KEY MANAGEMENT IN SECURE NETWORK ENCLAVES

US 20100318800A1
Filed: 06/11/2009
Published: 12/16/2010
Est. Priority Date: 06/11/2009
Status: Active Grant

First Claim

Patent Images

1. A method of operating a computer system to provide secure communications, the computer system comprising a plurality of host devices interconnected by a network and organized into enclaves, and the method comprising:

in each enclave of the plurality of enclaves, providing a plurality of pair-wise enclave keys, the plurality of pair-wise enclave keys comprising, for each of a plurality of pairs of enclaves including the enclave, a pair-wise enclave key;

in at least one processor, for each of a plurality of enclaves, computing for each of a plurality of server devices in the enclave a plurality of server keys, each of the plurality of server keys being computed from a pair-wise enclave key for a pair of enclaves including the enclave of the server;

establishing a security association between a first host device in a first enclave of the plurality of enclaves and a second host device in a second enclave of the plurality of enclaves, the establishing comprising;

with the first host device, generating security parameters of the security association, the security parameters being generated from a selected server key of the plurality of server keys computed for the first host device, the server key comprising a server key computed from a pair-wise enclave key for the first enclave and the second enclave.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A hierarchical key generation and distribution mechanism for a computer system in which devices are organized into secure enclaves. The mechanism enables network access to be tailored to approximate minimum needed privileges for each device. At the lowest level of the hierarchy, keys are used to form security associations between devices. Keys at each level of the hierarchy are generated from keys at a higher level of the hierarchy and key derivation information. Key derivation information is readily ascertainable, either from identifiers for devices or from within messages, supporting hardware offload of cryptographic functions. Because keys may be generated based on the enclaves in which the hosts participating in a security association are located, the system includes a mechanism by which devices can discover the enclave in which they are located.

Citations

20 Claims

1. A method of operating a computer system to provide secure communications, the computer system comprising a plurality of host devices interconnected by a network and organized into enclaves, and the method comprising:
- in each enclave of the plurality of enclaves, providing a plurality of pair-wise enclave keys, the plurality of pair-wise enclave keys comprising, for each of a plurality of pairs of enclaves including the enclave, a pair-wise enclave key;
  
  in at least one processor, for each of a plurality of enclaves, computing for each of a plurality of server devices in the enclave a plurality of server keys, each of the plurality of server keys being computed from a pair-wise enclave key for a pair of enclaves including the enclave of the server;
  
  establishing a security association between a first host device in a first enclave of the plurality of enclaves and a second host device in a second enclave of the plurality of enclaves, the establishing comprising;
  
  with the first host device, generating security parameters of the security association, the security parameters being generated from a selected server key of the plurality of server keys computed for the first host device, the server key comprising a server key computed from a pair-wise enclave key for the first enclave and the second enclave.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein providing a plurality of pair-wise enclave keys in each of the plurality of enclaves comprises generating the plurality of pair-wise enclave keys for each of the plurality of enclaves from a common organization key.
  - 3. The method of claim 2, wherein:
    - the computing system additionally comprises an organization key server; and
      
      the method further comprises;
      
      authenticating a key server in each of the plurality of enclaves to the organization key server; and
      
      providing the plurality of pair-wise enclave keys generated for an enclave to the key server in the enclave in response to the key server being authenticated.
  - 4. The method of claim 1, wherein:
    - establishing the security association further comprises performing a key exchange protocol between the first host device and the second host device.
  - 5. The method of claim 4, further comprising:
    - in network interface hardware of the first host device;
      
      storing the selected server key;
      
      upon receipt of a packet using the security association, generating the security parameters of the security association; and
      
      performing a cryptographic function on the packet using the generated security parameters.
  - 6. The method of claim 5, wherein:
    - the first host device forms a plurality of security associations with other hosts in the computing system;
      
      the method further comprises storing a plurality of server keys, each derived from a pair-wise enclave key, and each associated with a plurality of security associations;
      
      generating the security parameters of the security association upon receipt of a packet using the security association comprises selecting, based on information in the packet, a server key of the plurality of server keys and generating the security parameters with the selected server key and information in the packet.
  - 7. The method of claim 1, wherein:
    - the computing system comprises at least one intermediary device connected in a network path between the first host device and the second host device; and
      
      the method further comprises;
      
      provisioning the intermediary device with a plurality of pair-wise enclave keys;
      
      upon detection of a packet using the security association, generating the security parameters of the security association using a pair-wise enclave key of the plurality of pair-wise enclave keys; and
      
      performing a cryptographic function on the packet using the generated security parameters.
  - 8. The method of claim 7, wherein:
    - each of the plurality of enclaves comprises a key server;
      
      generating a server key for a server
  - 9. The method of claim 8, whereinproviding a plurality of pair-wise enclave keys comprises:
    - providing for each enclave an enclave key; and
      
      interacting over the network among the key servers in each of the plurality of enclaves, the interacting comprising generating, for each of a plurality of pairs of enclaves of the plurality of enclaves, a pair-wise enclave key.

10. A method of operating a computing device to provide secure communications in a computing system, the computing system comprising a plurality of host devices interconnected by a network and organized into enclaves, each enclave comprising at least a host device, the method comprising:
- in a computing device;
  
  detecting a message between a first host in a first enclave and a second host in a second enclave transmitted in accordance with a security association between the first host and the second host;
  
  based on key derivation information in the message and a pair-wise enclave key for the first enclave and the second enclave, generating a security association key;
  
  performing a cryptographic function on the message with the generated security association key.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The method of claim 10, wherein:
    - the computing device comprises network interface hardware; and
      
      the acts of detecting, generating and performing a cryptographic function are performed within the network interface hardware.
  - 12. The method of claim 11, wherein:
    - the network hardware has computer storage media storing a plurality of pair-wise enclave keys; and
      
      the method comprises selecting the pair-wise enclave key from the plurality of pair-wise enclave keys in the computer storage media based on the key derivation information.
  - 13. The method of claim 12, wherein:
    - generating the security association key comprises;
      
      generating a server key from the selected pair-wise enclave key and a server identifier in the key derivation information; and
      
      generating the security association key from the generated server key and an identifier of a security association.
  - 14. The method of claim 13, wherein:
    - generating the server key comprises performing a one way cryptographic operation on the selected pair-wise enclave key and the server identifier in the key derivation information; and
      
      generating the security association key comprises performing a one way cryptographic operation on the generated server key and the identifier of the security association.
  - 15. The method of claim 14, wherein the cryptographic function comprises decrypting the message.

16. A method of operating a computing system to provide secure communications, the computing system comprising a plurality of host devices interconnected by a network and organized into enclaves, and the method comprising:
- for each enclave of the plurality of enclaves, providing a plurality of pair-wise enclave keys; and
  
  establishing a security association between a first host device in a first enclave of the plurality of enclaves and a second host device in a second enclave of the plurality of enclaves, the establishing comprising;
  
  generating a pair-wise enclave key for the first enclave and the second enclave; and
  
  with the first host device, generating security parameters of the security association, the generating comprising;
  
  generating a server key from the pair-wise enclave key and a server identifier associated with the first host;
  
  generating a security association key from the server key and a key derivation value for the security association; and
  
  communicating the security parameters to the second host device.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method of claim 16, wherein:
    - generating the server key comprises performing a one way cryptographic function on the pair-wise enclave key and the server identifier in a key server in the first enclave; and
      
      generating the security association key comprises performing a one way cryptographic function on the server key and the security association.
  - 18. The method of claim 16, further comprising:
    - in tnetwork interface hardware associated with the first host device;
      
      receiving a message from the second host device using the security association, the received message comprising key derivation information;
      
      re-generating the security association parameters using a server key previously generated from the pair-wise enclave key for the first enclave and the second enclave and key derivation information in the message; and
      
      performing a cryptographic function on information in the message using the re-generated security association parameters.
  - 19. The method of claim 18, further comprising:
    - in network interface hardware associated with an intermediary device connected in the network between the first host device and the second host device;
      
      detecting a message from the second host device to the first host using the security association, the detected message comprising key derivation information;
      
      re-generating the security association parameters using the pair-wise enclave key for the first enclave and the second enclave and key derivation information in the message; and
      
      performing a cryptographic function on information in the message using the re-generated security association parameters.
  - 20. The method of claim 16, further comprising:
    - at the first host, receiving a message from the second host, the message comprising a marker indicating that an intermediary device lacks information to monitor messages using the security association; and
      
      in response to the indication, repeating the act of establishing the security association between the first host and the second host.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Swander, Brian D., Simon, Daniel R., Montenegro, Gabriel E., Menezes, Pascal

Granted Patent

US 9,742,560 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/171
CPC Class Codes

H04L 63/0272   Virtual private networks

H04L 63/0428   wherein the data content is...

H04L 63/064   Hierarchical key distributi...

H04L 63/164   at the network layer

H04L 9/0836   using tree structure or hie...

H04L 9/0866   involving user or device id...

H04L 9/0869   involving random numbers or...

H04L 9/3226   using a predetermined code,...

KEY MANAGEMENT IN SECURE NETWORK ENCLAVES

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

KEY MANAGEMENT IN SECURE NETWORK ENCLAVES

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links