Security protocol structure in application layer

US 7,096,352 B2
Filed: 01/02/2001
Issued: 08/22/2006
Est. Priority Date: 12/30/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A method of establishing a security protocol structure in an application layer of a Wireless Application Protocol (WAP) standard, comprising:

receiving a first message containing a client random value from a client;

determining whether the first message is a valid message;

extracting a pre-master secret from the first message;

generating a specific server random value;

generating and transmitting a second message to the client to pass the server random value to the client;

generating a master secret in accordance with the extracted pre-master secret, client random value, and server random value;

generating a key block in accordance with the master secret, client random value, and server random value;

generating from the key block an encryption key value for encryption and decryption algorithms and Message Authentication Code (MAC) algorithms;

generating a third message indicating that encryption is activated; and

generating a fourth message to verify that the client has generated a client master secret identical to the master secret and to indicate that secured communication has been established between a server generating the server random value and the client,wherein the security protocol structure comprises;

a secure session layer directly between a session layer including a wireless session protocol and an application layer including a wireless application environment;

a transaction layer including a wireless transaction protocol below the session layer;

a security layer including a wireless transport layer security below the transaction layer;

a transport layer including a wireless datagram protocol below the security layer; and

a network layer below the transport layer,wherein the secure session layer provides a data security function in the application layer, and includes a secured session layer security (SSLS) protocol to provide a secure session interface to an application program, andwherein secure communication is established between a server and a client using the SSLS protocol and without using a certificate or public/private key generation operation.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A security protocol structure for a Wireless Application Protocol (WAP) standard structure is disclosed. The security protocol structure provides a data security function in an application layer by providing a secret session having a secured session layer security (SSLS) protocol for providing a secret session interface to an application program between the session layer and the application layer.

Citations

14 Claims

1. A method of establishing a security protocol structure in an application layer of a Wireless Application Protocol (WAP) standard, comprising:
- receiving a first message containing a client random value from a client;
  
  determining whether the first message is a valid message;
  
  extracting a pre-master secret from the first message;
  
  generating a specific server random value;
  
  generating and transmitting a second message to the client to pass the server random value to the client;
  
  generating a master secret in accordance with the extracted pre-master secret, client random value, and server random value;
  
  generating a key block in accordance with the master secret, client random value, and server random value;
  
  generating from the key block an encryption key value for encryption and decryption algorithms and Message Authentication Code (MAC) algorithms;
  
  generating a third message indicating that encryption is activated; and
  
  generating a fourth message to verify that the client has generated a client master secret identical to the master secret and to indicate that secured communication has been established between a server generating the server random value and the client,wherein the security protocol structure comprises;
  
  a secure session layer directly between a session layer including a wireless session protocol and an application layer including a wireless application environment;
  
  a transaction layer including a wireless transaction protocol below the session layer;
  
  a security layer including a wireless transport layer security below the transaction layer;
  
  a transport layer including a wireless datagram protocol below the security layer; and
  
  a network layer below the transport layer,wherein the secure session layer provides a data security function in the application layer, and includes a secured session layer security (SSLS) protocol to provide a secure session interface to an application program, andwherein secure communication is established between a server and a client using the SSLS protocol and without using a certificate or public/private key generation operation.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein the client random value is a client ID.
  - 3. The method of claim 2, wherein a subscriber inputs the client ID into a wireless communications device to establish secure communications with a server using the Wireless Application Protocol (WAP).
  - 4. The method of claim 1, wherein the pre-master secret is a shared pre-master secret, and wherein the server manages the shared pre-master secret corresponding to the first message in a database.
  - 5. The method of claim 4, wherein the first message is a user ID entered on a client terminal by a subscriber.
  - 6. The method of claim 1, wherein the fourth message is a Finished message, and is transmitted from a record layer.
  - 7. The method of claim 6, wherein the Finished message is transmitted using the encryption key and MAC key values, and indicates that encrypted communications have been established.
  - 8. The method of claim 1, wherein the client computes values of the master secret, the key block, the encryption key, and the MAC key after receiving and processing the second message.
  - 9. The method of claim 1, wherein the third message is a ChangeCipherSpec message.
  - 10. The method of claim 1, wherein the encryption key is extracted from the key block in such a manner that a 16 byte client MAC key, 16 byte client encryption key, 8 byte client IV, 16 byte server MAC key, 16 byte server encryption key, and 8 byte server IV are sequentially allocated from the key block.
  - 11. The method of claim 1, wherein the first message and the second message comprise a Handshake message.
  - 12. The method of claim 11, wherein the Handshake message is formed by concatenating the first message and the second message.
  - 13. The method of claim 1, wherein the second message is a ServerHello message, the third message is a ChangeCipherSpec message, and the fourth message is a Finished message, and wherein the second, third, and fourth messages are concatenated together to be transmitted to the client.
  - 14. The method of claim 1, wherein the client verifies that encryption is activated after receiving and processing the third message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
LG-Ericsson Company Limited (Telefonaktiebolaget LM Ericsson)
Original Assignee
LG Electronics, Inc. (LG Corporation)
Inventors
Kang, Kyoung Jin, Yu, Ji Won, Kwon, Jae Hwon
Primary Examiner(s)
Revak, Christopher
Assistant Examiner(s)
Chai, Longbit

Application Number

US09/750,921
Publication Number

US 20010016907A1
Time in Patent Office

2,058 Days
Field of Search

380281-285, 380 24- 25, 380 48- 49, 380/270, 713151-152, 713200-202, 713/182, 713/160, 713169-171, 726/14, 709227-230
US Class Current

713/152
CPC Class Codes

H04L 63/0428 wherein the data content is...

H04L 67/04 specially adapted for termi...

Security protocol structure in application layer

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Security protocol structure in application layer

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links