WO2005086452A1 - Key-based encryption - Google Patents

Key-based encryption Download PDF

Info

Publication number
WO2005086452A1
WO2005086452A1 PCT/EP2005/050895 EP2005050895W WO2005086452A1 WO 2005086452 A1 WO2005086452 A1 WO 2005086452A1 EP 2005050895 W EP2005050895 W EP 2005050895W WO 2005086452 A1 WO2005086452 A1 WO 2005086452A1
Authority
WO
WIPO (PCT)
Prior art keywords
determining
idle
communications link
entity
secret key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/EP2005/050895
Other languages
English (en)
French (fr)
Inventor
Richard Michael Wyn Harran
Michael Horan
Jonathan Rumsey
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
IBM United Kingdom Ltd
International Business Machines Corp
Original Assignee
IBM United Kingdom Ltd
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by IBM United Kingdom Ltd, International Business Machines Corp filed Critical IBM United Kingdom Ltd
Priority to US10/598,509 priority Critical patent/US7649998B2/en
Priority to AT05729606T priority patent/ATE437517T1/de
Priority to JP2007502329A priority patent/JP4591897B2/ja
Priority to EP05729606A priority patent/EP1726144B1/en
Priority to CA2558353A priority patent/CA2558353C/en
Priority to DE602005015560T priority patent/DE602005015560D1/de
Publication of WO2005086452A1 publication Critical patent/WO2005086452A1/en
Priority to IL177796A priority patent/IL177796A/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/166Implementing security features at a particular protocol layer at the transport layer
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Definitions

  • Figure la illustrates a client-server component diagram in accordance with a preferred embodiment of the present invention.
  • this data is encrypted with the current secret key and is sent (not shown). It is determined via byte measurer 50 (step 150) whether a pre-configured number of bytes have been sent. If the answer is no, then the process loop round to step 120 to see whether there is more data to be flowed.
  • spoof data sent after a period of idleness preferably causes the server to terminate the connection with the client.
  • the client can then choose to resume its connection with the server and has to re-authenticate and re-negotiate prior to sending any more data to the server.
  • the timing between heartbeats (when more than one is sent on an idle link) is preferably constant. If random timing is used between each heartbeat message, then it would not be possible to predict when a hearbeat was overdue (quite possibly consumed by a hacker).
  • One of the two ends is preferably specified as being responsible for sending heartbeats (i.e. after no data has flowed in either direction for at least a predetermined amount of time). Heartbeats and responses thereto are thus used to determine the presence of both ends.
  • the byte count used is preferably the sum total of all data sent over the communications link during a particular time period - i.e. includes data sent by both ends.
  • one end keeps track of the byte count and the idleness of the link and informs the other end when either of the two thresholds are met.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Storage Device Security (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
  • Lock And Its Accessories (AREA)
  • Reverberation, Karaoke And Other Acoustics (AREA)
  • Computer And Data Communications (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Small-Scale Networks (AREA)
PCT/EP2005/050895 2004-03-09 2005-03-01 Key-based encryption Ceased WO2005086452A1 (en)

Priority Applications (7)

Application Number Priority Date Filing Date Title
US10/598,509 US7649998B2 (en) 2004-03-09 2005-03-01 Facilitating secure data communications that use key-based encryption
AT05729606T ATE437517T1 (de) 2004-03-09 2005-03-01 Sclüsselbasierte verschlüsselung
JP2007502329A JP4591897B2 (ja) 2004-03-09 2005-03-01 鍵ベースの暗号化
EP05729606A EP1726144B1 (en) 2004-03-09 2005-03-01 Key-based encryption
CA2558353A CA2558353C (en) 2004-03-09 2005-03-01 Key-based encryption
DE602005015560T DE602005015560D1 (de) 2004-03-09 2005-03-01 Sclüsselbasierte verschlüsselung
IL177796A IL177796A (en) 2004-03-09 2006-08-31 Key-based encryption

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB0405245.2 2004-03-09
GBGB0405245.2A GB0405245D0 (en) 2004-03-09 2004-03-09 Key-based encryption

Publications (1)

Publication Number Publication Date
WO2005086452A1 true WO2005086452A1 (en) 2005-09-15

Family

ID=32117297

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2005/050895 Ceased WO2005086452A1 (en) 2004-03-09 2005-03-01 Key-based encryption

Country Status (11)

Country Link
US (1) US7649998B2 (enExample)
EP (1) EP1726144B1 (enExample)
JP (1) JP4591897B2 (enExample)
KR (1) KR101013268B1 (enExample)
CN (1) CN100571269C (enExample)
AT (1) ATE437517T1 (enExample)
CA (1) CA2558353C (enExample)
DE (1) DE602005015560D1 (enExample)
GB (1) GB0405245D0 (enExample)
IL (1) IL177796A (enExample)
WO (1) WO2005086452A1 (enExample)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007097081A (ja) * 2005-09-30 2007-04-12 Hitachi Ltd 暗号通信装置および暗号通信方法
JP2013149261A (ja) * 2007-03-30 2013-08-01 Nec Corp ユーザ認証制御装置、ユーザ認証装置、データ処理装置、及びユーザ認証制御方法等
WO2016067473A1 (ja) * 2014-10-31 2016-05-06 富士通株式会社 セキュリティシステム及びコンピュータ機器間の通信方法

Families Citing this family (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4699099B2 (ja) * 2005-06-14 2011-06-08 富士通株式会社 通信制御装置および通信制御方法
US8280359B2 (en) 2006-05-25 2012-10-02 Celltrust Corporation Methods of authorizing actions
US8225380B2 (en) 2006-05-25 2012-07-17 Celltrust Corporation Methods to authenticate access and alarm as to proximity to location
US9572033B2 (en) 2006-05-25 2017-02-14 Celltrust Corporation Systems and methods for encrypted mobile voice communications
US9848081B2 (en) 2006-05-25 2017-12-19 Celltrust Corporation Dissemination of real estate information through text messaging
US8260274B2 (en) 2006-05-25 2012-09-04 Celltrust Corporation Extraction of information from e-mails and delivery to mobile phones, system and method
AU2007267898B2 (en) 2006-05-25 2012-06-14 Celltrust Corporation Secure mobile information management system and method
US8965416B2 (en) 2006-05-25 2015-02-24 Celltrust Corporation Distribution of lottery tickets through mobile devices
US20070297609A1 (en) * 2006-06-23 2007-12-27 Research In Motion Limited Secure Wireless HeartBeat
US20080214111A1 (en) * 2007-03-02 2008-09-04 Celltrust Corporation Lost phone alarm system and method
US8131994B2 (en) 2007-06-01 2012-03-06 Cisco Technology, Inc. Dual cryptographic keying
CN102037708A (zh) * 2008-03-28 2011-04-27 赛尔特拉斯特公司 用于保护短消息服务和多媒体消息服务的系统和方法
US8331568B2 (en) * 2009-05-28 2012-12-11 Microsoft Corporation Efficient distribution of computation in key agreement
JP4886833B2 (ja) * 2009-10-27 2012-02-29 シャープ株式会社 複合機制御システム
US8190879B2 (en) * 2009-12-17 2012-05-29 Cisco Technology, Inc. Graceful conversion of a security to a non-security transparent proxy
US9088609B2 (en) * 2009-12-24 2015-07-21 International Business Machines Corporation Logical partition media access control impostor detector
US10015286B1 (en) 2010-06-23 2018-07-03 F5 Networks, Inc. System and method for proxying HTTP single sign on across network domains
US9537899B2 (en) * 2012-02-29 2017-01-03 Microsoft Technology Licensing, Llc Dynamic selection of security protocol
US9106405B1 (en) * 2012-06-25 2015-08-11 Amazon Technologies, Inc. Multi-user secret decay
US10789594B2 (en) 2013-01-31 2020-09-29 Moshir Vantures, Limited, LLC Method and system to intelligently assess and mitigate security risks on a mobile device
US9584492B2 (en) * 2014-06-23 2017-02-28 Vmware, Inc. Cryptographic proxy service
US9942203B2 (en) 2015-03-30 2018-04-10 International Business Machines Corporation Enhanced security when sending asynchronous messages
US10419211B1 (en) * 2015-11-30 2019-09-17 Cisco Technology, Inc. Hash-based key distribution
US11086704B2 (en) * 2017-04-28 2021-08-10 Honeywell International Inc. Inferred detection of data replication errors of source applications by enterprise applications
EP3871364A4 (en) * 2018-10-23 2022-06-08 Nokia Technologies OY PHYSICAL ATTACK TESTING METHOD AND DEVICE

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0999673A2 (en) * 1998-11-02 2000-05-10 Nortel Networks Corporation Protected keep alive message through the internet

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS5856552A (ja) * 1981-09-30 1983-04-04 Fujitsu Ltd 通信路での盗聴検出方式
JPH02164154A (ja) * 1988-12-19 1990-06-25 Oki Electric Ind Co Ltd 鍵送信方式
GB2241851A (en) * 1990-03-09 1991-09-11 Philips Electronic Associated Optimising transmitter power in a communications system
JPH053478A (ja) * 1991-06-25 1993-01-08 Nissan Motor Co Ltd 多重通信制御装置
JP3050665B2 (ja) * 1991-10-15 2000-06-12 古河電気工業株式会社 多重伝送方式
JP2786092B2 (ja) * 1993-10-18 1998-08-13 日本電気株式会社 移動通信端末認証方式
JPH09269727A (ja) * 1996-03-29 1997-10-14 Toshiba Corp 暗号化方法および暗号化装置
JPH11313077A (ja) * 1998-04-30 1999-11-09 Hitachi Ltd 通信用lsi及びatm装置
US6928551B1 (en) * 1999-10-29 2005-08-09 Lockheed Martin Corporation Method and apparatus for selectively denying access to encoded data
US6795555B1 (en) * 1999-12-30 2004-09-21 Nortel Networks Limited Encryption key exchange protocol
US6976071B1 (en) * 2000-05-03 2005-12-13 Nortel Networks Limited Detecting if a secure link is alive
US7127742B2 (en) * 2001-01-24 2006-10-24 Microsoft Corporation Establishing a secure connection with a private corporate network over a public network
WO2003036857A1 (en) * 2001-10-24 2003-05-01 Nokia Corporation Ciphering as a part of the multicast cencept
JP2003348070A (ja) * 2002-05-29 2003-12-05 Hitachi Ltd 機密化通信方法およびそれに用いるノード装置
US7370194B2 (en) * 2002-06-10 2008-05-06 Microsoft Corporation Security gateway for online console-based gaming
US20040078601A1 (en) * 2002-08-02 2004-04-22 Chris Tengwall System and method for operating a wireless device network
US6956846B2 (en) * 2002-08-16 2005-10-18 Utstarcom Incorporated System and method for foreign agent control node redundancy in a mobile internet protocol network
US7181016B2 (en) * 2003-01-27 2007-02-20 Microsoft Corporation Deriving a symmetric key from an asymmetric key for file encryption or decryption
US20050025315A1 (en) * 2003-07-31 2005-02-03 Kreitzer Stuart S. Method and apparatus for secure communications among portable communication devices

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0999673A2 (en) * 1998-11-02 2000-05-10 Nortel Networks Corporation Protected keep alive message through the internet

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
MRAZ R: "Secure blue: an architecture for a scalable, reliable high volume SSL internet server", COMPUTER SECURITY APPLICATIONS CONFERENCE, 2001. ACSAC 2001. PROCEEDINGS 17TH ANNUAL 10-14 DEC 2001, PISCATAWAY, NJ, USA,IEEE, 10 December 2001 (2001-12-10), pages 391 - 398, XP010584923, ISBN: 0-7695-1405-7 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007097081A (ja) * 2005-09-30 2007-04-12 Hitachi Ltd 暗号通信装置および暗号通信方法
JP2013149261A (ja) * 2007-03-30 2013-08-01 Nec Corp ユーザ認証制御装置、ユーザ認証装置、データ処理装置、及びユーザ認証制御方法等
JP2014167822A (ja) * 2007-03-30 2014-09-11 Nec Corp ユーザ認証制御装置、ユーザ認証装置、データ処理装置、及びユーザ認証制御方法等
WO2016067473A1 (ja) * 2014-10-31 2016-05-06 富士通株式会社 セキュリティシステム及びコンピュータ機器間の通信方法

Also Published As

Publication number Publication date
IL177796A0 (en) 2006-12-31
EP1726144B1 (en) 2009-07-22
JP4591897B2 (ja) 2010-12-01
US20070263874A1 (en) 2007-11-15
US7649998B2 (en) 2010-01-19
CA2558353C (en) 2011-08-02
KR101013268B1 (ko) 2011-02-09
EP1726144A1 (en) 2006-11-29
CN100571269C (zh) 2009-12-16
JP2007528172A (ja) 2007-10-04
GB0405245D0 (en) 2004-04-21
DE602005015560D1 (de) 2009-09-03
IL177796A (en) 2010-12-30
ATE437517T1 (de) 2009-08-15
CA2558353A1 (en) 2005-09-15
KR20070003862A (ko) 2007-01-05
CN1914882A (zh) 2007-02-14

Similar Documents

Publication Publication Date Title
EP1726144B1 (en) Key-based encryption
CN111756529B (zh) 一种量子会话密钥分发方法及系统
Aiello et al. Efficient, DoS-resistant, secure key exchange for internet protocols
JP4959750B2 (ja) トランスコーディング・プロキシでの複数の起点サーバへの動的接続
JP4847322B2 (ja) 二重要素認証されたキー交換方法及びこれを利用した認証方法とその方法を含むプログラムが貯蔵された記録媒体
CA2446304C (en) Use and generation of a session key in a secure socket layer connection
US7584505B2 (en) Inspected secure communication protocol
CN1685687B (zh) 确定目标节点对于源节点的邻近性的方法
CN1708003B (zh) 重新使用会话密钥安全通信的方法和设备
WO2006032214A1 (en) Method for realizng transmission of syncml synchronous data
EP2056546A1 (en) Proxy Authentication Server
JP2004535004A (ja) 通信セッションを介したユーザの認証
WO2013128470A1 (en) Authentication and secured information exchange system, and method therefor
WO1998032254A1 (en) Security process for public networks
WO2002033884A2 (en) Method and apparatus for providing a key distribution center
EP1746802A2 (en) User authentication in connection with a security protocol
CN105359480A (zh) 针对受约束资源设备的密钥建立
CN116848822A (zh) 用于提供针对通信的安全水平的方法和设备
CN118174921A (zh) 基于国密算法并支持双向鉴权的多因素ssh登录认证方法
CN116886288A (zh) 一种量子会话密钥分发方法及装置
CN103986716A (zh) Ssl连接的建立方法以及基于ssl连接的通信方法及装置
CN112822015B (zh) 信息传输方法及相关装置
JP2004274134A (ja) 通信方法並びにこの通信方法を用いた通信システム、サーバおよびクライアント
JP2002328905A (ja) クライアント認証方法及び認証装置並びにプログラム及び記録媒体
lei Zhang Three attacks in SSL protocol and their solutions

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 200580003636.0

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 1020067016526

Country of ref document: KR

WWE Wipo information: entry into national phase

Ref document number: 177796

Country of ref document: IL

Ref document number: 2558353

Country of ref document: CA

WWE Wipo information: entry into national phase

Ref document number: 2007502329

Country of ref document: JP

NENP Non-entry into the national phase

Ref country code: DE

WWW Wipo information: withdrawn in national office

Ref document number: DE

WWE Wipo information: entry into national phase

Ref document number: 2005729606

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 3737/CHENP/2006

Country of ref document: IN

WWP Wipo information: published in national office

Ref document number: 2005729606

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1020067016526

Country of ref document: KR

WWE Wipo information: entry into national phase

Ref document number: 10598509

Country of ref document: US

WWP Wipo information: published in national office

Ref document number: 10598509

Country of ref document: US