Piggy-backed key exchange protocol for providing secure low-overhead browser connections from a client to a server using a trusted third party
First Claim
1. A computer program product embodied on one or more computer-readable media, for establishing a secure connection between a client application and a server application using pre-existing message types, said computer program product comprising:
- computer-readable program code means for piggy-backing a first portion of security information onto a first message sent from said client application to said server application, wherein said first message uses a first pre-existing message type and wherein said first portion is to be used by said server application in establishing said secure connection;
computer-readable program code means for forwarding said first portion from said server application to a trusted third party (TTP);
computer-readable program code means for decrypting said first portion at said TTP;
computer-readable program code means for returning a version of said decrypted first portion from said TTP to said server application; and
computer-readable program code means for piggy-backing a second portion of security information onto a second message sent from said server application to said client application, wherein said second message responds to said first message and uses a second pre-existing message type and wherein said second portion is to be used by said client application in establishing said secure connection.
2 Assignments
0 Petitions
Accused Products
Abstract
A method, system, and computer program product for establishing security parameters that are used to exchange data on a secure connection. A piggy-backed key exchange protocol is defined, with which these security parameters are advantageously exchanged. By piggy-backing the key exchange onto other already-required messages (such as a client'"'"'s HTTP GET request, or the server'"'"'s response thereto), the overhead associated with setting up a secure browser-to-server connection is minimized. This technique is defined for a number of different scenarios, where the client and server may or may not share an encoding scheme, and is designed to maintain the integrity of application layer communication protocols. In one scenario, a client and a server exchange secure messages using a trusted third party.
-
Citations
67 Claims
-
1. A computer program product embodied on one or more computer-readable media, for establishing a secure connection between a client application and a server application using pre-existing message types, said computer program product comprising:
-
computer-readable program code means for piggy-backing a first portion of security information onto a first message sent from said client application to said server application, wherein said first message uses a first pre-existing message type and wherein said first portion is to be used by said server application in establishing said secure connection;
computer-readable program code means for forwarding said first portion from said server application to a trusted third party (TTP);
computer-readable program code means for decrypting said first portion at said TTP;
computer-readable program code means for returning a version of said decrypted first portion from said TTP to said server application; and
computer-readable program code means for piggy-backing a second portion of security information onto a second message sent from said server application to said client application, wherein said second message responds to said first message and uses a second pre-existing message type and wherein said second portion is to be used by said client application in establishing said secure connection. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
said first message requests a secure page from said server application, wherein said request further comprises an identifier of said secure page; and
said second message sends a response to said secure page request to said client application, wherein said response further comprises a content portion encrypted using a session key generated by said server application.
-
-
7. The computer program product according to claim 6, wherein:
-
said first portion further comprises a first set of information encrypted using a public key of said TTP; and
said second portion further comprises a nonce of said server application, encrypted using a public key of said client application.
-
-
8. The computer program product according to claim 7, wherein said second portion further comprises a security certificate of said server application.
-
9. The computer program product according to claim 7, wherein said first set of information comprises:
- zero or more parameters required for said secure page request;
an identification of said client application;
an identification of said server application;
an identification of said TTP;
a client nonce; and
optionally including a timestamp.
- zero or more parameters required for said secure page request;
-
10. The computer program product according to claim 7, wherein said forwarded first portion comprises said first set of information.
-
11. The computer program product according to claim 7, wherein said returned version of said decrypted first portion comprises a subset of said first set of information, wherein said subset is encrypted using a public key of said server.
-
12. The computer program product according to claim 11, wherein said subset comprises:
- said zero or more parameters;
, said identification of said client application;
said client nonce; and
said timestamp when said first set includes said timestamp.
- said zero or more parameters;
-
13. The computer program product according to claim 1, wherein:
-
said client application and said server application have no previously-existing common message encoding scheme, but said client application shares a first message encoding scheme with said TTP and said server application shares a second message encoding scheme with said TTP; and
said second message includes a content portion that is encrypted using a public key of said client application.
-
-
14. The computer program product according to claim 6, wherein said forwarded first portion is encrypted using a public key of said TTP and said returned version is encrypted using a public key of said server application.
-
15. The computer program product according to claim 6, wherein said forwarded first portion and said returned version are encrypted using a private key shared by said TTP and said server application.
-
16. The computer program product according to claim 7, wherein said first portion comprises meta-information for a message encoding scheme proposed by said client application.
-
17. The computer program product according to claim 16, further comprising:
computer-readable program code means for piggy-backing additional information onto said first message, wherein said additional information comprises zero or more parameters required for said secure page request.
-
18. The computer program product according to claim 17, wherein said parameters are encrypted using a client nonce.
-
19. A system for establishing a sure connection between a client application and a server application using pre-existing message types, said system comprising:
-
means for piggy-backing a first portion of security information onto a first message sent from said client application to said server application, wherein said first message uses a first pre-existing message type and wherein said first portion is to be used by said server application in establishing said secure connection;
means for forwarding said first portion from said server application to a trusted third party TTP);
means for decrypting said first portion at said TTP;
means for returning a version of said decrypted first portion from said TTP to said server application; and
means for piggy-backing a second portion of security information onto a second message sent from said server application to said client application, wherein said second message responds to said first message and uses a second pre-existing message type and wherein said second portion is to be used by said client application in establishing said secure connection. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
said first message requests a secure page from said server application, wherein said request further comprises an identifier of said secure page; and
said second message sends a response to said secure page request to said client application, wherein said response further comprises a content portion encrypted using a session key generated by said server application.
-
-
25. The system according to claim 24, wherein:
-
said first portion further comprises a first set of information encrypted using a public key of said TTP; and
said second portion further comprises a nonce of said server application, encrypted using a public key of said client application.
-
-
26. The system according to claim 25, wherein said second portion further comprises a security certificate of said server application.
-
27. The system according to claim 25, wherein said first set of information comprises:
- zero or more parameters required for said secure page request;
an identification of said client application;
an identification of said server application;
an identification of said TTP;
a client nonce; and
optionally including a timestamp.
- zero or more parameters required for said secure page request;
-
28. The system according to claim 25, wherein said forwarded first portion comprises said first set of information.
-
29. The system according to claim 25, wherein said returned version of said decrypted first portion comprises a subset of said first set of information, wherein said subset is encrypted using a public key of said server.
-
30. The system according to claim 29, wherein said subset comprises:
- said zero or more parameters;
said identification of said client application;
said client nonce; and
said timestamp when said first set includes said timestamp.
- said zero or more parameters;
-
31. The system according to claim 19, wherein:
-
said client application and said server application have no previously-existing common message encoding scheme, but said client application shares a first message encoding scheme with said TTP and said server application shares a second message encoding scheme with said TTP; and
said second message includes a content portion that is encrypted using a public key of said client application.
-
-
32. The system according to claim 24, wherein said forwarded first portion is encrypted using a public key of said TTP and said returned version is encrypted using a public key of said server application.
-
33. The system according to claim 24, wherein said forwarded first portion and said returned version are encrypted using a private key shared by said TTP and said server application.
-
34. The system according to claim 25, wherein said first portion comprises meta-information for a message encoding scheme proposed by said client application.
-
35. The system according to claim 34, further comprising:
computer-readable program code means for piggy-backing additional information onto said first message, wherein said additional information comprises zero or more parameters required for said secure page request.
-
36. The system according to claim 35, wherein said parameters are encrypted using a client nonce.
-
37. A method for establishing a secure connection between a client application and a server application using pre-existing message types, said method comprising the steps of:
-
piggy-backing a first portion of security information onto a first message sent from said client application to said server application, wherein said first message uses a first pre-existing message type and wherein said first portion is to be used by said server application in establishing said secure connection;
forwarding said first portion from said server application to a trusted third party (TTP);
decrypting said first portion at said TTP;
returning a version of said decrypted first portion from said TTP to said server application; and
piggy-backing a second portion of security information onto a second message sent from said server application to said client application, wherein said second message responds to said first message and uses a second pre-existing message type and wherein said second portion is to be used by said client application in establishing said secure connection. - View Dependent Claims (38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64)
said first message requests a secure page from said server application, wherein said request further comprises an identifier of said secure page; and
said second message sends a response to said secure page request to said client application, wherein said response further comprises a content portion encrypted using a session key generated by said server application.
-
-
43. The method according to claim 42, wherein:
-
said first portion further comprises a first set of information encrypted using a public key of said TTP; and
said second portion further comprises a nonce of said server application, encrypted using a public key of said client application.
-
-
44. The method according to claim 43, wherein said second portion further comprises a security certificate of said server application.
-
45. The method according to claim 43, wherein said first set of information comprises:
- zero or more parameters required for said secure page request;
an identification of said client application;
an identification of said server application;
an identification of said TTP;
a client nonce; and
optionally including a timestamp.
- zero or more parameters required for said secure page request;
-
46. The method according to claim 43, wherein said forwarded first portion comprises said first set of information.
-
47. The method according to claim 43, wherein said returned version of said decrypted first portion comprises a subset of said first set of information, wherein said subset is encrypted using a public key of said server.
-
48. The method according to claim 47, wherein said subset comprises:
- said zero or more parameters;
said identification of said client application;
said client nonce; and
said timestamp when said first set includes said timestamp.
- said zero or more parameters;
-
49. The method according to claim 37, wherein:
-
said client application and said server application have no previously-existing common message encoding scheme, but said client application shares a first message encoding scheme with said TTP and said server application shares a second message encoding scheme with said TTP; and
said second message includes a content portion that is encrypted using a public key of said client application.
-
-
50. The method according to claim 42, wherein said forwarded first portion is encrypted using a public key of said TTP and said returned version is encrypted using a pubic key of said server application.
-
51. The method according to claim 42, wherein said forwarded first portion and said returned version are encrypted using a private key shared by said TTP and said server application.
-
52. The method according to claim 43, wherein said first portion comprises meta-information for a message encoding scheme proposed by said client application.
-
53. The method according to claim 52, further comprising:
computer-readable program code means for piggy-backing additional information onto said first message, wherein said additional information comprises zero or more parameters required for said secure page request.
-
54. The method according to claim 53, wherein said parameters are encrypted using a client nonce.
-
55. The method according to claim 37, wherein at least a portion of content included in said second message is encrypted.
-
56. The method according to claim 55, wherein the encrypted portion is encrypted using a session key created from first information contained in said first portion and second information contained in said second portion.
-
57. The method according to claim 55, wherein the encrypted portion is encrypted using a session key created from a client nonce contained in said first portion and a server nonce contained in said second portion.
-
58. The method according to claim 55, wherein the encrypted portion is encrypted using a session key and wherein said second portion enables said client application to recreate said session key.
-
59. The method according to claim 57, wherein said client application can recreate said session key upon receiving said server nonce and can thereby decrypt said encrypted portion.
-
60. The method according to claim 43, wherein said fist set of information comprises:
- an identification of said client application;
an identification of said server application;
an identification of said TTP;
a client nonce; and
optionally including a timestamp.
- an identification of said client application;
-
61. The method according to claim 47, wherein said subset comprises:
- said identification of said client application;
said client nonce; and
said timestamp when said first set includes said timestamp.
- said identification of said client application;
-
62. The method according to claim 37, wherein said forwarded first portion is encrypted prior to forwarding, using a message encoding scheme understood by said TTP and said server application.
-
63. The method according to claim 37, wherein said returned version is encrypted prior to returning, using a message encoding scheme understood by said TTP and said server application.
-
64. The method according to claim 37, wherein said forwarded first portion is encrypted such that only said TTP can decrypt said forwarded first portion and said returned version is encrypted such that only said server application can decrypt said returned version.
-
65. A method for securely establishing a connection between a client application and a server application using a trusted third party (TTP) as an intermediary, further comprising steps of:
-
sending, from the client application to the server application, a first message that uses a first pre-existing message type, wherein;
the first message requests information from the server application, and includes a parameter portion and a proposed encoding scheme portion;
the parameter portion contains zero or more parameters that may be used by the server application in creating the requested information, and is encrypted using a proposed encoding scheme that is identified in the proposed encoding scheme portion; and
the proposed encoding scheme portion is encrypted using a first encoding scheme shared by the client application and the TTP;
forwarding, from the server application to the TTP upon receiving the first message, the proposed encoding scheme portion;
decrypting the forwarded proposed encoding scheme portion, upon receipt at the TTP, using the first encoding scheme, thereby revealing the proposed encoding scheme to the TTP;
returning the revealed proposed encoding scheme from the TTP to the server application;
using the returned proposed encoding scheme portion, upon receipt at the server application, to decrypt the parameter portion, thereby revealing the zero or more parameters to the server application;
using the revealed zero or more parameters, if necessary, by the server application in creating the requested information;
encrypting the created information, using a second encoding scheme that enables the client application to decrypt the encrypted information; and
sending, from the server application to the client application, a second message that uses a second pre-existing message type, wherein the second message responds to the first message and includes the encrypted information. - View Dependent Claims (66, 67)
the proposed encoding scheme portion is encrypted by the server, prior to forwarding to the TTP, using a third message encoding scheme shared by the server application and the TTP;
the TTP decrypts the forwarded proposed encoding scheme portion, using the third message encoding scheme, prior to decrypting the forwarded proposed encoding scheme portion using the first encoding scheme;
the TTP encrypts the revealed proposed encoding scheme, using the third message encoding scheme, prior to operation of the returning step; and
the server application decrypts the returned proposed encoding scheme portion, using the third message encoding scheme, prior to operation of the step of using the returned proposed encoding scheme portion to decrypt the parameter portion.
-
Specification