RU2542911C2 - Установление однорангового сеанса с малым временем ожидания - Google Patents
Установление однорангового сеанса с малым временем ожидания Download PDFInfo
- Publication number
- RU2542911C2 RU2542911C2 RU2012116131/08A RU2012116131A RU2542911C2 RU 2542911 C2 RU2542911 C2 RU 2542911C2 RU 2012116131/08 A RU2012116131/08 A RU 2012116131/08A RU 2012116131 A RU2012116131 A RU 2012116131A RU 2542911 C2 RU2542911 C2 RU 2542911C2
- Authority
- RU
- Russia
- Prior art keywords
- destination
- session
- source
- key
- communication session
- Prior art date
Links
- 238000004891 communication Methods 0.000 claims abstract description 190
- 238000000034 method Methods 0.000 claims abstract description 54
- 230000000977 initiatory effect Effects 0.000 claims abstract description 23
- 238000003860 storage Methods 0.000 claims description 19
- 238000012546 transfer Methods 0.000 claims description 5
- 238000012795 verification Methods 0.000 claims description 4
- 230000000694 effects Effects 0.000 abstract 1
- 239000000126 substance Substances 0.000 abstract 1
- 238000005516 engineering process Methods 0.000 description 57
- 238000012790 confirmation Methods 0.000 description 24
- 230000003993 interaction Effects 0.000 description 9
- 230000008569 process Effects 0.000 description 8
- 230000008901 benefit Effects 0.000 description 6
- 230000005540 biological transmission Effects 0.000 description 5
- 230000001413 cellular effect Effects 0.000 description 5
- 230000009471 action Effects 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 230000006399 behavior Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 230000008520 organization Effects 0.000 description 2
- 230000009118 appropriate response Effects 0.000 description 1
- 230000006835 compression Effects 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000003467 diminishing effect Effects 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000012163 sequencing technique Methods 0.000 description 1
- 230000011664 signaling Effects 0.000 description 1
- 230000009044 synergistic interaction Effects 0.000 description 1
- 230000007723 transport mechanism Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
- H04L9/0841—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
- H04L9/0844—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols with user authentication or key authentication, e.g. ElGamal, MTI, MQV-Menezes-Qu-Vanstone protocol or Diffie-Hellman protocols using implicitly-certified keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
- H04L9/3273—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/42—Anonymization, e.g. involving pseudonyms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/166—Implementing security features at a particular protocol layer at the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/104—Peer-to-peer [P2P] networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US12/603,401 | 2009-10-21 | ||
| US12/603,401 US8458776B2 (en) | 2009-10-21 | 2009-10-21 | Low-latency peer session establishment |
| PCT/US2010/050282 WO2011049712A2 (en) | 2009-10-21 | 2010-09-24 | Low-latency peer session establishment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| RU2012116131A RU2012116131A (ru) | 2013-10-27 |
| RU2542911C2 true RU2542911C2 (ru) | 2015-02-27 |
Family
ID=43880194
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| RU2012116131/08A RU2542911C2 (ru) | 2009-10-21 | 2010-09-24 | Установление однорангового сеанса с малым временем ожидания |
Country Status (7)
| Country | Link |
|---|---|
| US (1) | US8458776B2 (enExample) |
| EP (1) | EP2491672B1 (enExample) |
| JP (1) | JP5650230B2 (enExample) |
| KR (1) | KR101786132B1 (enExample) |
| CN (1) | CN102577230B (enExample) |
| RU (1) | RU2542911C2 (enExample) |
| WO (1) | WO2011049712A2 (enExample) |
Families Citing this family (36)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10255445B1 (en) * | 2006-11-03 | 2019-04-09 | Jeffrey E. Brinskelle | Identifying destinations of sensitive data |
| US8458776B2 (en) | 2009-10-21 | 2013-06-04 | Microsoft Corporation | Low-latency peer session establishment |
| US8769131B2 (en) * | 2010-04-16 | 2014-07-01 | Oracle America, Inc. | Cloud connector key |
| US8724812B2 (en) * | 2010-12-31 | 2014-05-13 | Motorola Solutions, Inc. | Methods for establishing a secure point-to-point call on a trunked network |
| US10068084B2 (en) * | 2011-06-27 | 2018-09-04 | General Electric Company | Method and system of location-aware certificate based authentication |
| JP5824977B2 (ja) * | 2011-08-31 | 2015-12-02 | 株式会社リコー | 鍵ペア管理プログラム、鍵ペア管理方法及び画像形成装置 |
| WO2013188875A1 (en) * | 2012-06-15 | 2013-12-19 | Massachusetts Institute Of Technology | Optimized transport layer security |
| US8966593B2 (en) | 2013-03-14 | 2015-02-24 | International Business Machines Corporation | Delivering author specific content |
| US9439142B2 (en) * | 2013-03-15 | 2016-09-06 | Samsung Electronics Co., Ltd. | Power saving for low latency deterministic networks in wireless personal area networks |
| GB2512595A (en) * | 2013-04-02 | 2014-10-08 | Mastercard International Inc | Integrated contactless mpos implementation |
| US9386104B2 (en) * | 2013-08-22 | 2016-07-05 | Juniper Networks Inc. | Preventing extraction of secret information over a compromised encrypted connection |
| US9722801B2 (en) * | 2013-09-30 | 2017-08-01 | Juniper Networks, Inc. | Detecting and preventing man-in-the-middle attacks on an encrypted connection |
| CN106031120B (zh) * | 2014-02-18 | 2019-08-02 | 诺基亚技术有限公司 | 密钥管理 |
| CN104883677B (zh) * | 2014-02-28 | 2018-09-18 | 阿里巴巴集团控股有限公司 | 一种近场通讯设备间通讯的连接方法、装置和系统 |
| KR102144509B1 (ko) * | 2014-03-06 | 2020-08-14 | 삼성전자주식회사 | 근접 통신 방법 및 장치 |
| WO2015158613A1 (en) * | 2014-04-15 | 2015-10-22 | Koninklijke Philips N.V. | Method and apparatus for controlling handshake in a packet transmission network |
| US9258117B1 (en) | 2014-06-26 | 2016-02-09 | Amazon Technologies, Inc. | Mutual authentication with symmetric secrets and signatures |
| US10567434B1 (en) | 2014-09-10 | 2020-02-18 | Amazon Technologies, Inc. | Communication channel security enhancements |
| US10374800B1 (en) * | 2014-09-10 | 2019-08-06 | Amazon Technologies, Inc. | Cryptography algorithm hopping |
| US9923923B1 (en) | 2014-09-10 | 2018-03-20 | Amazon Technologies, Inc. | Secure transport channel using multiple cipher suites |
| GB201506045D0 (en) * | 2015-04-09 | 2015-05-27 | Vodafone Ip Licensing Ltd | SIM security |
| JP6471039B2 (ja) * | 2015-05-18 | 2019-02-13 | 株式会社Nttドコモ | 無線通信システムおよび無線端末 |
| US10122692B2 (en) | 2015-06-16 | 2018-11-06 | Amazon Technologies, Inc. | Handshake offload |
| US10122689B2 (en) | 2015-06-16 | 2018-11-06 | Amazon Technologies, Inc. | Load balancing with handshake offload |
| US9900160B1 (en) | 2015-12-03 | 2018-02-20 | Amazon Technologies, Inc. | Asymmetric session credentials |
| US10277569B1 (en) * | 2015-12-03 | 2019-04-30 | Amazon Technologies, Inc. | Cross-region cache of regional sessions |
| US10182044B1 (en) | 2015-12-03 | 2019-01-15 | Amazon Technologies, Inc. | Personalizing global session identifiers |
| US9894067B1 (en) | 2015-12-03 | 2018-02-13 | Amazon Technologies, Inc. | Cross-region roles |
| CN105656624A (zh) * | 2016-02-29 | 2016-06-08 | 浪潮(北京)电子信息产业有限公司 | 一种客户端、服务器、数据传输方法与系统 |
| US10129229B1 (en) * | 2016-08-15 | 2018-11-13 | Wickr Inc. | Peer validation |
| US11095619B2 (en) * | 2017-07-31 | 2021-08-17 | Cisco Technology, Inc. | Information exchange for secure communication |
| US11316841B2 (en) * | 2019-03-25 | 2022-04-26 | Micron Technology, Inc. | Secure communication between an intermediary device and a network |
| US11641275B2 (en) * | 2019-12-11 | 2023-05-02 | LendingClub Bank, National Association | Encryption key rotation framework |
| US12132729B2 (en) * | 2020-09-29 | 2024-10-29 | Schneider Electric USA, Inc. | Management of setting change propagation in networked devices |
| US11941266B2 (en) | 2021-10-20 | 2024-03-26 | Samsung Electronics Co., Ltd. | Resource isolation in computational storage devices |
| EP4184863A1 (en) * | 2021-11-23 | 2023-05-24 | Nagravision Sàrl | Providing secure internet access to a client device in a remote location |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EA007089B1 (ru) * | 2002-07-18 | 2006-06-30 | Еориджинал Инк. | Система и способ для передачи, хранения и извлечения аутентифицированных документов |
| EA200501605A1 (ru) * | 2005-11-11 | 2007-04-27 | Фонд Сопровождения Инвестиционных Проектов "Генкей" | Способ и устройство получения и хранения личного цифрового сертификата и способ защищенного обмена цифровой информацией |
| RU2300845C2 (ru) * | 2002-09-17 | 2007-06-10 | Эррикос ПИТСОС | Способ и системы для обеспечения безопасного распределения данных через сети общего пользования |
Family Cites Families (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6769060B1 (en) * | 2000-10-25 | 2004-07-27 | Ericsson Inc. | Method of bilateral identity authentication |
| EP1423796A1 (en) * | 2001-08-09 | 2004-06-02 | Gigamedia Access Corporation | Hybrid system architecture for secure peer-to-peer-communication |
| US7181620B1 (en) * | 2001-11-09 | 2007-02-20 | Cisco Technology, Inc. | Method and apparatus providing secure initialization of network devices using a cryptographic key distribution approach |
| US7127613B2 (en) * | 2002-02-25 | 2006-10-24 | Sun Microsystems, Inc. | Secured peer-to-peer network data exchange |
| CN1663168B (zh) | 2002-04-26 | 2010-06-16 | 汤姆森许可公司 | 接入网之间互配中可传递的认证、授权和记帐 |
| US7240366B2 (en) * | 2002-05-17 | 2007-07-03 | Microsoft Corporation | End-to-end authentication of session initiation protocol messages using certificates |
| US7386878B2 (en) * | 2002-08-14 | 2008-06-10 | Microsoft Corporation | Authenticating peer-to-peer connections |
| US7392375B2 (en) * | 2002-09-18 | 2008-06-24 | Colligo Networks, Inc. | Peer-to-peer authentication for real-time collaboration |
| CN1838590B (zh) * | 2005-03-21 | 2011-01-19 | 松下电器产业株式会社 | 在会话起始协议信号过程提供因特网密钥交换的方法及系统 |
| US7996675B2 (en) * | 2005-06-17 | 2011-08-09 | Telefonaktiebolaget Lm Ericsson (Publ) | Host identity protocol method and apparatus |
| JP2007336396A (ja) * | 2006-06-16 | 2007-12-27 | Brother Ind Ltd | コンテンツ配信システム、コンテンツ配信方法、端末装置及びそのプログラム |
| US20080077976A1 (en) | 2006-09-27 | 2008-03-27 | Rockwell Automation Technologies, Inc. | Cryptographic authentication protocol |
| EP1916816A1 (en) | 2006-10-26 | 2008-04-30 | Alcatel Lucent | Method and devices to establish a public communication session |
| CN101465725A (zh) | 2007-12-18 | 2009-06-24 | 中国电子科技集团公司第五十研究所 | 一种基于身份的公钥系统的密钥分配方法 |
| US8458776B2 (en) | 2009-10-21 | 2013-06-04 | Microsoft Corporation | Low-latency peer session establishment |
-
2009
- 2009-10-21 US US12/603,401 patent/US8458776B2/en not_active Expired - Fee Related
-
2010
- 2010-09-24 JP JP2012535215A patent/JP5650230B2/ja not_active Expired - Fee Related
- 2010-09-24 KR KR1020127010092A patent/KR101786132B1/ko not_active Expired - Fee Related
- 2010-09-24 RU RU2012116131/08A patent/RU2542911C2/ru not_active IP Right Cessation
- 2010-09-24 WO PCT/US2010/050282 patent/WO2011049712A2/en not_active Ceased
- 2010-09-24 EP EP10825382.4A patent/EP2491672B1/en not_active Not-in-force
- 2010-09-24 CN CN201080047316.6A patent/CN102577230B/zh not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EA007089B1 (ru) * | 2002-07-18 | 2006-06-30 | Еориджинал Инк. | Система и способ для передачи, хранения и извлечения аутентифицированных документов |
| RU2300845C2 (ru) * | 2002-09-17 | 2007-06-10 | Эррикос ПИТСОС | Способ и системы для обеспечения безопасного распределения данных через сети общего пользования |
| EA200501605A1 (ru) * | 2005-11-11 | 2007-04-27 | Фонд Сопровождения Инвестиционных Проектов "Генкей" | Способ и устройство получения и хранения личного цифрового сертификата и способ защищенного обмена цифровой информацией |
Also Published As
| Publication number | Publication date |
|---|---|
| KR20120099649A (ko) | 2012-09-11 |
| RU2012116131A (ru) | 2013-10-27 |
| CN102577230A (zh) | 2012-07-11 |
| US8458776B2 (en) | 2013-06-04 |
| WO2011049712A2 (en) | 2011-04-28 |
| US20110093710A1 (en) | 2011-04-21 |
| KR101786132B1 (ko) | 2017-10-16 |
| EP2491672B1 (en) | 2018-10-24 |
| JP5650230B2 (ja) | 2015-01-07 |
| EP2491672A4 (en) | 2013-03-27 |
| WO2011049712A3 (en) | 2011-08-18 |
| CN102577230B (zh) | 2013-05-01 |
| EP2491672A2 (en) | 2012-08-29 |
| JP2013509089A (ja) | 2013-03-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| RU2542911C2 (ru) | Установление однорангового сеанса с малым временем ожидания | |
| US11451614B2 (en) | Cloud authenticated offline file sharing | |
| CN105993146B (zh) | 用于与客户端设备建立安全会话的方法和装置 | |
| RU2297037C2 (ru) | Управление защищенной линией связи в динамических сетях | |
| US9722972B2 (en) | Methods and apparatuses for secure communication | |
| US9237133B2 (en) | Detecting matched cloud infrastructure connections for secure off-channel secret generation | |
| US8418242B2 (en) | Method, system, and device for negotiating SA on IPv6 network | |
| EP3065334A1 (en) | Key configuration method, system and apparatus | |
| US20120284506A1 (en) | Methods and apparatus for preventing crimeware attacks | |
| EP3205048B1 (en) | Generating a symmetric encryption key | |
| JP2017521934A (ja) | クライアントとサーバとの間の相互検証の方法 | |
| CN114553480B (zh) | 跨域单点登录方法、装置、电子设备及可读存储介质 | |
| KR20170032374A (ko) | 데이터 처리 방법 및 장치 | |
| EP3639498A1 (en) | Certificate pinning in highly secure network environments using public key certificates obtained from a dhcp (dynamic host configuration protocol) server | |
| HK1215335A1 (zh) | 针对受约束资源设备的密钥建立 | |
| CN110635901A (zh) | 用于物联网设备的本地蓝牙动态认证方法和系统 | |
| JP2022539458A (ja) | エンティティに参加するためにネットワーク識別子を使用してブロックチェーンに関連するトランザクションを実現するためのコンピュータ実施システム及び方法 | |
| SE540133C2 (en) | Improved system for establishing a secure communication channel | |
| US11689517B2 (en) | Method for distributed application segmentation through authorization | |
| WO2012166669A2 (en) | Methods and apparatus for preventing crimeware attacks | |
| WO2021064978A1 (ja) | 端末、サーバ、方法及びプログラム | |
| JP2005244573A (ja) | ネットワーク接続機器、ネットワーク接続方法、ネットワーク接続用プログラムおよびそのプログラムを記憶した記憶媒体 |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PC41 | Official registration of the transfer of exclusive right |
Effective date: 20150410 |
|
| MM4A | The patent is invalid due to non-payment of fees |
Effective date: 20190925 |