System and method for enabling secure connections for H.323 VoIP calls
First Claim
1. A method of providing secure signaling connections for packet data network telephony calls comprising:
- prior to call initiation;
sending a secure registration request message containing an encryption technique and public key from a sender gateway over a packet data network to an acceptor gateway;
returning a secure confirmation message containing a digital certificate from the acceptor gateway over the packet data network to the sender gateway; and
conducting encrypted data exchanges between the sender and acceptor gateways over the packet data network using the public key and encryption technique specified in the secure registration request message.
2 Assignments
0 Petitions
Accused Products
Abstract
A method of providing secure signaling connections and media connections for packet data network telephony calls. A secure registration request message containing an encryption technique and public key is sent from an originating gateway 105 over a packet data network 100 to a terminating gateway 105. The terminating gateway 105 returns a secure confirmation message containing a digital certificate over the packet data network 100 to the originating gateway 105. Once registered, further communication between the gateways 105 is encrypted over the packet data network 100 using the public key and encryption technique specified in the secure registration request message. The gateways 105 can be linked to other incompatible networks such as the PSTN 115 or wireless telephony 120 networks in order to provide telephone capability among POTS 125, wireless 130, and IP 140 phones.
123 Citations
24 Claims
-
1. A method of providing secure signaling connections for packet data network telephony calls comprising:
-
prior to call initiation;
sending a secure registration request message containing an encryption technique and public key from a sender gateway over a packet data network to an acceptor gateway;
returning a secure confirmation message containing a digital certificate from the acceptor gateway over the packet data network to the sender gateway; and
conducting encrypted data exchanges between the sender and acceptor gateways over the packet data network using the public key and encryption technique specified in the secure registration request message. - View Dependent Claims (2, 3, 4, 5)
a requestSeqNum parameter to be returned by the acceptor gateway in all messages associated with the secure registration request message;
a protocolIdentifier parameter for identifying the H.225.0 vintage of the sender gateway;
a sendersCertificate parameter containing the digital certificate of the sender gateway; and
a keyExchange parameter containing the encryption algorithm and public key to be used in data exchanges between the sender and acceptor gateways.
-
-
5. The method of claim 1 in which the secure confirmation message is comprised of:
-
a requestSeqNum parameter to be returned by the acceptor gateway in all messages associated with the secure registration request message;
a protocolIdentifier parameter for identifying the H.225.0 vintage of the acceptor gateway; and
an acceptorCertificate parameter containing the digital certificate of the acceptor gateway.
-
-
6. A method of providing secure signaling connections for packet data network telephony calls comprising:
-
prior to call initiation;
in a gateway, receiving a secure registration request message containing an encryption technique and public key over a packet data network from an IP phone;
returning a secure confirmation message containing a digital certificate from the gateway over the packet data network to the IP phone; and
conducting encrypted data exchanges between the IP phone and the gateway over the packet data network using the public key and encryption technique specified in the secure registration request message. - View Dependent Claims (7, 8, 9, 10)
a requestSeqNum parameter to be returned by the gateway in all messages associated with the secure registration request message;
a protocolIdentifier parameter for identifying the H.225.0 vintage of the IP phone;
a sendersCertificate parameter containing the digital certificate of the IP phone;
a keyExchange parameter containing the encryption algorithm and public key to be used in data exchange between the IP phone and gateway; and
a mediaEncryption parameter to determine whether the gateways should encrypt the media.
-
-
10. The method of claim 6 in which the secure confirmation message is comprised of:
-
a requestSeqNum parameter to be returned by the gateway in all messages associated with the secure registration request message;
a protocolIdentifier parameter for identifying the H.225.0 vintage of the gateway;
an acceptorCertificate parameter containing the digital certificate of the gateway; and
a mediaEncryption parameter to determine whether the gateways should encrypt the media.
-
-
11. A gateway for providing secure signaling connections for packet data network telephony calls operating under control of a computer program, said computer program using computer program code comprised of:
-
computer program code operative prior to call initiation and comprising;
computer program code for sending a secure registration request message from a sender gateway over a packet data network to an acceptor gateway, said secure registration request message containing an encryption technique and public key;
computer program code for receiving a secure confirmation message over the packet data network to the sender gateway, said secure confirmation message containing a digital certificate from the acceptor gateway; and
computer program code for conducting encrypted data exchanges between the sender and acceptor gateways over the packet data network using the public key and encryption technique specified in the secure registration request message. - View Dependent Claims (12, 13, 14, 15)
computer program code representing a unique parameter to be returned by the acceptor gateway in all messages associated with the secure registration request message;
computer program code for identifying the H.225.0 vintage of the sender gateway;
computer program code containing a parameter with the digital certificate of the sender gateway; and
computer program code containing the encryption algorithm and public key to be used in data exchanges between the sender and acceptor gateways.
-
-
15. The method of claim 11 in which the secure confirmation message is comprised of:
-
computer program code representing a unique parameter to be returned by the acceptor gateway in all messages associated with the secure registration request message;
computer program code for identifying the H.225.0 vintage of the acceptor gateway; and
computer program code containing a parameter with the digital certificate of the acceptor gateway.
-
-
16. A programmable gateway including computer program code for providing secure signaling connections for packet data network telephony calls comprising:
-
computer program code operative prior to call initiation and comprising;
computer program code for receiving secure registration request message containing an encryption technique and public key over packet data network from an IP phone;
computer program code for returning a secure confirmation message containing a digital certificate over the packet data network to the IP phone; and
computer program code for conducting encrypted data exchanges with the IP phone over the packet data network using the public key and encryption technique specified in the secure registration request message.
-
-
17. A gateway for providing secure signaling and media connections for packet data network telephony calls operating under control of a computer program, said computer program using computer program code comprised of:
-
computer program code operative prior to call initiation and comprising;
computer program code for sending a secure registration request message from a sender gateway over a packet data network to an acceptor gateway, said secure registration request message containing an encryption technique and public key;
computer program code for receiving secure confirmation message over the packet data network to the sender gateway, said secure confirmation message containing a digital certificate from the acceptor gateway; and
computer program code for conducting encrypted data and media exchanges between the sender and acceptor gateways over the packet data network using the public key and encryption technique specified in the secure registration request message. - View Dependent Claims (18, 19)
computer program code representing a unique parameter to be returned by the acceptor gateway in all messages associated with the secure registration request message;
computer program code for identifying the H.225.0 vintage of the sender gateway;
computer program code containing a parameter with the digital certificate of the sender gateway;
computer program code containing the encryption algorithm and public key to be used in data exchanges between the sender and acceptor gateways; and
computer program code containing a parameter used to determine whether the gateways should encrypt the media.
-
-
19. The method of claim 17 in which the secure confirmation message is comprised of:
-
computer program code representing a unique parameter to be returned by the acceptor gateway in all messages associated with the secure registration request message;
computer program code for identifying the H.225.0 vintage of the acceptor gateway;
computer program code containing a parameter with the digital certificate of the acceptor gateway; and
computer program code containing a parameter used to determine whether the gateways should encrypt the media.
-
-
20. A method of providing secure signaling and media connections for packet data network telephony calls comprising:
-
prior to call initiation;
sending a secure registration request message containing an encryption technique and public key from a sender gateway over a packet data network to an acceptor gateway;
returning a secure confirmation message containing a digital certificate from the acceptor gateway over the packet data network to the sender gateway; and
conducting encrypted data and media exchanges between the sender and acceptor gateways over the packet data network using the public key and encryption technique specified in the secure registration request message. - View Dependent Claims (21, 22, 23, 24)
a requestSeqNum parameter to be returned by the acceptor gateway in all messages associated with the secure registration request message, a protocolIdentifier parameter for identifying the H.225.0 vintage of the sender gateway;
a sendersCertificate parameter containing the digital certificate of the sender gateway;
a keyExchange parameter containing the encryption algorithm and public key to be used in data exchanges between the sender and acceptor gateways; and
a mediaEncryption parameter to determine whether the gateways should encrypt the media.
-
-
24. The method of claim 20 in which the secure confirmation message is comprised of:
-
a requestSeqNum parameter to be returned by the acceptor gateway in all messages associated with the secure registration request message;
a protocolIdentifier parameter for identifying H.225.0 vintage of the acceptor gateway;
an acceptorCertificate parameter containing the digital certificate of the acceptor gateway; and
a mediaEncryption parameter to determine whether the gateways should encrypt the media.
-
Specification