-05-16 2007-10-31 杭州看吧科技有限公司 一种P2P(Peer to Peer)安全连接的方法
FR2916592B1 (fr) 2007-05-25 2017-04-14 Groupe Des Ecoles De Telecommunications(Get)-Ecole Nat Superieure Des Telecommunications(Enst) Procede de securisation d'echange d'information,dispositif, et produit programme d'ordinateur correspondant
CN101674304B (zh) * 2009-10-15 2013-07-10 浙江师范大学 一种网络身份认证系统及方法
US8607317B2 (en) * 2009-10-28 2013-12-10 Blackberry Limited Automatic user authentication and identification for mobile instant messaging application
EP2334008A1 (en) * 2009-12-10 2011-06-15 Tata Consultancy Services Limited A system and method for designing secure client-server communication protocols based on certificateless public key infrastructure
US8868923B1 (en) * 2010-07-28 2014-10-21 Sandia Corporation Multi-factor authentication
US8627422B2 (en) 2010-11-06 2014-01-07 Qualcomm Incorporated Authentication in secure user plane location (SUPL) systems
US8713589B2 (en) * 2010-12-23 2014-04-29 Microsoft Corporation Registration and network access control
US9094212B2 (en) * 2011-10-04 2015-07-28 Microsoft Technology Licensing, Llc Multi-server authentication token data exchange
US8924712B2 (en) * 2011-11-14 2014-12-30 Ca, Inc. Using QR codes for authenticating users to ATMs and other secure machines for cardless transactions
WO2013122875A1 (en) * 2012-02-13 2013-08-22 Eugene Shablygin Secure digital storage
US9537899B2 (en) 2012-02-29 2017-01-03 Microsoft Technology Licensing, Llc Dynamic selection of security protocol
US8819445B2 (en) * 2012-04-09 2014-08-26 Mcafee, Inc. Wireless token authentication
US20140019753A1 (en) * 2012-07-10 2014-01-16 John Houston Lowry Cloud key management
WO2014198745A1 (en) * 2013-06-12 2014-12-18 Telecom Italia S.P.A. Mobile device authentication in heterogeneous communication networks scenario
CN103491084B (zh) * 2013-09-17 2016-06-15 天脉聚源(北京)传媒科技有限公司 一种客户端的认证处理方法及装置
US11349675B2 (en) * 2013-10-18 2022-05-31 Alcatel-Lucent Usa Inc. Tamper-resistant and scalable mutual authentication for machine-to-machine devices
EP3120493B1 (en) * 2014-03-16 2018-11-07 Haventec PTY LTD Persistent authentication system incorporating one time pass codes
US11120436B2 (en) * 2015-07-17 2021-09-14 Mastercard International Incorporated Authentication system and method for server-based payments

Also Published As

Publication number Publication date
KR20170076742A (ko) 2017-07-04
KR102015201B1 (ko) 2019-10-21
AU2015335689A1 (en) 2017-05-11
AU2015335689B2 (en) 2018-04-05
US10050955B2 (en) 2018-08-14
EP3210335B1 (en) 2020-06-24
WO2016065318A1 (en) 2016-04-28
EP3210335A1 (en) 2017-08-30
CN107005413A (zh) 2017-08-01
CN107005413B (zh) 2021-03-12
US20160119318A1 (en) 2016-04-28
AU2018204851A1 (en) 2018-07-19

Similar Documents

Publication Publication Date Title
DK3210335T3 (da) Effektiv opstart til sikre forbindelser og tilknyttede tjenester
DK3201351T3 (da) Kaloriefrie sødestoffer og fremgangsmåder til syntetisering
BR112017008005A2 (pt) aparelho para fornecer serviços de comunicação e métodos do mesmo
DK3265947T3 (da) Fremgangsmåde og system til kryptering
DK3229838T3 (da) Anti-C10orf54-antistoffer og anvendelser deraf
DK3380522T3 (da) Antistofmolekyler til april og anvendelser deraf
DK3126388T3 (da) Anti-EGFRvIII-antistoffer og anvendelser deraf
DK3212189T3 (da) Substituerede chromaner og fremgangsmåde til anvendelse deraf
DK3215147T3 (da) Neurodæmpende norketamin-forbindelser og fremgangsmåder
DK3143134T3 (da) Modificerede, naturlige dræberceller og anvendelser deraf
DK3125927T3 (da) Fremgangsmåder og sammensætninger til immunmodulering
DK3218358T3 (da) Ifluorometyl-aminopyridiner og difluorometyl-aminopyrimidiner
DK3187028T3 (da) System til at fusionere og komprimere kompakte tori
DK3221808T3 (da) Sikker forbindelse mellem internetserver og høreapparat
DK3473263T3 (da) Kombinerede præparater til behandling af kræft
DK2955757T3 (da) Nitrid-effektkomponent og fremgangsmåde til fremstilling deraf
DK3094817T3 (da) System og fremgangsmåde til fremstilling af olie
DK3209773T3 (da) Prolintolerante tripeptidylpeptidaser og anvendelser deraf
DK3161139T3 (da) Tlr-4-specifikke aptamerer og anvendelser heraf
DK3159296T3 (da) Reb til elevator og fremstillingsfremgangsmåde dertil
DK3231016T3 (da) Fotovoltaikmodul og fotovoltaiksystem
DK3099988T3 (da) Dampkompressionssystem og fremgangsmåder til drift deraf
DE112016004496T8 (de) Pumpvorrichtungen
DK3225627T5 (da) Tripeptidforbindelse, fremgangsmåde til fremstilling deraf og anvendelse deraf
DK3365321T3 (da) Solabegron-zwitterion og anvendelser deraf