Mechanisms for role negotiation in the establishment of secure communication channels in peer-to-peer environments
First Claim
1. In a peer-to-peer (P2P) network, a method for establishing a secure connection between a first peer (P1) in the P2P network and a second peer (P2) in the P2P network using an unmodified client/server handshake protocol, the method comprising:
- sending by P1 a first secure connection request (R1) to P2;
receiving by P1 a second secure connection request (R2) from P2;
generating by P1 an error condition E in a negotiation of the secure connection between P1 and P2;
computing by P1 a random value (V1);
cancelling by P1 the request R1;
discarding by P1 the request R2;
resending by P1 the request R1 to P2 after waiting a period of time based on the value V1;
wherein the method is applied at an application level, wherein P1 and P2 engage in secure communication using an unmodified client/server handshake protocol, wherein R1 and R2 are handshake messages of the unmodified client/server handshake protocol.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods of establishing secure communication channels in peer-to-peer environments are provided that eliminate role conflicts between peers by determining which peer will act as a client and which the peer will act as a server in a secure connection handshake. In one embodiment, an attribute of the handshake messages are used in a tiebreaker process to determine which peer assumes the role of the server. In another embodiment, the attribute may be used to compute a wait period for each peer, or the wait period may be based on a random time period, and the peers cancel their request and resent requests after waiting their respective time periods.
-
Citations
7 Claims
-
1. In a peer-to-peer (P2P) network, a method for establishing a secure connection between a first peer (P1) in the P2P network and a second peer (P2) in the P2P network using an unmodified client/server handshake protocol, the method comprising:
-
sending by P1 a first secure connection request (R1) to P2; receiving by P1 a second secure connection request (R2) from P2; generating by P1 an error condition E in a negotiation of the secure connection between P1 and P2; computing by P1 a random value (V1); cancelling by P1 the request R1; discarding by P1 the request R2; resending by P1 the request R1 to P2 after waiting a period of time based on the value V1; wherein the method is applied at an application level, wherein P1 and P2 engage in secure communication using an unmodified client/server handshake protocol, wherein R1 and R2 are handshake messages of the unmodified client/server handshake protocol.
-
-
2. In a peer-to-peer (P2P) network, a method for establishing a secure connection between a first peer (P1) in the P2P network and a second peer (P2) in the P2P network using an unmodified client/server handshake protocol, the method comprising:
-
sending by P1 a first secure connection request (R1) to P2; receiving by P1 a second secure connection request (R2) from P2; generating by P1 an error condition E in a negotiation of the secure connection between P1 and P2; computing by P1 a wait period value (V1) from an attribute of R1; compelling by P1 the request R1; discarding by P1 the request R2; resending R1 to P2 after waiting a period of time based on the value V1; wherein the method is applied at an application level wherein P1 and P2 engage in secure communication using an unmodified client/server handshake protocol, wherein R1 and R2 are handshake messages of the unmodified client/server handshake protocol. - View Dependent Claims (3, 5, 6)
-
-
4. In a peer-to-peer (P2P) network, a method for establishing a secure connection between a first peer (P1) in the P2P network and a second peer (P2) in the P2P network, using an unmodified client/server handshake protocol, the method comprising:
-
sending by P1 a first secure connection request (R1) to P2; receiving by P1 a second secure connection request (R2) from P2; generating by P1 an error condition E in a negotiation of the secure connection between P1 and P2; computing by P1 a first value (V1) from a attribute of R1; computing by P1 a second value (V2) from an attribute of R2; comparing by P1 the values V1 and V2 to determine a tie breaker result for P1 and P2; assigning by P1 a client/server role to P1 based on the comparison of V1 and V2; wherein the method is applied at an application level wherein P1 and P2 engage in secure communication using an unmodified client/server handshake protocol, wherein R1 and R2 are handshake messages of the unmodified client/server handshake protocol. - View Dependent Claims (7)
-
Specification