Unlock instant, AI-driven research and patent intelligence for your innovation.

Registration method, call method, medium and equipment to prevent renegotiation dos attack

A calling method and renegotiation technology, applied in the field of electronic communication, can solve problems such as unavailability, loss of renegotiation flexibility, waste of communication resources, etc., and achieve the effect of ensuring security, increasing difficulty and complexity, and ensuring security.

Active Publication Date: 2022-02-18
SUZHOU KEDA TECH
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The current mainstream approach is to prevent DoS (Denial of Service, denial of service attack) by configuring and disabling the renegotiation function, but this will make the features that rely on renegotiation unusable; Negotiation flexibility; or limit the rate of new incoming TLS connections and re-negotiations; and if the limit is only unilateral, and the other party does not know that there is this limit, there will be unnecessary waste of communication resources and failure to timely Prevent illegal attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Registration method, call method, medium and equipment to prevent renegotiation dos attack
  • Registration method, call method, medium and equipment to prevent renegotiation dos attack
  • Registration method, call method, medium and equipment to prevent renegotiation dos attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0043]Below, the present invention will be further described in conjunction with the accompanying drawings and specific implementation methods. It should be noted that, under the premise of not conflicting, the various embodiments described below or the technical features can be combined arbitrarily to form new embodiments. .

[0044] The present invention provides a registration method for preventing re-negotiation DoS attacks. In this embodiment, after the conference terminal to be registered actively establishes a TCP connection to the registration server, both parties complete the TLS handshake process; and then perform the registration process based on a secure TLS channel ,Such as figure 1 shown, including the following steps:

[0045] S11. The conference terminal sends a registration request to the server, wherein the registration request is configured with the field information of the TLS renegotiation time interval expected by the conference terminal; image 3 As sh...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a registration method, a calling method, a storage medium and an electronic device for preventing renegotiation DoS attacks. The present invention realizes the negotiation of the renegotiation rate by controlling the renegotiation rate and simply extending the existing SIP signaling, and allocates different renegotiation rates according to the important level of the conference, and the renegotiation rate can be updated and negotiated, and is compatible with special Under the circumstances, the emergency renegotiation feature is required and the standard video conference SIP interaction process that is compatible with the extension field of the present invention is not supported. By supporting re-negotiation to increase the difficulty and complexity of key cracking, the security of the connection is guaranteed, thereby ensuring the security of the communication content even in the case of a long-term video conference. Through the interaction of SIP signaling at the application layer, the attributes of the encryption and decryption layer are set, the renegotiation rate is controlled, and the possibility of being attacked by DoS caused by the inherent vulnerability characteristics in the video conference is solved.

Description

technical field [0001] The invention relates to the field of electronic communication, in particular to a solution, a storage medium and an electronic device for preventing possible DoS attacks caused by TLS support for renegotiation during video conferencing using the Sip protocol based on the TLS connection. Background technique [0002] The SSL / TLS (Transport Layer Security) protocol is the foundation of modern Internet security. Any important Internet applications such as online banking, e-commerce, e-government, and e-medicine must be based on the security and security provided by SSL / TLS. Confidentiality and trusted mechanisms can function normally. SSL / TLS is a protocol based on a reliable network layer protocol TCP protocol. This protocol is to generate a secure connection between the client and the server. This connection is private, reliable and the two parties can communicate. Mutual authentication of both parties. Therefore, the SSL / TLS protocol has confidentia...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04N7/15H04N21/643
Inventor 刘娜韦国华胡小鹏
Owner SUZHOU KEDA TECH