Method and system for distributed generation of unique random numbers for digital tokens
First Claim
1. In a computer network with a plurality of network devices, a method for distributed generation of unique random numbers for digital cookies, comprising the steps of:
- generating a first portion of a x-bit digital cookie on a first network device on the computer network based on an x-bit bit mask template sent to the first network device from a second network device on the computer network;
sending a first message to request a second portion of the x-bit digital cookie from the second network device, wherein the first message includes the first portion of the x-bit digital cookie;
receiving a first response from the second network device wherein the first response includes a second portion of the x-bit digital cookie from the second network device, and wherein the second network device generates potential x-bit digital cookies using the first portion of the x-bit digital cookie from the first network device and a second portion of the x-bit digital cookie generated on the second network device until the second network device generates a potential x-bit digital cookie that is not in use on the computer network;
generating a complete x-bit digital cookie on the first network device using the first portion of the x-bit digital cookie and the second portion of the x-bit digital cookie, wherein the complete x-bit digital cookie is not in use on the computer network.
5 Assignments
0 Petitions
Accused Products
Abstract
A method and system for distributed generation of unique random numbers. The unique random number can be used to create digital cookies or digital tokens. A first network device (e.g., a computer) on a computer network receives an x-bit bit mask template from a second network device on the computer network (e.g., a gateway). The first network device generates a first portion of an x-bit digital cookie. The first network device requests a second portion of the x-bit digital cookie from the second network device. The request includes the first portion of the x-bit digital cookie. The first network device generates a complete x-bit digital cookie using the first portion of the x-bit digital cookie generated by the first network device and the second portion of the x-bit digital cookie generated by the second network device. The generated complete x-bit digital cookie is not in use on the computer network because the second network device has selected the second portion of the bit mask so the complete x-bit digital cookie including the first portion generated on the first network device and the second portion generated on the second network device is not use on the computer network. The method and system can be used on a Distributed Network Address Translation (“DNAT”) or a Realm Specific Internet Protocol (“RSIP”) subnet to allow a network device (e.g., a computer) to create a complete x-bit digital cookie with help from a DNAT/RSIP gateway. The complete x-bit digital cookie can be used as a 64-bit anti-clogging cookie for security protocols such as Internet Key Exchange (“IKE”) protocol exchanges used with Internet Protocol security (“IPsec”).
-
Citations
27 Claims
-
1. In a computer network with a plurality of network devices, a method for distributed generation of unique random numbers for digital cookies, comprising the steps of:
-
generating a first portion of a x-bit digital cookie on a first network device on the computer network based on an x-bit bit mask template sent to the first network device from a second network device on the computer network; sending a first message to request a second portion of the x-bit digital cookie from the second network device, wherein the first message includes the first portion of the x-bit digital cookie; receiving a first response from the second network device wherein the first response includes a second portion of the x-bit digital cookie from the second network device, and wherein the second network device generates potential x-bit digital cookies using the first portion of the x-bit digital cookie from the first network device and a second portion of the x-bit digital cookie generated on the second network device until the second network device generates a potential x-bit digital cookie that is not in use on the computer network; generating a complete x-bit digital cookie on the first network device using the first portion of the x-bit digital cookie and the second portion of the x-bit digital cookie, wherein the complete x-bit digital cookie is not in use on the computer network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. In a computer network with a plurality of network devices, a method for distributed generation of unique random numbers for digital cookies, comprising the steps of:
-
maintaining a list of complete digital cookies in use on the computer network on a second network device; generating a x-bit bit mask template on a second network device, wherein the x-bit bit mask has n-bits randomly set to a value of one and remaining (x-n) bits randomly set to value of zero wherein n is less than or equal to x; sending the x-bit bit mask template to a first network device on the computer network; receiving a request from the first network device to request a second portion of a x-bit digital cookie from the second network device, wherein the first message includes an first portion of the x-bit digital cookie; (a) generating a second portion of a x-bit digital cookie on the second network device; (b) generating a potential x-bit digital cookie on the second network device using the first portion of the x-bit digital cookie generated on the first network device and the second portion of the x-bit digital cookie generated on the second network device; (c) comparing the potential x-bit digital cookie with complete digital cookies from the list of complete digital cookies maintained on the second network device that are in use on the computer network; repeating steps (a), (b) and (c) until a potential x-bit digital cookie is generated that is not in use on the computer network; and sending the second portion of the x-bit digital cookie for the potential x-bit digital cookie that is not in use on the computer network to the first network device, wherein the first network device uses the first portion of the x-bit digital cookie and the second portion of the x-bit digital cookie to create a complete x-bit digital cookie that is not in use on the computer network. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. In a computer network with a plurality of network devices, a method for distributed generation of unique random numbers for digital cookies, comprising the steps of:
-
sending a first request from a first network device to a second network device for an x-bit bit mask template; receiving a first response on the first network device from the second network device including a x-bit bit mask template, wherein the x-bit bit mask template has n-bits randomly set to a value of one and remaining (x-n) bits randomly set to a value of zero, wherein n is less than or equal to x; counting n-number of ones in the x-bit bit mask template on the first network device; generating an n-bit random number on the first network device based on the n-number of ones counted in the x-bit bit mask; sending a second request to the second network device including the n-bit random number for a (x-n) bit random number; receiving a second response from the second network device including a (x-n) bit random number; and creating a complete digital cookie using the (x-n) bit random number, the x-bit random number and the x-bit bit mask, wherein the complete digital cookie is not in use on the computer network. - View Dependent Claims (18, 19, 20, 21, 22)
-
-
23. In a computer network with a plurality of network devices, a method for distributed generation of unique random numbers for digital cookies, comprising the steps of:
-
maintaining a list of complete digital cookies in use on the computer network on a second network device; generating a x-bit bit mask template on a second network device, wherein the x-bit bit mask has n-bits randomly set to a value of one and remaining (x-n) bits randomly set to value of zero, wherein n is less than or equal to x; sending the x-bit bit mask template to a first network device on the computer network; receiving a request from the first network device to request an (x-n) bit random number for an x-bit digital cookie from the second network device, wherein the first message includes an n-bit random number; (a) generating a (x-n) bit random number on the second network device; (b) generating a potential x-bit digital cookie on the second network device using the n-bit random number generated on the first network device and the (x-n) bit random generated on the second network device, wherein the potential x-bit digital cookie is generated by placing values of bits from the n-bit random number generated on the first network device in bit positions with a value of one in the x-bit bit mask, and placing values of bits from a (x-n) bit random number generating on the second network device in bit positions with a value of zero in the x-bit bit mask; (c) comparing the potential x-bit digital cookie with complete digital cookies from the list of complete digital cookies maintained on the first network device that are in use on the computer network; repeating steps (a), (b) and (c) until a potential x-bit digital cookie is generated that is not in use on the computer network; sending the (x-n) bit random number used to generate the potential x-bit digital cookie that is not in use on the computer network to the first network device, wherein the first network device uses the n-bit random number and the (x-n) bit random number to create a complete x-bit digital cookie that is not in use on the computer network. - View Dependent Claims (24, 25, 26, 27)
-
Specification