Peer-to-peer name resolution protocol (PNRP) group security infrastructure and method
First Claim
1. A method of forming a secure peer-to-peer group, comprising the steps of:
- generating a group public/private key pair;
generating a group identification as a hash of the group public key; and
defining group security properties.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for ensuring valid and secure peer-to-peer communications in a group structure. Specifically, the system of the present invention presents a method of ensuring secure peer-to-peer group formation, group member addition, group member eviction, group information distribution, etc. Such functionality may be distributed to the individual peers in the group to further enhance the overall security of the group while enhancing flexibility. The P2P group security allows every peer who is a valid member of the group to invite new members. The recipients of these invitations are then able to contact any member of the group to join the group, not only the inviter. Further, groups may function when the group creator is not online. Likewise, the method allows the creation of secure groups with users from different security domains, relying on their security credentials in those domains for initial authentication.
248 Citations
25 Claims
-
1. A method of forming a secure peer-to-peer group, comprising the steps of:
-
generating a group public/private key pair;
generating a group identification as a hash of the group public key; and
defining group security properties. - View Dependent Claims (2, 3, 4, 5, 6, 7, 22)
-
-
8. In a secure peer-to-peer group having a predefined public/private key pair (PG/KG), a method of inviting a peer to join the group, comprising the steps of:
-
obtaining a public key (PU1) of a peer;
forming a first group membership certificate containing the peer'"'"'s public key (PU1) and a second membership certificate signed with the group private key (KG), the first group membership certificate being signed with a private key of an issuer (KU2); and
sending the group membership certificate to the peer to invite the peer to join the group. - View Dependent Claims (9, 10, 11, 12, 23)
-
-
13. A method of securely joining a peer-to-peer group by a peer having a public and a private key, comprising the steps of:
-
receiving a group invitation containing an invitation certificate having a group ID provided therein;
resolving the group ID to find a member of the group;
sending a connect message to the member containing the invitation certificate signed with the private key;
receiving an accept message from the member containing a group membership certificate signed by a private key of the member; and
receiving a group shared key to enable decryption of group traffic. - View Dependent Claims (14, 15, 16, 17, 24)
-
-
18. A method of securely admitting a peer to a peer-to-peer group, comprising the steps of:
-
receiving a connect message from the peer containing an invitation certificate signed by a private key of the peer;
authenticating the invitation certificate signed by the peer'"'"'s private key; and
when the step of authenticating is successful, sending an accept message to the peer, and sending a group shared key to the peer. - View Dependent Claims (19, 20, 21, 25)
-
Specification