Decryption system and method for network analyzers and security programs
First Claim
Patent Images
1. A system, comprising:
- a cryptographic interceptor module coupled between an application and a cryptographic supplier for intercepting keys, the application residing on a first computer;
a key broker module coupled to the cryptographic interceptor module for storing the keys, the key broker module residing on a second computer coupled to the first computer via at least one network for receiving the keys from the cryptographic interceptor module on the first computer via the at least one network; and
a tool coupled to the key broker module, the tool adapted for identifying encrypted network communications, requesting at least one of the keys, and utilizing the at least one key to decrypt the encrypted network communications, the tool residing on a third computer coupled to the second computer via the at least one network for receiving the at least one key from the key broker module on the second computer via the at least one network;
wherein the system is operable such that the cryptographic interceptor module conditionally intercepts the keys based on a policy;
wherein the cryptographic interceptor module includes a shim between the application and the cryptographic supplier; and
wherein the key broker module does not receive the keys from the cryptographic interceptor module if it is determined that the tool is an interactive process under control of a human user.
9 Assignments
0 Petitions
Accused Products
Abstract
A system, method and computer program product are provided for decrypting network communications. Initially, encrypted network communications are identified. A key is then received. Such key is subsequently utilized to decrypt the encrypted network communications. In use, the key is conditionally received based on predetermined criteria.
-
Citations
16 Claims
-
1. A system, comprising:
-
a cryptographic interceptor module coupled between an application and a cryptographic supplier for intercepting keys, the application residing on a first computer; a key broker module coupled to the cryptographic interceptor module for storing the keys, the key broker module residing on a second computer coupled to the first computer via at least one network for receiving the keys from the cryptographic interceptor module on the first computer via the at least one network; and a tool coupled to the key broker module, the tool adapted for identifying encrypted network communications, requesting at least one of the keys, and utilizing the at least one key to decrypt the encrypted network communications, the tool residing on a third computer coupled to the second computer via the at least one network for receiving the at least one key from the key broker module on the second computer via the at least one network; wherein the system is operable such that the cryptographic interceptor module conditionally intercepts the keys based on a policy; wherein the cryptographic interceptor module includes a shim between the application and the cryptographic supplier; and wherein the key broker module does not receive the keys from the cryptographic interceptor module if it is determined that the tool is an interactive process under control of a human user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
Specification