Method for encrypting channels and simplified method and system for encrypting channels based on HTTP (hyper text transport protocol)

An encryption method and encryption algorithm technology, applied in the field of communication, can solve the problems of inconsistent TLS implementation specifications, unstable TLS channel support, inability to guarantee encryption strength and implementation quality, and achieve the effect of separation

Active Publication Date: 2011-06-01
BEIJING RYTONG INFORMATION TECH
View PDF4 Cites 27 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] In the prior art, TLS is usually used directly to establish an encrypted channel between the client and the server, and then the HTTP protocol is used to transmit content over the TLS channel. However, the client's local

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for encrypting channels and simplified method and system for encrypting channels based on HTTP (hyper text transport protocol)
  • Method for encrypting channels and simplified method and system for encrypting channels based on HTTP (hyper text transport protocol)
  • Method for encrypting channels and simplified method and system for encrypting channels based on HTTP (hyper text transport protocol)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0018] Such as figure 1 As shown, the present embodiment provides an HTTP-based channel encryption method, the method comprising:

[0019] The client sends ClientHelloS101 to the server, including the client protocol version, client timestamp, client random number, session, and supported encryption algorithm set.

[0020] The server receives the ClientHello sent by the client, establishes a session, stores the client timestamp and the random number of the client, selects an encryption algorithm for this session according to the supported algorithm set, and sends a message containing the server protocol version to the client. number, server timestamp, server random number, server session, specified encryption algorithm for this session, and ServerHello S102 of the server public key certificate.

[0021] Described client receives described ServerHello, generates ClientKeyExchange, client pre-master key PMS, client master key MS and client channel verification Finished message a...

Embodiment 2

[0065] Such as Figure 4 As shown, the present invention provides a kind of simplified encryption method based on HTTP channel, and this method comprises:

[0066] The client uses the server domain name to obtain the tuple {ServerDNS, ServerCertificate, RNS2, CertificateRequest.flag} from the local cache; generate PMS, client authentication channel Finished message and include client protocol version, client timestamp, client random number, Session, supported encryption algorithm set and ClientHello of server certificate serial number; use RNS2 as RNS; encrypt the tuple {PMS, server timestamp, server random number, extended domain} contained in ClientKeyExchange, send ClientHello, ClientKeyExchange to the server, ChangeCipherSpe and client verification channel Finished information S401.

[0067] The server establishes a session, selects the encryption algorithm of this session according to the supported encryption set, and verifies the validity of the certificate according to...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method and system for producing session key based on an HTTP (hyper text transport protocol). The method for encrypting channels comprises the following steps: a client sends a handshake message to a server; the server generates a response and sends the response to the client; the client generates and sends a client key exchange message, a confirmed encryption algorithm set and a client channel verification message to the server; the server generates and sends a server key exchange message, a confirmed encryption algorithm set, a confirmed key transmission safety level and a server channel verification message to the client; and the client decrypts the server key exchange message according to the encryption algorithm set of the session, verifies the signature, generates the keys of the session and stores the session random number in the local cache for use in the subsequent simplified method for encrypting channels. By using the invention, encrypted channels can be built at any time in any HTTP service flow, thus realizing separation of channel encryption and identity authentication.

Description

technical field [0001] The present invention relates to communication technology, in particular to channel encryption technology, in particular to an HTTP-based channel encryption method, simplified channel encryption method and system. Background technique [0002] In the existing technology, TLS is usually used to establish an encrypted channel directly between the client and the server, and then the HTTP protocol is used to transmit content over the TLS channel. However, the client's local TLS implementation specifications are not uniform, and the encryption strength and implementation quality cannot be guaranteed. And the WAP gateways of mobile operators in some areas support unstable TLS channel establishment. The HTTP protocol is very well supported in almost all network devices (including routers, switches, firewalls, WAP gateways, etc.), so we hope to establish a channel encryption method on top of HTTP, allowing both parties to use the HTTP protocol to reach a sessi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08
Inventor 梁建增俞浩波
Owner BEIJING RYTONG INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap