System for Efficiently Handling Cryptographic Messages Containing Nonce Values in a Wireless Connectionless Environment
4 Assignments
0 Petitions
Accused Products
Abstract
A system for determining the validity of a received cryptographic message while ensuring for out-of-order messages is utilized to provide for secure communications among peers in a network. In particular, a secure communication module may be configured to accept the cryptographic message in response to a received nonce value of the received message is greater than the largest nonce value yet seen, the secure communication module may be configured to compare the received nonce value with a nonce value acceptance window. If the received nonce value falls outside the nonce acceptance window, the secure communication module may be further configured to reject the received message and assume that a replay attack has been detected. If the received nonce value fails within the nonce acceptance window, the secure communication module may be further configured to determine if the received nonce value has been seen before by comparing the received nonce value with a replay window mask. If the received nonce has been seen before, the secure communication module may be further configured to reject the received message and assume a replay attack. Otherwise, the secure communication module may be further configured to accept the message and add the received nonce value to the replay window mask.
-
Citations
55 Claims
-
1-43. -43. (canceled)
-
44. A method of detecting a replay attack in a secure communication, comprising:
-
accepting a cryptographic message in response to a received nonce value of a received message being greater than a largest nonce value yet seen, and otherwise comparing said received nonce value with a nonce acceptance window when said received nonce value is not a largest nonce value yet seen; determining if said received nonce value has been seen before, when said received nonce value falls within said nonce acceptance window, otherwise, when said received nonce value falls outside said nonce acceptance window, rejecting said received message and indicating detection of a replay attack; and rejecting said received message and indicating detection of said replay attack, when said received nonce has been seen before, otherwise, when said received nonce has not been seen before, accepting said received message and adding said received nonce value to a replay window mask. - View Dependent Claims (45, 46, 47, 48, 49)
-
-
50. Apparatus for detecting a replay attack in a secure communication, comprising:
-
means for accepting a cryptographic message in response to a received nonce value of a received message being greater than a largest nonce value yet seen, and otherwise for comparing said received nonce value with a nonce acceptance window when said received nonce value is not a largest nonce value yet seen; means for determining if said received nonce value has been seen before, when said received nonce value falls within said nonce acceptance window, otherwise, when said received nonce value falls outside said nonce acceptance window, for rejecting said received message and indicating detection of a replay attack; and means for rejecting said received message and indicating detection of said replay attack, when said received nonce has been seen before, otherwise, when said received nonce has not been seen before, for accepting said received message and adding said received nonce value to a replay window mask. - View Dependent Claims (51, 52, 53, 54, 55)
-
Specification