Dynamic selection of security protocol

A security protocol and protocol technology, applied in the transmission system, electrical components, etc., can solve problems such as waiting time penalty, handshake failure, etc.

Active Publication Date: 2014-11-05
MICROSOFT TECH LICENSING LLC
View PDF4 Cites 26 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, if a client capable of preemption attempts to handshake with a server that does not support preemption, the handshake will fail and the client will attempt another handshake using the standard, non-preemption protocol, incurring considerable latency punish

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Dynamic selection of security protocol
  • Dynamic selection of security protocol
  • Dynamic selection of security protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0013] review

[0014] Embodiments described herein provide techniques for a preemptively enabled client to determine whether to use a preemptively modified protocol to attempt to establish a secure connection with a server or host. The front-running modification for SSL (for example, SSL 3.0 and later) and TLS (for example, TLS 1.0, 1.1, 1.2 and later) reduces Little waiting time. However, not all servers support the protocol with the preemptive modification. When a client that supports preemption attempts to handshake with a server that does not support preemption, the handshake fails and the client retries the handshake without preemption. A first failed handshake attempt can cause increased latency in establishing a connection, thus potentially degrading the performance of a web browser or other client-side application attempting to establish a secure communication with the server. To prevent such performance degradation, embodiments enable storing information or metada...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Techniques described herein enable a client to store information indicating whether various hosts (e.g., servers, web domains) support a preferred security protocol, such as a False Start-modified TLS or SSL protocol. The client may then use this information to dynamically determine whether to use the preferred protocol when connecting to a particular host. When the client attempts a handshake to establish a secure connection with a host for the first time, the client does so using the preferred protocol. If the handshake fails, the client locally stores domain or other identifying information for the host so that the client may employ a non-preferred protocol in subsequent connection attempts. Thus, a client may avoid performance degradation caused by attempting a preferred-protocol connection with a host that does not support the preferred protocol. Stored information may include a time stamp enable periodic checks for host capability updates.

Description

Background technique [0001] Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are communication protocols that run on the application layer of the Open Systems Interconnection (OSI) model to provide secure communications between clients and servers on the Internet. In a simple SSL or TLS handshake, the client begins by sending a Client Hello (ClientHello) including the protocol version supported by the client and a random number generated at the client. The server then replies with a server hello message including the protocol version supported by the server along with a random number generated at the server. The server can then send its certificate, including its public key used for encryption, followed by a Server Hello Done message indicating that the handshake negotiation is complete. [0002] The client can then reply with a ClientKeyExchange (ClientKeyExchange) message containing the PreMasterSecret encrypted using the server's public key. The client and se...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/205H04L63/166
Inventor M.R.科克斯I.D.帕肖夫B.安德斯J.A.西尔贝拉
Owner MICROSOFT TECH LICENSING LLC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap