Unlock instant, AI-driven research and patent intelligence for your innovation.
Method for encrypting channels and simplified method and system for encrypting channels based on HTTP (hyper text transport protocol)
What is Al technical title?
Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
A session key and master key technology, applied in the field of communication, can solve the problems of inconsistent TLS implementation specifications, inability to guarantee encryption strength and quality of implementation, unstable TLS channel support, etc., to achieve the effect of separation
Active Publication Date: 2014-04-09
BEIJING RYTONG INFORMATION TECH
View PDF4 Cites 0 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
[0002] In the prior art, TLS is usually used directly to establish an encrypted channel between the client and the server, and then the HTTP protocol is used to transmit content over the TLS channel. However, the client's local TLS implementation specifications are not uniform, and the encryption strength and implementation quality cannot be guaranteed. And the WAP gateways of mobile operators in some areas support unstable TLS channel establishment
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Image
Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
Click on the blue label to locate the original text in one second.
Reading with bidirectional positioning of images and text.
Smart Image
Examples
Experimental program
Comparison scheme
Effect test
Embodiment 1
[0018] Such as figure 1 As shown, the present embodiment provides a method for generating a session key based on HTTP, the method comprising:
[0019] The client sends to the server ClientHello S101 including the client protocol version, client timestamp, client random number, session, and supported encryption algorithm set.
[0020] The server receives the ClientHello sent by the client, establishes a session, stores the client timestamp and the random number of the client, selects an encryption algorithm for this session according to the supported algorithm set, and sends a message containing the server protocol version to the client. number, server timestamp, server random number, server session, specified encryption algorithm for this session, and ServerHello S102 of the server public key certificate.
[0021] The client receives the ServerHello, generates the ClientKeyExchange, the client pre-master key PMS, the client master key MS and the client channel verification Fi...
Embodiment 2
[0065] Such as Figure 4 As shown, the present invention provides a method for generating a session key based on HTTP, the method comprising:
[0066] The client uses the server domain name to obtain the tuple {ServerDNS, ServerCertificate, RNS2, CertificateRequest.flag} from the local cache; generate PMS, client authentication channel Finished message and include client protocol version, client timestamp, client random number, Session, supported encryption algorithm set and ClientHello of server certificate serial number; use RNS2 as RNS; encrypt the tuple {PMS, server timestamp, server random number, extended domain} contained in ClientKeyExchange, send ClientHello, ClientKeyExchange to the server, ChangeCipherSpe and client verification channel Finished information S401.
[0067] The server establishes a session, selects the encryption algorithm of this session according to the supported encryption set, and verifies the validity of the certificate according to the serial n...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More
PUM
Login to View More
Abstract
The invention provides a method and system for producing session key based on an HTTP (hyper text transport protocol). The method for encrypting channels comprises the following steps: a client sends a handshake message to a server; the server generates a response and sends the response to the client; the client generates and sends a client key exchange message, a confirmed encryption algorithm set and a client channel verification message to the server; the server generates and sends a server key exchange message, a confirmed encryption algorithm set, a confirmed key transmission safety level and a server channel verification message to the client; and the client decrypts the server key exchange message according to the encryption algorithm set of the session, verifies the signature, generates the keys of the session and stores the session random number in the local cache for use in the subsequent simplified method for encrypting channels. By using the invention, encrypted channels can be built at any time in any HTTP service flow, thus realizing separation of channel encryption and identity authentication.
Description
technical field [0001] The present invention relates to communication technology, in particular to channel encryption technology, in particular to a method and system for generating a session key based on HTTP. Background technique [0002] In the existing technology, TLS is usually used to establish an encrypted channel directly between the client and the server, and then the HTTP protocol is used to transmit content over the TLS channel. However, the client's local TLS implementation specifications are not uniform, and the encryption strength and implementation quality cannot be guaranteed. And the WAP gateways of mobile operators in some areas support unstable TLS channel establishment. The HTTP protocol is well supported in almost all network devices (including routers, switches, firewalls, WAP gateways, etc.), so we hope to establish a channel encryption method on top of HTTP, allowing both parties to use the HTTP protocol to reach a session key and encrypt the content...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.
Login to View More 
Login to View More