Secure session capability using public-key cryptography without access to the private key

US 8,966,267 B1
Filed: 04/08/2014
Issued: 02/24/2015
Est. Priority Date: 04/08/2014
Status: Active Grant

First Claim

Patent Images

1. A method in a first server for establishing a secure session with a client device, the method comprising:

receiving a first message from the client device that initiates a handshake procedure to establish a secure session between the client device and the first server and transmitting the first message to a second server;

receiving, from the second server, a second message in response to the first message and transmitting the second message to the client device;

receiving, from the second server, a third message that includes a digital certificate and transmitting the third message to the client device;

receiving, from the second server, a fourth message that includes a set of cryptographic parameters that is signed using a private key stored on the second server and not available on the first server and transmitting the fourth message to the client device, wherein the set of cryptographic parameters are to be used by the client device when generating a premaster secret and include a Diffie-Hellman public value selected by the second server;

receiving, from the second server, a fifth message that indicates that a server hello part of the handshake procedure is complete and transmitting the fifth message to the client device;

receiving, from the client device, a sixth message that includes a Diffie-Hellman public value selected by the client device and transmitting the sixth message to the second server;

receiving, from the second server, a seventh message that includes a set of one or more session keys to be used in the secure session for encrypting and decrypting communication between the client device and the first server that were generated at least using a master secret that is generated using a premaster secret that is generated using the Diffie-Hellman public value selected by the client device and the Diffie-Hellman public value selected by the second server;

receiving, from the client device, an eighth message that indicates that future messages sent from the client device will be encrypted;

receiving, from the client device, a ninth message that is encrypted according to the session keys;

transmitting, to the client device, a tenth message that indicates that future messages sent to the client device will be encrypted; and

transmitting, to the client device, an eleventh message that is encrypted according to the session keys.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A server establishes a secure session with a client device where a private key used in the handshake when establishing the secure session is stored in a different server. During the handshake procedure, the server proxies messages to/from the different server including a set of signed cryptographic parameters signed using the private key on the different server. The different server generates the master secret, and generates and transmits the session keys to the server that are to be used in the secure session for encrypting and decrypting communication between the client device and the server.

55 Citations

View as Search Results

21 Claims

1. A method in a first server for establishing a secure session with a client device, the method comprising:
- receiving a first message from the client device that initiates a handshake procedure to establish a secure session between the client device and the first server and transmitting the first message to a second server;
  
  receiving, from the second server, a second message in response to the first message and transmitting the second message to the client device;
  
  receiving, from the second server, a third message that includes a digital certificate and transmitting the third message to the client device;
  
  receiving, from the second server, a fourth message that includes a set of cryptographic parameters that is signed using a private key stored on the second server and not available on the first server and transmitting the fourth message to the client device, wherein the set of cryptographic parameters are to be used by the client device when generating a premaster secret and include a Diffie-Hellman public value selected by the second server;
  
  receiving, from the second server, a fifth message that indicates that a server hello part of the handshake procedure is complete and transmitting the fifth message to the client device;
  
  receiving, from the client device, a sixth message that includes a Diffie-Hellman public value selected by the client device and transmitting the sixth message to the second server;
  
  receiving, from the second server, a seventh message that includes a set of one or more session keys to be used in the secure session for encrypting and decrypting communication between the client device and the first server that were generated at least using a master secret that is generated using a premaster secret that is generated using the Diffie-Hellman public value selected by the client device and the Diffie-Hellman public value selected by the second server;
  
  receiving, from the client device, an eighth message that indicates that future messages sent from the client device will be encrypted;
  
  receiving, from the client device, a ninth message that is encrypted according to the session keys;
  
  transmitting, to the client device, a tenth message that indicates that future messages sent to the client device will be encrypted; and
  
  transmitting, to the client device, an eleventh message that is encrypted according to the session keys.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the first server and the second server are owned or operated by different entities.
  - 3. The method of claim 1, wherein at least the fourth message and the seventh message are received from the second server over a secure session between the first server and the second server.
  - 4. The method of claim 1, further comprising:
    - after transmitting the eleventh message to the client device, receiving from the client device a request for a resource over the secure session, wherein the request is encrypted;
      
      decrypting, using the set of session keys, the request for the resource;
      
      transmitting the request for the resource to a third server;
      
      receiving the resource from the third server in response to the request;
      
      generating an encrypted response that includes the retrieved resource, wherein the encrypted response is encrypted with the set of session keys; and
      
      transmitting the encrypted response to the client device.
  - 5. The method of claim 4, wherein the second server and the third server are the same server.
  - 6. The method of claim 1, further comprising:
    - receiving, from the second server, the master secret;
      
      verifying information in the ninth message including,calculating a first value using a function that takes as input at least the master secret and a hash of the first message, second message, third message, fourth message, fifth message, sixth message, and eighth message, andcomparing the calculated first value with a second value included in ninth message, wherein a same first value and second value indicates a successful key exchange;
      
      calculating a third value using a function that takes as input at least the master secret and a hash of the first message, second message, third message, fourth message, fifth message, sixth message, eighth message, ninth message, and tenth message; and
      
      including the third value in the eleventh message.
  - 7. The method of claim 1, further comprising:
    - transmitting, to the second server, the eighth message and the ninth message; and
      
      receiving, from the second server, the tenth message and the eleventh message.

8. A non-transitory computer-readable medium storing instructions, which when executed by a set of one or more processors of a first server, cause the set of processors to perform operations comprising:
- receiving a first message from the client device that initiates a handshake procedure to establish a secure session between the client device and the first server and transmitting the first message to a second server;
  
  receiving, from the second server, a second message in response to the first message and transmitting the second message to the client device;
  
  receiving, from the second server, a third message that includes a digital certificate and transmitting the third message to the client device;
  
  receiving, from the second server, a fourth message that includes a set of cryptographic parameters that is signed using a private key stored on the second server and not available on the first server and transmitting the fourth message to the client device, wherein the set of cryptographic parameters are to be used by the client device when generating a premaster secret and include a Diffie-Hellman public value selected by the second server;
  
  receiving, from the second server, a fifth message that indicates that a server hello part of the handshake procedure is complete and transmitting the fifth message to the client device;
  
  receiving, from the client device, a sixth message that includes a Diffie-Hellman public value selected by the client device and transmitting the sixth message to the second server;
  
  receiving, from the second server, a seventh message that includes a set of one or more session keys to be used in the secure session for encrypting and decrypting communication between the client device and the first server that were generated at least using a master secret that is generated using a premaster secret that is generated using the Diffie-Hellman public value selected by the client device and the Diffie-Hellman public value selected by the second server;
  
  receiving, from the client device, an eighth message that indicates that future messages sent from the client device will be encrypted;
  
  receiving, from the client device, a ninth message that is encrypted according to the session keys;
  
  transmitting, to the client device, a tenth message that indicates that future messages sent to the client device will be encrypted; and
  
  transmitting, to the client device, an eleventh message that is encrypted according to the session keys.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The non-transitory computer-readable medium of claim 8, wherein the first server and the second server are owned or operated by different entities.
  - 10. The non-transitory computer-readable medium of claim 8, wherein at least the fourth message and the seventh message are received from the second server over a secure session between the first server and the second server.
  - 11. The non-transitory computer-readable medium of claim 8, further storing instructions that, when executed by the set of processors, cause the set of processors to perform the following operations:
    - after transmitting the eleventh message to the client device, receiving from the client device a request for a resource over the secure session, wherein the request is encrypted;
      
      decrypting, using the set of session keys, the request for the resource;
      
      transmitting the request for the resource to a third server;
      
      receiving the resource from the third server in response to the request;
      
      generating an encrypted response that includes the retrieved resource, wherein the encrypted response is encrypted with the set of session keys; and
      
      transmitting the encrypted response to the client device.
  - 12. The non-transitory computer-readable medium of claim 11, wherein the second server and the third server are the same server.
  - 13. The non-transitory computer-readable medium of claim 8, further storing instructions that, when executed by the set of processors, cause the set of processors to perform the following operations:
    - receiving, from the second server, the master secret;
      
      verifying information in the ninth message including,calculating a first value using a function that takes as input at least the master secret and a hash of the first message, second message, third message, fourth message, fifth message, sixth message, and eighth message, andcomparing the calculated first value with a second value included in ninth message, wherein a same first value and second value indicates a successful key exchange;
      
      calculating a third value using a function that takes as input at least the master secret and a hash of the first message, second message, third message, fourth message, fifth message, sixth message, eighth message, ninth message, and tenth message; and
      
      including the third value in the eleventh message.
  - 14. The non-transitory computer-readable medium of claim 8, further storing instructions that, when executed by the set of processors, cause the set of processors to perform the following operations:
    - transmitting, to the second server, the eighth message and the ninth message; and
      
      receiving, from the second server, the tenth message and the eleventh message.

15. An apparatus comprising:
- a first server including a set of one or more processors and a set of one or more non-transitory computer-readable storage mediums storing instructions, that when executed by the set of processors, cause the set of processors to perform the following operations;
  
  receive a first message from a client device that initiates a handshake procedure to establish a secure session between the client device and the first server and transmit the first message to a second server;
  
  receive, from the second server, a second message in response to the first message and transmit the second message to the client device;
  
  receive, from the second server, a third message that includes a digital certificate and transmit the third message to the client device;
  
  receive, from the second server, a fourth message that includes a set of cryptographic parameters that is signed using a private key stored on the second server and not available on the first server and transmit the fourth message to the client device, wherein the set of cryptographic parameters are to be used by the client device when generating a premaster secret and include a Diffie-Hellman public value selected by the second server;
  
  receive, from the second server, a fifth message that indicates that a server hello part of the handshake procedure is complete and transmit the fifth message to the client device;
  
  receive, from the client device, a sixth message that includes a Diffie-Hellman public value selected by the client device and transmit the sixth message to the second server;
  
  receive, from the second server, a seventh message that includes a set of one or more session keys to be used in the secure session for encrypting and decrypting communication between the client device and the first server that were generated at least using a master secret that is generated using a premaster secret that is generated using the Diffie-Hellman public value selected by the client device and the Diffie-Hellman public value selected by the second server;
  
  receive, from the client device, an eighth message that indicates that future messages sent from the client device will be encrypted;
  
  receive, from the client device, a ninth message that is encrypted according to the session keys;
  
  transmit, to the client device, a tenth message that indicates that future messages sent to the client device will be encrypted; and
  
  transmit, to the client device, an eleventh message that is encrypted according to the session keys.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The apparatus of claim 15, wherein the first server and the second server are owned or operated by different entities.
  - 17. The apparatus of claim 15, wherein at least the fourth message and the seventh message are to be received from the second server over a secure session between the first server and the second server.
  - 18. The apparatus of claim 15, wherein the set of non-transitory computer-readable storage mediums further stores instructions, that when executed by the set of processors, cause the set of processors to perform the following operations:
    - after transmission of the eleventh message to the client device, receive from the client device a request for a resource over the secure session, wherein the request is encrypted;
      
      decrypt, using the set of session keys, the request for the resource;
      
      transmit the request for the resource to a third server;
      
      receive the resource from the third server in response to the request;
      
      generate an encrypted response that includes the retrieved resource, wherein the encrypted response is encrypted with the set of session keys; and
      
      transmit the encrypted response to the client device.
  - 19. The apparatus of claim 18, wherein the second server and the third server are the same server.
  - 20. The apparatus of claim 15, wherein the set of non-transitory computer-readable storage mediums further stores instructions, that when executed by the set of processors, cause the set of processors to perform the following operations:
    - receive, from the second server, the master secret;
      
      verify information in the ninth message including,calculate a first value using a function that takes as input at least the master secret and a hash of the first message, second message, third message, fourth message, fifth message, sixth message, and eighth message, andcompare the calculated first value with a second value included in ninth message, wherein a same first value and second value indicates a successful key exchange;
      
      calculate a third value using a function that takes as input at least the master secret and a hash of the first message, second message, third message, fourth message, fifth message, sixth message, eighth message, ninth message, and tenth message; and
      
      include the third value in the eleventh message.
  - 21. The apparatus of claim 15, wherein the set of non-transitory computer-readable storage mediums further stores instructions, that when executed by the set of processors, cause the set of processors to perform the following operations:
    - transmit, to the second server, the eighth message and the ninth message; and
      
      receive, from the second server, the tenth message and the eleventh message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CloudFlare Incorporated
Original Assignee
CloudFlare Incorporated
Inventors
Pahl, Sbastien Andreas Henry, Tourne, Matthieu Philippe Franois, Sikora, Piotr, Bejjani, Ray Raymond, Knecht, Dane Orion, Graham-Cumming, John, Holloway, Lee Hahn, Strasheim, Albertus, Prince, Matthew Browning, Sullivan, Nicholas Thomas
Primary Examiner(s)
Rashid, Harunur
Assistant Examiner(s)
Ho, Dao

Application Number

US14/248,256
Time in Patent Office

322 Days
Field of Search

713/171, 713/168, 380/276
US Class Current

713/171
CPC Class Codes

H04L 63/061   for key exchange, e.g. in p...

H04L 63/166   at the transport layer

H04L 9/0844   with user authentication or...

H04L 9/14   using a plurality of keys o...

H04L 9/30   Public key, i.e. encryption...

H04L 9/321   involving a third party or ...

H04L 9/3263   involving certificates, e.g...

H04L 9/3268   using certificate validatio...

Secure session capability using public-key cryptography without access to the private key

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

55 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Secure session capability using public-key cryptography without access to the private key

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

55 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links