WO1999025093A2 - Secure handshake protocol - Google Patents
Secure handshake protocol Download PDFInfo
- Publication number
- WO1999025093A2 WO1999025093A2 PCT/FI1998/000869 FI9800869W WO9925093A2 WO 1999025093 A2 WO1999025093 A2 WO 1999025093A2 FI 9800869 W FI9800869 W FI 9800869W WO 9925093 A2 WO9925093 A2 WO 9925093A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- party
- message
- certificate
- inter
- indicating
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/069—Authentication using certificates or pre-shared keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
Definitions
- the present invention relates in general to a secure handshake protocol for telecommunications networks. More particularly, the invention re- lates to a method and an apparatus for providing secure handshake between call parties with minimal overhead before actual data transmission.
- TLS Transport Layer Security
- a TLS-type protocol comprises several layers, such as: Upper layer protocols Handshake protocol/Alert protocol/Application protocol
- Figure 1 is based on section 7.3 of said TLS draft protocol, and it illustrates a prior art handshake method.
- parties A and B are also referred to as “client” and “server”, respectively.
- client hello message comprises a list of cipher suites and compres- sion methods supported by the client. Additionally, the message may also comprise a time stamp.
- server B selects a cipher suite and a compression method. (Optionally, B may also check the timestamp to make sure that the message is not an old message being retransmitted.)
- step 13 the server B responds with a server hello message.
- the client hello and server hello messages 11 and 13 establish security between the parties, typically by establishing the following attributes: protocol version, session ID, cipher suite and compression method.
- the server B sends its own certificate C B to the client A and it requests the client A to send its client certificate C A to the server B.
- the client A verifies B's certificate and obtains B's public key E B .
- the client A sends B a finished message, indicating that A has been able to verify B's identity. Additionally, A sends its own certificate C A to B.
- B uses C A to obtain A's public key E A .
- step 17 B sends its own finished message to the client A.
- each party In connection with verifying its peer's identity, each party independently calculates a shared secret key for this session. Now both parties have exchanged keys, agreed on a cipher suite/compression method and verified the identity of the other party.
- the client A can start transmitting application data.
- An essential component in the above protocol are the certificates C A and C B .
- each party can verify its peer's identity.
- a certificate comprises at least its owner's identity (A/B) and public key(s) (E A /E B ), period of validity, the issuer of the certificate and the issuer's digital signature. It may also comprise the rights granted to its owner.
- a suitable mechanism for digital signatures is a reversal of public-key encryption: the issuer signs the certificate with its private key and whoever wants to verify the certificate, does so by using the issuer's public key.
- a suitable structure for a certificate is specified in ISO standard X.509.
- Fig. 1 A problem with this prior art handshake protocol is the high overhead required. As seen in Fig. 1 , the actual data transmission does not begin until step 15, or after four messages have been transmitted between the parties. In a wireless multiple access system, where the parties A and B are separated by an air interface Urn and a public land based mobile network PLMN, the actual messaging is much more complicated than the one shown in Fig. 1. This is because Fig. 1 only shows the actual messages and omits (for clarity) the resource reservation and release steps which are routine for a person skilled in the art, but which are nevertheless indispensable.
- the invention is applicable to telecommunication systems with a slow and/or unreliable transmission channel acting as a bottleneck between the parties.
- Figure 1 shows a signalling diagram illustrating a prior art handshake protocol
- Figure 2 is a combination wherein the bottom portion is an inter- leaved signalling diagram/flowchart illustrating an embodiment of the invention and the top portion is a block diagram showing how the inventive functionality can be mapped to various network elements.
- FIG. 2 An embodiment of the invention will be de- scribed.
- the lower portion of Fig. 2 is an interleaved signalling diagram/flowchart illustrating an embodiment of the invention.
- the upper portion of Fig. 2 is an associated block diagram, illustrating a possible mapping between call parties and physical network elements.
- step 21 the client A sends a first inter-party message comprising all the elements of the message of step 11.
- An inter-party message is a message from A to B or vice versa.
- the message of step 21 comprises an identifier ID A of the client A, and encryption parameters (such as random numbers and/or initialisation vectors) if required by any of the indicated cipher suites.
- the identifier ID A will be studied later in more detail.
- the server B selects a cipher suite. Preferably, it also checks the timestamp of the message sent by A.
- step 23 instead of requesting A's certificate C A from A itself, the server B uses the ID A sent by A to retrieve A's certificate C A from a certificate store CS.
- the connection between B and CS should be significantly faster than the air inter- face Um.
- the trustee CS returns A's certificate C A .
- B can also maintain a local memory MEM of certificates and omit the inquiry to CS if A's certificate is found in the local memory.
- step 25 verifies C A , obtains A's public key E A and calculates the shared secret key.
- B sends a second inter-party message to A.
- the second inter-party message comprises B's certificate C B . It also indicates that B has been able to verify A's certificate.
- step 27 A verifies B's certificate C B , obtains B's public key E B and calculates the shared secret key.
- step 28 A sends B a third inter-party message comprising a fin- ished message which indicates that it has been able to verify B's certificate.
- Fig. 2 only shows what happens when the handshake is successful, i.e. both parties act according to the protocol. If a departure from the protocol is detected, this is usually a fatal error and the handshake terminates.
- the last inter-party message (comprising the finished message in step 28) points from A to B. This is in marked contrast to the prior art handshake shown in Fig. 1.
- An advantage of this property of the invention is that application data can be concatenated with the third inter-party message in step 28.
- the effective overhead of the handshake protocol according to the invention is only two inter-party messages, compared to an overhead of four messages in the prior art handshake. In order to achieve this, an appropriate key exchange mechanism must be used.
- Suitable key exchange algorithms include Diffie-Hellman (DH) with fixed parameters certified with Digital Signature Algorithm (DSA).
- the DH algorithm can be found in most textbooks on cryptography. Additionally, the original Diffie-Hellman algorithm (DH) is described in US Patent 4 200 770 and the Digital Signature Algorithm (DSA) is a U.S. standard and a de facto international standard.
- Another good combination is Elliptic Curve Diffie-Hellman (ECDH) with fixed parameters certified with Elliptic Curve Digital Signature Algorithm (ECDSA).
- ECDH Elliptic Curve Diffie-Hellman
- ECDSA Elliptic Curve Digital Signature Algorithm
- the difference between standard DH and ECDH is only different mathematics in obtaining and using encryption and decryption keys. Such differences are not essential to the invention.
- RSA Raster-Shamir-Adlemann
- ECES Elliptic Curve Encryption Scheme
- a server key exchange takes place as follows. B generates a random number, which is a pre-master secret, encrypts it with A's public key, and sends the result to A. Thus the message in step 26 would comprise ServerHello, C B , ServerKeyExchange, Finished. Now A decrypts this pre-master secret.
- This server key exchange procedure resembles a mirror image of the one used in TLS, whereby the handshake can still be accom- pushed with two messages over the air interface.
- the handshake method described above uses public keys. As is well known, public-key cryptography is much slower than symmetric cryptography. Therefore, it is preferable to use the public-key handshake only for exchanging parameters which are used for computing a shared key for symmet- ric cryptography, such as DES.
- the parameters (random numbers) sent in message 21 can be used for this purpose.
- the inventive handshake somewhat limits the available key-exchange mechanisms during the handshake phase, the invention does not limit the available mechanisms used for the actual data transmission. In other words, the invention does not limit the choices available for symmetric cryptography, although it requires that the parameters for the symmetric cryptography first used are exchanged by using a key-exchange mechanism with fixed parameters.
- the encryption parameters sent in message 21 (and 26) can be combined with private keys to create pre-master secrets which in turn are used to create master secrets, etc.
- a separate message can be concatenated. This separate message can be used for changing the selected cryptography mechanism.
- the identifier ID A of client A should be unique to each A. Suitable identifiers are e.g. a network number, such as MSISDN or an X.509 number.
- the 1D A is not protected by the handshake protocol proper, although it may be protected by a lower level protocol. Therefore, it is preferable to create the 1D A using a one-way function, such as a hash function.
- One-way functions are functions that are much easier (at least by several orders of magnitude) to perform in one direction than in the reverse direction. Examples of one-way functions are multiplying large prime numbers, discrete exponentiation, elliptical functions and hash functions.
- the advantage of one-way functions is that they hide the identity of A from possible eavesdroppers. As is well known, hash functions reduce information. Hashed numbers are thus not necessarily unique. However, a good combination is achieved by using a hash of the cli- ent's public key E A and assigning public keys such that they do not produce identical hash values.
- the upper portion of Fig. 2 shows how the functionality of the invention can be mapped to various network elements.
- the invention can be used in a wireless communication system, such as a mobile communications system.
- the client A can be a mobile station MS, possibly having a portable computer PC connected or integrated thereto.
- the server B can be a computer B' providing financial services, or granting access to confidential information, etc.
- a and B can communicate over an air interface Um and via a pub- lie land based mobile network PLMN, possibly also via a public switched mobile network PSTN.
- the trustee CS could be implemented in one of the registers of the PLMN, such as a home location register (HLR), or a GPRS register GR.
- the trustee services can be implemented as disclosed in said ISO standard X.509.
- B can maintain a local memory MEM of certificates and omit the inquiry to CS if A's certificate is found in the local memory.
- B can e.g. be connected to a local area network and the certificates of all the clients A are maintained over the local area network.
- a local memory MEM can also be used as a cache memory for storing recently used certificates. In real-time applications, if a certificate is revoked, the computer B' must be informed and it must also delete the revoked certificate from its cache.
- An important advantage of the invention is that the overhead over the slow communications channel, such as the air interface, can be halved compared to prior art protocols.
- Another advantage is that the client's certificate C A does not have to stored in the client itself. Since the client A is typically a mobile station, its memory capacity is limited. This also reduces the information gained by dishonest third parties in case the client hardware gets lost or stolen, or is used by unauthorised persons. Also, because the client's certificate C A is not transmitted over the air interface, less information is leaked to possible eavesdroppers.
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU10359/99A AU1035999A (en) | 1997-11-10 | 1998-11-10 | Secure handshake protocol |
US09/554,112 US6931528B1 (en) | 1997-11-10 | 1998-11-10 | Secure handshake protocol |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FI974186 | 1997-11-10 | ||
FI974186A FI104666B (en) | 1997-11-10 | 1997-11-10 | Secure handshake protocol |
Publications (2)
Publication Number | Publication Date |
---|---|
WO1999025093A2 true WO1999025093A2 (en) | 1999-05-20 |
WO1999025093A3 WO1999025093A3 (en) | 1999-07-29 |
Family
ID=8549905
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/FI1998/000869 WO1999025093A2 (en) | 1997-11-10 | 1998-11-10 | Secure handshake protocol |
Country Status (5)
Country | Link |
---|---|
US (1) | US6931528B1 (en) |
AU (1) | AU1035999A (en) |
FI (1) | FI104666B (en) |
TW (1) | TW380346B (en) |
WO (1) | WO1999025093A2 (en) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1158826A2 (en) * | 2000-05-24 | 2001-11-28 | Nokia Mobile Phones Ltd. | Method for processing location information relating to a terminal connected to a packet network via a cellular network |
DE10025271A1 (en) * | 2000-05-22 | 2001-11-29 | Siemens Ag | Method for establishing a connection between a terminal and a serving cellular network, cellular network and terminal therefor |
WO2002011362A1 (en) * | 2000-08-01 | 2002-02-07 | Nokia Corporation | Data transmission method, user equipment and gprs/edge radio access network |
US6915124B1 (en) * | 1999-10-01 | 2005-07-05 | Telefonaktiebolaget L M Ericsson (Publ) | Method and apparatus for executing secure data transfer in a wireless network |
US7311246B2 (en) | 2004-11-26 | 2007-12-25 | Sony Corporation | Method and system for transmitting electronic value information |
WO2008048836A1 (en) * | 2006-10-13 | 2008-04-24 | Microsoft Corporation | Upnp authentication and authorization |
US7382882B1 (en) | 1998-07-03 | 2008-06-03 | Nokia Corporation | Secure session set up based on the wireless application protocol |
WO2010022650A1 (en) * | 2008-08-29 | 2010-03-04 | 华为技术有限公司 | Clock synchronization method, device and system |
Families Citing this family (24)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7131006B1 (en) * | 1999-11-15 | 2006-10-31 | Verizon Laboratories Inc. | Cryptographic techniques for a communications network |
US7519737B2 (en) * | 2000-07-07 | 2009-04-14 | Schneider Automation Inc. | Input/output (I/O) scanner for a control system with peer determination |
US7327846B1 (en) * | 2000-09-05 | 2008-02-05 | Chung Nan Chang | Secure cryptographic key exchange and verifiable digital signature |
GB0309182D0 (en) | 2003-04-23 | 2003-05-28 | Hewlett Packard Development Co | Security method and apparatus using biometric data |
US20050005136A1 (en) * | 2003-04-23 | 2005-01-06 | Liqun Chen | Security method and apparatus using biometric data |
US20040117626A1 (en) * | 2003-09-12 | 2004-06-17 | Pioneer Research Center Usa, Inc. | Key exchange based on dsa type certificates |
US20050141706A1 (en) * | 2003-12-31 | 2005-06-30 | Regli William C. | System and method for secure ad hoc mobile communications and applications |
KR101346734B1 (en) | 2006-05-12 | 2014-01-03 | 삼성전자주식회사 | Multi certificate revocation list support method and apparatus for digital rights management |
US8099459B2 (en) * | 2006-06-23 | 2012-01-17 | Microsoft Corporation | Content feedback for authors of web syndications |
US8145532B2 (en) | 2006-06-27 | 2012-03-27 | Microsoft Corporation | Connecting devices to a media sharing service |
US9055107B2 (en) * | 2006-12-01 | 2015-06-09 | Microsoft Technology Licensing, Llc | Authentication delegation based on re-verification of cryptographic evidence |
TW200922256A (en) * | 2007-11-06 | 2009-05-16 | Nat Univ Tsing Hua | Method for reconfiguring security mechanism of a wireless network and the mobile node and network node thereof |
CN101459506B (en) * | 2007-12-14 | 2011-09-14 | 华为技术有限公司 | Cipher key negotiation method, system, customer terminal and server for cipher key negotiation |
US8321662B2 (en) | 2008-05-08 | 2012-11-27 | International Business Machines Corporation | Certificate renewal using secure handshake |
US8862874B2 (en) * | 2008-05-09 | 2014-10-14 | International Business Machines Corporation | Certificate distribution using secure handshake |
US8239670B1 (en) * | 2008-05-13 | 2012-08-07 | Adobe Systems Incorporated | Multi-aspect identifier in network protocol handshake |
US8645695B2 (en) * | 2009-10-07 | 2014-02-04 | Blackberry Limited | System and method for managing security key architecture in multiple security contexts of a network environment |
US10657519B2 (en) * | 2013-10-22 | 2020-05-19 | Accenture Global Services Limited | Facilitating secure transactions using a contactless interface |
US10412098B2 (en) | 2015-12-11 | 2019-09-10 | Amazon Technologies, Inc. | Signed envelope encryption |
US9705859B2 (en) * | 2015-12-11 | 2017-07-11 | Amazon Technologies, Inc. | Key exchange through partially trusted third party |
US9699655B1 (en) * | 2016-02-23 | 2017-07-04 | T-Mobile Usa, Inc. | Cellular device authentication |
US10545940B2 (en) * | 2017-02-22 | 2020-01-28 | Red Hat, Inc. | Supporting secure layer extensions for communication protocols |
JP7431382B2 (en) * | 2020-10-01 | 2024-02-14 | オボーレン システムズ, インコーポレイテッド | Exclusive self-escrow methods and equipment |
US11669887B1 (en) * | 2022-05-27 | 2023-06-06 | InstaProtek Inc. | Learning engine-based navigation system |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0532231A2 (en) * | 1991-09-13 | 1993-03-17 | AT&T Corp. | Service provision authentication protocol |
US5371794A (en) * | 1993-11-02 | 1994-12-06 | Sun Microsystems, Inc. | Method and apparatus for privacy and authentication in wireless networks |
US5638446A (en) * | 1995-08-28 | 1997-06-10 | Bell Communications Research, Inc. | Method for the secure distribution of electronic files in a distributed environment |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5196840A (en) * | 1990-11-05 | 1993-03-23 | International Business Machines Corporation | Secure communications system for remotely located computers |
US5588060A (en) * | 1994-06-10 | 1996-12-24 | Sun Microsystems, Inc. | Method and apparatus for a key-management scheme for internet protocols |
US5657390A (en) * | 1995-08-25 | 1997-08-12 | Netscape Communications Corporation | Secure socket layer application program apparatus and method |
US5949882A (en) * | 1996-12-13 | 1999-09-07 | Compaq Computer Corporation | Method and apparatus for allowing access to secured computer resources by utilzing a password and an external encryption algorithm |
US6081900A (en) * | 1999-03-16 | 2000-06-27 | Novell, Inc. | Secure intranet access |
US6826690B1 (en) * | 1999-11-08 | 2004-11-30 | International Business Machines Corporation | Using device certificates for automated authentication of communicating devices |
US8015600B2 (en) * | 2000-12-22 | 2011-09-06 | Oracle International Corporation | Employing electronic certificate workflows |
US7415607B2 (en) * | 2000-12-22 | 2008-08-19 | Oracle International Corporation | Obtaining and maintaining real time certificate status |
GB0311621D0 (en) * | 2003-05-20 | 2003-06-25 | Nokia Corp | A system for crytographical authentication |
-
1997
- 1997-11-10 FI FI974186A patent/FI104666B/en not_active IP Right Cessation
- 1997-11-13 TW TW086116920A patent/TW380346B/en not_active IP Right Cessation
-
1998
- 1998-11-10 AU AU10359/99A patent/AU1035999A/en not_active Abandoned
- 1998-11-10 WO PCT/FI1998/000869 patent/WO1999025093A2/en active Application Filing
- 1998-11-10 US US09/554,112 patent/US6931528B1/en not_active Expired - Lifetime
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0532231A2 (en) * | 1991-09-13 | 1993-03-17 | AT&T Corp. | Service provision authentication protocol |
US5371794A (en) * | 1993-11-02 | 1994-12-06 | Sun Microsystems, Inc. | Method and apparatus for privacy and authentication in wireless networks |
US5638446A (en) * | 1995-08-28 | 1997-06-10 | Bell Communications Research, Inc. | Method for the secure distribution of electronic files in a distributed environment |
Non-Patent Citations (1)
Title |
---|
IEEE NETWORK, Sept. 1997, CHANG-SEOP PARK, "On Certificate-Based Security Protocols for Wireless Mobile Communication Systems", pages 50-55. * |
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7382882B1 (en) | 1998-07-03 | 2008-06-03 | Nokia Corporation | Secure session set up based on the wireless application protocol |
US6915124B1 (en) * | 1999-10-01 | 2005-07-05 | Telefonaktiebolaget L M Ericsson (Publ) | Method and apparatus for executing secure data transfer in a wireless network |
DE10025271A1 (en) * | 2000-05-22 | 2001-11-29 | Siemens Ag | Method for establishing a connection between a terminal and a serving cellular network, cellular network and terminal therefor |
US7620183B2 (en) * | 2000-05-22 | 2009-11-17 | Siemens Aktiengesellschaft | Method for establishing a connection between a terminal and an operating mobile radio network, mobile radio network and terminal used in such a method |
EP1158826A3 (en) * | 2000-05-24 | 2003-05-07 | Nokia Corporation | Method for processing location information relating to a terminal connected to a packet network via a cellular network |
EP1158826A2 (en) * | 2000-05-24 | 2001-11-28 | Nokia Mobile Phones Ltd. | Method for processing location information relating to a terminal connected to a packet network via a cellular network |
US8781123B2 (en) | 2000-05-24 | 2014-07-15 | Nokia Corporation | Method for processing location information relating to a terminal connected to a packet network via a cellular network |
JP4750346B2 (en) * | 2000-08-01 | 2011-08-17 | ノキア コーポレイション | Data transmission method, user equipment, and GPRS / EDGE radio access network |
WO2002011362A1 (en) * | 2000-08-01 | 2002-02-07 | Nokia Corporation | Data transmission method, user equipment and gprs/edge radio access network |
US7734049B2 (en) | 2000-08-01 | 2010-06-08 | Nokia Corporation | Data transmission method, user equipment and GPRS/EDGE radio access network |
US7311246B2 (en) | 2004-11-26 | 2007-12-25 | Sony Corporation | Method and system for transmitting electronic value information |
WO2008048836A1 (en) * | 2006-10-13 | 2008-04-24 | Microsoft Corporation | Upnp authentication and authorization |
US7882356B2 (en) | 2006-10-13 | 2011-02-01 | Microsoft Corporation | UPnP authentication and authorization |
WO2010022650A1 (en) * | 2008-08-29 | 2010-03-04 | 华为技术有限公司 | Clock synchronization method, device and system |
Also Published As
Publication number | Publication date |
---|---|
FI974186A (en) | 1999-05-11 |
WO1999025093A3 (en) | 1999-07-29 |
US6931528B1 (en) | 2005-08-16 |
AU1035999A (en) | 1999-05-31 |
FI104666B (en) | 2000-04-14 |
TW380346B (en) | 2000-01-21 |
FI974186A0 (en) | 1997-11-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6931528B1 (en) | Secure handshake protocol | |
US7542569B1 (en) | Security of data connections | |
US7020778B1 (en) | Method for issuing an electronic identity | |
CN101459506B (en) | Cipher key negotiation method, system, customer terminal and server for cipher key negotiation | |
EP1128597B1 (en) | Method and arrangement in a communication network | |
JP4709815B2 (en) | Authentication method and apparatus | |
US8515078B2 (en) | Mass subscriber management | |
US7707412B2 (en) | Linked authentication protocols | |
KR100832893B1 (en) | A method for the access of the mobile terminal to the WLAN and for the data communication via the wireless link securely | |
US8122250B2 (en) | Authentication in data communication | |
EP1394982B1 (en) | Methods and apparatus for secure data communication links | |
US7979707B2 (en) | Secure seed generation protocol | |
US20030210789A1 (en) | Data transmission links | |
JP2012110009A (en) | Methods and arrangements for secure linking of entity authentication and ciphering key generation | |
GB2404126A (en) | Secure communications using a secret key valid for a certain period and verified using a time stamp | |
JP2005515701A6 (en) | Data transmission link | |
WO2003032575A2 (en) | Method and system for providing client privacy when requesting content from a public server | |
KR20010108150A (en) | Authentication enforcement using decryption and authentication in a single transaction in a secure microprocessor | |
US20120226909A1 (en) | Method of Configuring a Node, Related Node and Configuration Server | |
KR100401063B1 (en) | the method and the system for passward based key change | |
Godfrey | A Comparison of Security Protocols in a Wireless Network Environment | |
CN114531235B (en) | Communication method and system for end-to-end encryption | |
JP2003338812A (en) | Encryption system | |
Wang | Security issues to tele-medicine system design | |
EP1480374B1 (en) | Access authentication |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A2 Designated state(s): AL AM AT AT AU AZ BA BB BG BR BY CA CH CN CU CZ CZ DE DE DK DK EE EE ES FI FI GB GD GE GH GM HR HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SK SL TJ TM TR TT UA UG US UZ VN YU ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
AK | Designated states |
Kind code of ref document: A3 Designated state(s): AL AM AT AT AU AZ BA BB BG BR BY CA CH CN CU CZ CZ DE DE DK DK EE EE ES FI FI GB GD GE GH GM HR HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SK SL TJ TM TR TT UA UG US UZ VN YU ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A3 Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
NENP | Non-entry into the national phase |
Ref country code: KR |
|
WWE | Wipo information: entry into national phase |
Ref document number: 09554112 Country of ref document: US |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
122 | Ep: pct application non-entry in european phase | ||
NENP | Non-entry into the national phase |
Ref country code: CA |