Encrypted virtual terminal equipment having initialization device for preventing reply attack

US 5,384,848 A
Filed: 08/31/1993
Issued: 01/24/1995
Est. Priority Date: 03/11/1993
Status: Expired due to Term

First Claim

Patent Images

1. An apparatus which encrypts data transferred through a network during a session between a client terminal and a server, wherein a channel establishment command is issued to start the session, the apparatus comprising:

a client terminal which issues the channel establishment command and comprises;

a first encryption device, connected to the network, which is initialized at the start of the session and encrypts data to be transferred from the client terminal to the network during the session, anda first decryption device, connected to the network, which is initialized at the start of the session, receives encrypted data from the network during the session and decrypts the received encrypted data; and

a server which is responsive to the channel establishment command issued by the client terminal so that the server communicates with the client terminal through the network during the session, the server comprising;

a second encryption device, connected to the network, which is initialized at the start of the session and encrypts data to be transferred from the server to the network during the session,a second decryption device, connected to the network, which is initialized at the start of the session, receives encrypted data from the network during the session and decrypts the received encrypted data, anda random data generator which generates random data in response to the issuance of the channel establishment command by the client terminal, the random data being used to initialize the first and second encryption devices and the first and second decryption devices.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus which encrypts data transferred through a network during a session between a client terminal and a server. The client terminal issues a channel establishment command to start the session and includes a first encryption device and a first decryption device which are both initialized at the start of the session. A server is responsive to the channel establishment command so that the server communicates with the client terminal through the network during the session. The server includes a second encryption device and a second decryption device which are initialized at the start of the session. The server also includes a random data generator which generates random data in response to the issuance of the channel establishment command by the client terminal. The random data is used to initialize the first and second encryption devices and the first and second decryption devices and to set the encryption for the session.

96 Citations

View as Search Results

8 Claims

1. An apparatus which encrypts data transferred through a network during a session between a client terminal and a server, wherein a channel establishment command is issued to start the session, the apparatus comprising:
- a client terminal which issues the channel establishment command and comprises;
  
  a first encryption device, connected to the network, which is initialized at the start of the session and encrypts data to be transferred from the client terminal to the network during the session, anda first decryption device, connected to the network, which is initialized at the start of the session, receives encrypted data from the network during the session and decrypts the received encrypted data; and
  
  a server which is responsive to the channel establishment command issued by the client terminal so that the server communicates with the client terminal through the network during the session, the server comprising;
  
  a second encryption device, connected to the network, which is initialized at the start of the session and encrypts data to be transferred from the server to the network during the session,a second decryption device, connected to the network, which is initialized at the start of the session, receives encrypted data from the network during the session and decrypts the received encrypted data, anda random data generator which generates random data in response to the issuance of the channel establishment command by the client terminal, the random data being used to initialize the first and second encryption devices and the first and second decryption devices.
- View Dependent Claims (2)
- - 2. An apparatus as in claim 1, wherein the random data is always generated by the server and is not generated by the client terminal, different random data being generated for each session and the first and second encryption devices and the first and second decryption devices are initialized for each session based on random data generated for the respective session, thereby preventing reply attacks by false users.

3. An apparatus which encrypts data transferred through a network during a session between a client terminal and a server, wherein a channel establishment command is issued to start the session, the apparatus comprising:
- a client terminal which issues the channel establishment command and comprises;
  
  a first encryption device, connected to the network, which is initialized at the start of the session and encrypts data to be transferred from the client terminal to the network during the session, anda first decryption device, connected to the network, which is initialized at the start of the session, receives encrypted data from the network during the session and decrypts the received encrypted data; and
  
  a server which is responsive to the channel establishment command issued by the client terminal so that the server communicates with the client terminal through the network during the session, the server comprising;
  
  a second encryption device, connected to the network, which is initialized at the start of the session and encrypts data to be transferred from the server to the network during the session,a second decryption device, connected to the network, which is initialized at the start of the session, receives encrypted data from the network during the session and decrypts the received encrypted data, anda random data generator which generates random data in response to the issuance of the channel establishment command by the client terminal, the random data being used to initialize the first and second encryption devices and to set the encryption for the session.
- View Dependent Claims (4, 5, 6, 7, 8)
- - 4. An apparatus as in claim 3, wherein different random data is generated for each session and the encryption by the first and second encryption devices and decryption by the first and second decryption devices for a respective session is based on the random data generated for the respective session, thereby creating different encryption for each session.
  - 5. An apparatus as in claim 3, wherein the server transmits the random data to the network and the client terminal further comprises:
    - a receiving unit which receives the random data from the network; and
      
      an initializing unit which initializes the first encryption device and the first decryption device in accordance with the received random data.
  - 6. An apparatus as in claim 3, wherein the client terminal further comprises a telnet unit which allows a user to communicate with the network via the telnet unit.
  - 7. An apparatus as in claim 3, wherein the server further comprises:
    - a transmitting unit which transmits random data from the random number generator unit to the client terminal via the network; and
      
      an initialization unit which initializes the second encryption device and the second decryption device in accordance with the random data.
  - 8. An apparatus as in claim 3, wherein the server further comprises a telnet unit which allows an external computer to communicate with the network via the telnet unit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fujitsu Limited
Original Assignee
Fujitsu Limited
Inventors
Kikuchi, Hiroaki
Primary Examiner(s)
CANGIALOSI, SALVATORE A

Application Number

US08/113,909
Time in Patent Office

511 Days
Field of Search

380/46, 380/48, 380/49
US Class Current

713/155
CPC Class Codes

H04L 9/002   Countermeasures against att...

H04L 9/0662   with particular pseudorando...

H04L 9/0891   Revocation or update of sec...

H04L 9/12   Transmitting and receiving ...

Encrypted virtual terminal equipment having initialization device for preventing reply attack

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

96 Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

Encrypted virtual terminal equipment having initialization device for preventing reply attack

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

96 Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links