BINDING DIGITALLY SIGNED REQUESTS TO SESSIONS
First Claim
Patent Images
1. A computer-implemented method, comprising:
- receiving, over an established cryptographically protected communications session, a message and a digital signature;
verifying, based at least in part on the message, a cryptographic key obtained outside of the established cryptographically protected communications session, and the digital signature, whether the message was transmitted over the established cryptographically protected communications session; and
indicating whether the message was transmitted over the established cryptographically protected communications session.
1 Assignment
0 Petitions
Accused Products
Abstract
A client establishes an cryptographically protected communications session and determines information usable to distinguish the session from other sessions. The client digitally signs the information using a cryptographic key that is independent of the session to enable a server to check whether the information matches the session that it established and whether the digital signature is correct. The server may perform mitigating operations if either or both of the information or the digital signature is/are invalid.
19 Citations
20 Claims
-
1. A computer-implemented method, comprising:
-
receiving, over an established cryptographically protected communications session, a message and a digital signature; verifying, based at least in part on the message, a cryptographic key obtained outside of the established cryptographically protected communications session, and the digital signature, whether the message was transmitted over the established cryptographically protected communications session; and indicating whether the message was transmitted over the established cryptographically protected communications session. - View Dependent Claims (2, 3, 4)
-
-
5. A system, comprising:
one or more machine-readable mediums having stored thereon a set of instructions, which if performed by one or more processors, cause the system to at least; receive, over an established cryptographically protected communications session, a message and a digital signature; verify, based at least in part on the message, a cryptographic key obtained outside of the established cryptographically protected communications session, and the digital signature, whether the message was transmitted over the established cryptographically protected communications session; and indicate whether the message was transmitted over the established cryptographically protected communications session. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13)
-
14. A non-transitory computer-readable storage medium having stored thereon executable instructions that, if executed by one or more processors of a computer system, cause the computer system to at least:
-
receive, over an established cryptographically protected communications session, a message and a digital signature; verify, based at least in part on the message, a cryptographic key obtained outside of the established cryptographically protected communications session, and the digital signature, whether the message was transmitted over the established cryptographically protected communications session; and indicate whether the message was transmitted over the established cryptographically protected communications session. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification