Secure handshake protocol
First Claim
1. A method for a secure handshake protocol between a first party and a second party, connected via a communications channel, wherein each party supports a respective set of cipher suites and for each party, a respective certificate is defined, each of the certificates comprising a public key of its respective owner, the method being characterized in that comprising:
- sending from the first party to the second party a first inter-party message indicating the set of cipher suites supported by the first party, parameters required by the cipher suites, and an identifier of the first party;
wherein in response to the first inter-party message, the second party;
selects one of said indicated cipher suites which is also supported by the second party;
uses said identifier to obtain the certificate of the first party over a connection which is significantly faster than the communications channel connecting said parties;
verifies said obtained certificate of the first party and thereby obtains the public key of the first party;
sends a second inter-party message comprising the certificate of the second party, an indication that the second party has verified the certificate of the first party, and an indication about said selected cipher suite;
wherein in response to the second inter-party message, the first party;
begins to use the selected cipher suite;
verifies the certificate of the second party and thereby obtains the public key of the second party;
sends a third inter-party message indicating that the first party has verified the certificate of the second party;
and wherein information not needed for the above steps can be sent from the first party to the second party in the third inter-party message, thus providing a two-way key-exchange and mutual verification with an effective overhead of two inter-party messages.
3 Assignments
0 Petitions
Accused Products
Abstract
A method for a secure handshake protocol between A and B, connected by a slow channel is provided in which A sends a first message indicating a set of cipher suites with parameters, and its identifier and B selects a cipher suite, obtains A'"'"'s certificate over a fast connection, verifies A'"'"'s certificate and obtains A'"'"'s public key. Next B sends a second message comprising B'"'"'s certificate, and an indication that B has verified A'"'"'s certificate, and an indication about the selected cipher suite. A begins to use the selected cipher suite, verifies B'"'"'s certificate and obtains B'"'"'s public key. Next A sends a third message indicating that A has verified B'"'"'s certificate.
-
Citations
10 Claims
-
1. A method for a secure handshake protocol between a first party and a second party, connected via a communications channel, wherein each party supports a respective set of cipher suites and for each party, a respective certificate is defined, each of the certificates comprising a public key of its respective owner, the method being characterized in that comprising:
-
sending from the first party to the second party a first inter-party message indicating the set of cipher suites supported by the first party, parameters required by the cipher suites, and an identifier of the first party; wherein in response to the first inter-party message, the second party; selects one of said indicated cipher suites which is also supported by the second party; uses said identifier to obtain the certificate of the first party over a connection which is significantly faster than the communications channel connecting said parties; verifies said obtained certificate of the first party and thereby obtains the public key of the first party; sends a second inter-party message comprising the certificate of the second party, an indication that the second party has verified the certificate of the first party, and an indication about said selected cipher suite; wherein in response to the second inter-party message, the first party; begins to use the selected cipher suite; verifies the certificate of the second party and thereby obtains the public key of the second party; sends a third inter-party message indicating that the first party has verified the certificate of the second party; and wherein information not needed for the above steps can be sent from the first party to the second party in the third inter-party message, thus providing a two-way key-exchange and mutual verification with an effective overhead of two inter-party messages. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A telecommunications apparatus configured to act as a first party in a secure handshake protocol between said apparatus and a second party, said apparatus comprising:
-
a first party unit, wherein said first party unit is configured to; send a first message to the second party, said first message indicating a set of cipher suites, parameters required by said cipher suites, and an identifier of the apparatus; receive a second message from the second party, said second message comprising an indication about a cipher suite selected by said second party, a certificate of the second party, an indication that the second party has used said identifier of the apparatus to obtain and verify a certificate of the apparatus, and; use the cipher suite indicated by said second message; verify the certificate of the second party and thereby obtain a public key of the second party; and send a third message to the second party, said third message indicating that the apparatus has verified the certificate of the second party. - View Dependent Claims (8)
-
-
9. A telecommunications apparatus configured to respond to a secure handshake protocol initiated by a first party, said apparatus being connectable to said first party by a communications channel, said apparatus comprising:
-
a second party unit, wherein said second party unit is configured to; receive a first message from the first party, said first message indicating a set of cipher suites, parameters required by the cipher suites, and an identifier of the first party; select one of said indicated cipher suites; use the identifier to obtain a certificate of the first party over a connection which is significantly faster than said communications channel; verify said obtained certificate of the first party and thereby obtain a public key of the first party; send a second message to the first party, said second message comprising a certificate of the apparatus, indicating that the apparatus has verified the certificate of the first party, and indicating said selected cipher suite; and receive a third message from the first party, said third message indicating that the first party has verified the certificate of the apparatus. - View Dependent Claims (10)
-
Specification