EFFICIENT DISTRIBUTION OF COMPUTATION IN KEY AGREEMENT
First Claim
1. A method of participating in communication with a client, the method comprising:
- using a processor to perform acts comprising;
receiving, at a server, a first public key from a client;
choosing a first value;
encrypting said first value with said first public key of said client to produce an encrypted value;
using a key pair of said server to sign (a) said encrypted value, or a second value derived from said encrypted value and (b) data received by said server from said client, or a third value derived from said data, thereby creating a signature;
sending said encrypted value, a second public key of said key pair, and said one or more signatures to said client; and
engaging in encrypted communication with said client using a secret key that comprises, or is derived from, said first value.
2 Assignments
0 Petitions
Accused Products
Abstract
In Transport Layer Security (TLS) or other communication protocols, the load on the server may be lowered by reducing the number of expensive decryption operations that the server has to perform. When a client contacts a server, the client sends the server the client'"'"'s public key. The server chooses a secret value, encrypts the value with the client'"'"'s public key, and sends the encrypted value to the client. When the client decrypts the secret, the server and client share a secret value, which may be used to derive an encryption key for further messages. In many key agreement schemes, the client chooses and encrypts the secret value, and the server recovers the value with an expensive decryption operation. By instead having the server choose the value and send it to the client, an expensive decryption operation is redistributed from the server to the client, thereby freeing server resources.
65 Citations
20 Claims
-
1. A method of participating in communication with a client, the method comprising:
using a processor to perform acts comprising; receiving, at a server, a first public key from a client; choosing a first value; encrypting said first value with said first public key of said client to produce an encrypted value; using a key pair of said server to sign (a) said encrypted value, or a second value derived from said encrypted value and (b) data received by said server from said client, or a third value derived from said data, thereby creating a signature; sending said encrypted value, a second public key of said key pair, and said one or more signatures to said client; and engaging in encrypted communication with said client using a secret key that comprises, or is derived from, said first value. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
9. One or more computer-readable storage media that store executable instructions that, when executed by a computer, cause the computer to perform acts comprising:
-
determining that a public key of a client is to be sent to a server in connection with a key agreement to be performed between said client and said server; sending, to said server, said public key of said client and a request to use a cipher suite in which said server encrypts a value with said public key of said client; receiving, from said server, said value encrypted by said public key; decrypting said value with a private key of said client that corresponds to said public key; and engaging in encrypted communications with said server using a secret key that comprises, or is derived from, said value. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A server for engaging in communication with a client, the server comprising:
-
a processor; a data remembrance component; server software that comprises a plurality of cipher suites, said cipher suites comprising; a first cipher suite that implements a first key agreement protocol in which said server uses said server'"'"'s private key to decrypt an encrypted value received from said client; and a second cipher suite that implements a second key agreement protocol in which said server chooses a value and encrypts said value with said client'"'"'s public key, wherein said server receives, from said client, a public key and a list of cipher suites that said client supports, said list comprising said second cipher suite, wherein said server chooses said value, encrypts said value with the public key received from said client, signs, with said server'"'"'s private key, a message that comprises, or is derived from, (a) the encrypted value, and (b) data received from said client, to create a signature, and sends the encrypted value and said signature to said client. - View Dependent Claims (17, 18, 19, 20)
-
Specification