Mutual authentication with symmetric secrets and signatures

US 9,882,900 B2
Filed: 01/21/2016
Issued: 01/30/2018
Est. Priority Date: 06/26/2014
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method, comprising:

receiving, from a client computer system and in accordance with a communication protocol for establishing a secure communication channel, a message and a digital signature, the message specifying a set of key derivation parameters, the communication protocol comprising a handshake protocol;

transmitting the message and the digital signature to an authentication server configured to verify authenticity of the message based at least in part on the digital signature and contingent on successful verification of the authenticity of the message, derive a pre-shared cryptographic key that is available to the client computer system and to provide the pre-shared cryptographic key;

if the pre-shared cryptographic key is received from the authentication server, usingthe pre-shared cryptographic key to establish, as part of the handshake protocol, the secure communication channel with the client computer system to result in an established secure communication channel; and

if the authentication server fails to provide the pre-shared cryptographic key from the authentication server, operate in accordance with the digital signature being unverified.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A client and server negotiate a secure communication channel using a pre-shared key where the server, at the time the negotiation initiates, lacks access to the pre-shared key. The server obtains the pre-shared key from another server that shares a secret with the client. A digital signature or other authentication information generated by the client may be used to enable the other server to determine whether to provide the pre-shared key.

312 Citations

20 Claims

1. A computer-implemented method, comprising:
- receiving, from a client computer system and in accordance with a communication protocol for establishing a secure communication channel, a message and a digital signature, the message specifying a set of key derivation parameters, the communication protocol comprising a handshake protocol;
  
  transmitting the message and the digital signature to an authentication server configured to verify authenticity of the message based at least in part on the digital signature and contingent on successful verification of the authenticity of the message, derive a pre-shared cryptographic key that is available to the client computer system and to provide the pre-shared cryptographic key;
  
  if the pre-shared cryptographic key is received from the authentication server, usingthe pre-shared cryptographic key to establish, as part of the handshake protocol, the secure communication channel with the client computer system to result in an established secure communication channel; and
  
  if the authentication server fails to provide the pre-shared cryptographic key from the authentication server, operate in accordance with the digital signature being unverified.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The computer-implemented method of claim 1, wherein using the pre-shared cryptographic key to establish the secure communication channel with the client computer system comprises deriving an encryption key in accordance with a protocol used to establish the secure communication channel and using the encryption key to transmit encrypted messages to the client computer system.
  - 3. The computer-implemented method of claim 1, wherein:
    - receiving the pre-shared key further comprises receiving, from the authentication server, a signing key; and
      
      the method further comprises using the signing key to verify a digital signature of a request received, over the established secure communication channel, from the client computer system.
  - 4. The computer-implemented method of claim 3, wherein using the pre-shared cryptographic key to establish the secure communication channel comprises using a set of additional key-derivation parameters to derive another cryptographic key from the pre-shared cryptographic key.
  - 5. The computer-implemented method of claim 1, wherein the method further comprises:
    - storing a set of policies; and
      
      determining, based at least in part on the set of policies, whether to fulfill a request received over the established secure communication channel.

6. A system, comprising a set of computing devices configured to implement at least:
- a first server that negotiates, in accordance with a handshake protocol, a secure communication channel with a client computer system by executing executable code that causes the first server to;
  
  provide a message and a digital signature received from a client computer system to a second server;
  
  if the digital signature matches the message;
  
  receive, from the second server, a pre-shared key accessible to the client computer system; and
  
  use the pre-shared key to transmit encrypted messages to the client computer system to communicate over the secure communication channel; and
  
  if the digital signature fails to match the message, operate in accordance with the digital signature being unverified.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14)
- - 7. The system of claim 6, wherein:
    - the system further comprises the second server;
      
      the second server and the client computer system both have access to a cryptographic key;
      
      the message specifies a set of key derivation parameters; and
      
      the second server is configured to derive, based at least in part on the key derivation parameters, the pre-shared key from the cryptographic key.
  - 8. The system of claim 7, wherein the second server derives the pre-shared key iteratively where output of a first iteration is calculated based at least in part on a first key derivation parameter of the set of key derivation parameters and output of a second iteration is calculated based at least in part on the output of the first iteration and a second key derivation parameter of the set of key derivation parameters.
  - 9. The system of claim 7, wherein:
    - the second server derives, based at least in part on the cryptographic key and a second set of key derivation parameters different from the set of key derivation parameters, second cryptographic key and provide the second cryptographic key with the with the pre-shared key; and
      
      the first server receives the second cryptographic key and uses the second cryptographic key to verify at least one digital signature generated by the client computer system.
  - 10. The system of claim 7, wherein:
    - the message specifies a key path, the key path specifying an order of operations to be performed in deriving the pre-shared key; and
      
      the second server derives the pre-shared key in accordance with the key path.
  - 11. The system of claim 6, wherein the handshake protocol is part of a version of transport layer security.
  - 12. The system of claim 6, wherein the pre-shared key is inaccessible to the first server until the pre-shared key is received from the second server.
  - 13. The system of claim 6, wherein the first server provides, to the second server, information sufficient to enable the second server to verify the digital signature based at least in part on multiple messages transmitted between the client computer system and the first server.
  - 14. The system of claim 6, wherein the first server digitally signs information comprising the message and the digital signature thereby generating a second digital signature verifiable by the second server.

15. A non-transitory computer-readable storage medium having stored thereon instructions that, as a result of execution by one or more processors of a computer system, cause the computer system to implement a first server that:
- negotiates, in accordance with a handshake protocol, a secure communication channel with a client computer system by at least;
  
  providing a message and a digital signature received from a client computer system to a second server;
  
  if the digital signature matches the message;
  
  receiving, from the second server, a pre-shared key accessible to the client computer system; and
  
  using the pre-shared key to transmit encrypted messages to the client computer system to communicate over the secure communication channel; and
  
  if the digital signature fails to match the message, operating in accordance with the digital signature being unverified.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer-readable storage medium of claim 15, wherein the message specifies a set of key derivation parameters usable to derive the pre-shared key from another cryptographic key.
  - 17. The non-transitory computer-readable storage medium of claim 15, wherein the instructions further cause the first server to receive, from the second server, a second cryptographic key and use the second cryptographic key to verify a digital signature.
  - 18. The non-transitory computer-readable storage medium of claim 15, wherein the message specifies a key path, the key path specifying an order of operations to be performed to derive the pre-shared key.
  - 19. The non-transitory computer-readable storage medium of claim 15, wherein the instructions are configured such that the first server lacks access to the pre-shared key at a time when the first server sends the message to the second server.
  - 20. The non-transitory computer-readable storage medium of claim 15, wherein the instructions further cause the computer system to provide, to the second server, information based at least in part on multiple messages transmitted between the client computer system and the first server, the information enabling the second server to verify the digital signature.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Roth, Gregory Branchek, Rubin, Gregory Alan
Primary Examiner(s)
Shayanfar, Ali

Application Number

US15/003,707
Publication Number

US 20160156626A1
Time in Patent Office

740 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0869   for achieving mutual authen...

H04L 63/123   received data contents, e.g...

H04L 63/166   at the transport layer

H04L 9/0861   Generation of secret inform...

H04L 9/14   using a plurality of keys o...

H04L 9/32   including means for verifyi...

H04L 9/321   involving a third party or ...

H04L 9/3247   involving digital signatures

H04L 9/3273   for mutual authentication n...

Mutual authentication with symmetric secrets and signatures

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

312 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Mutual authentication with symmetric secrets and signatures

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

312 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links