Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Having particular address related cryptography
Reexamination Certificate
2003-03-27
2008-08-05
Barron, Jr., Gilberto (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Having particular address related cryptography
Reexamination Certificate
active
07409544
ABSTRACT:
Disclosed is an authentication mechanism that provides much of the security of heavyweight authentication mechanisms, but with lower administrative and communicative overhead while at the same time not being limited to a 64-bit limit on the length of a cryptographic hash value. Removal of this limitation is achieved by increasing the cost of both address generation and brute-force attacks by the same parameterized factor while keeping the cost of address use and verification constant. The address owner computes two hash values using its public key and other parameters. The first hash value is used by the owner to derive its network address. The purpose of the second hash is to artificially increase that computational complexity of generating new addresses and, consequently, the cost of brute-force attacks. As another measure against brute-force attacks, the routing prefix (i.e., the non-node selectable portion) of the address is included in the first hash input.
REFERENCES:
patent: 5473691 (1995-12-01), Menezes et al.
patent: 5511122 (1996-04-01), Atkinson
patent: 5563998 (1996-10-01), Yakish et al.
patent: 5673319 (1997-09-01), Bellare et al.
patent: 5729608 (1998-03-01), Janson et al.
patent: 5778065 (1998-07-01), Hauser et al.
patent: 5784562 (1998-07-01), Diener
patent: 5787172 (1998-07-01), Arnold
patent: 5892904 (1999-04-01), Atkinson et al.
patent: 5903721 (1999-05-01), Sixtus et al.
patent: 5944794 (1999-08-01), Okamoto et al.
patent: 6028938 (2000-02-01), Malkis et al.
patent: 6055234 (2000-04-01), Aramaki
patent: 6055236 (2000-04-01), Nassett et al.
patent: 6088700 (2000-07-01), Larsen et al.
patent: 6101499 (2000-08-01), Ford et al.
patent: 6108673 (2000-08-01), Brandt et al.
patent: RE36946 (2000-11-01), Diffie et al.
patent: 6148405 (2000-11-01), Liao et al.
patent: 6175833 (2001-01-01), West et al.
patent: 6229806 (2001-05-01), Lockhart et al.
patent: 6237035 (2001-05-01), Himmel et al.
patent: 6247029 (2001-06-01), Kelley et al.
patent: 6367012 (2002-04-01), Atkinson et al.
patent: 6421673 (2002-07-01), Caldwell et al.
patent: 6424981 (2002-07-01), Isaac et al.
patent: 6526506 (2003-02-01), Lewis
patent: 6600823 (2003-07-01), Hayosh
patent: 6615348 (2003-09-01), Gibbs
patent: 6687755 (2004-02-01), Ford et al.
patent: 6832322 (2004-12-01), Boden et al.
patent: 6944672 (2005-09-01), Crow et al.
patent: 6957346 (2005-10-01), Kivinen et al.
patent: 7032242 (2006-04-01), Grabelsky et al.
patent: 7134019 (2006-11-01), Shelest et al.
patent: 2002/0152380 (2002-10-01), O'Shea et al.
patent: 2003/0028790 (2003-02-01), Bleumer
patent: 2003/0065934 (2003-04-01), Angelo et al.
patent: 2003/0120929 (2003-06-01), Hoffstein et al.
patent: 2003/0142823 (2003-07-01), Swander et al.
patent: 2003/0233568 (2003-12-01), Maufer et al.
patent: 2004/0008845 (2004-01-01), Le et al.
patent: 2004/0010683 (2004-01-01), Huitema
patent: 2004/0088537 (2004-05-01), Swander et al.
patent: 2004/0151322 (2004-08-01), Sovio et al.
patent: 2004/0158714 (2004-08-01), Peyravian et al.
patent: 2004/0193875 (2004-09-01), Aura
patent: 2004/0225881 (2004-11-01), Walmsley
patent: 2004/0249757 (2004-12-01), Walmsley
patent: 2006/0005014 (2006-01-01), Aura et al.
patent: 2006/0020796 (2006-01-01), Aura et al.
patent: 2006/0020807 (2006-01-01), Aura et al.
patent: 2006/0077908 (2006-04-01), Park et al.
patent: 1333635 (2003-08-01), None
patent: 2006068450 (2006-06-01), None
“Glossary for the Linux FreeS/WAN project,” (Publication Date Not Available), [34 pages].
Bassil, Alessandro; Laganier, Julien. “Towards an IPv6-based Security Framework for Distributed Storage Resources,” Communications and Multimedia Security CMS 2003, Oct. 2-3, 2003, [9 pages].
Benantar, M. “The Internet Public Key Infrastructure,” IBM Systems Journal, vol. 40, No. 3, 2001, pp. 648-665.
Cheng, P.C.; Garay, J.A; Herzberg, A.; Krawczyk, H. “A Security Architecture for the Internet Protocol,” 1998, vol. 37, No. 1, pp. 42-60.
Cheng, Pau-Chen; Garay, Juan A.; Herzberg, Amir; Krawczyk, Hugo. “Design and Implementation of Modular Key Management Protocol and IP Secure Tunnel on AIX,” Jun. 1995, [15 pages].
Cheng, PC. “An Architecture for the Internet Key Exchange Protocol,” IBM Systems Journal, vol. 40, No. 3, 2001, pp. 721-746.
Clark, David D. “IP Datagram Reassembly Algorithms,” RFC 815, Jul. 1982, [11 pages].
Higginson, Peter L.; Shand, Michael C. “Development of Router Clusters to Provide Fast Failover in IP Networks,” Digital Technical Journal vol. 9 No. 3, 1997, pp. 32-41.
Kent et al. “IP Encapsulating Security Payload (ESP),” The Internet Society, RFC 2406, Nov. 1998, [34 pages].
Koskiahde, Timo. “Security in Mobile IPv6,” Apr. 18, 2002, pp. 1-14.
Maughan et al. “Internet Security Association and Key Management Protocol (ISAKMP),” The Internet Society, RFC 2408, Nov. 1998, [141 pages].
Shannon, Colleen; Moore, David; Claffy, K. “Characteristics of Fragmented IP Traffic on Internet Links,” Internet Measurement Conference. 2001, pp. 83-97.
Aura, T. “Cryptographically Generated Addresses (CGA),” RFC 3972, Mar. 2005, [21 pages].
Kaufman, C. “Internet Key Exchange (IKEv2) Protocol,” RFC 4306, Dec. 2005, [93 pages].
Link, B., Hager, T. and Flaks J. “RTP Payload Format for AC-3 Audio,” RFC 4148, Oct. 2005, [13 pages].
Nir, Y. “Repeated Authentication in Internet Key Exchange (IKEv2) Protocol,” RFC 4478, Apr. 2006, [5 pages].
Snapschout, JLA Van De. “The sliding window protocol revisited,” Formal Aspects of Computing vol. 7, pp. 3-17, 1995.
Tannenbaum, AS. “Computer Networks”, Chapter 4, Prentice-Hall, 1989, [76 page}.
Laganier, J. “Using IKE with IPv6 Cryptographically Generated Address,” Network Working Group, Internet-Draft. Feb. 24, 2003, pp. 1-14.
Thomson et al., IPv6 Stateless Address Autoconfiguration, RFC 1971 (Aug. 1996) 22 pgs downloaded from: http://www.ietf.org/rfc1971.txt; on Apr. 11, 2006.
Nordmark, “Allocating bit in IID for Mobile IPv6”, Mar. 2002, [accessed May 29, 2005 from http://www.ietf.org/proceedings/02mar/slides/ipv6-13.pdf], 8 pgs.
Nordmark, “Reserving Space in the Interface ID”, from Mar. 2002 [accessed May 29, 2005 from http://www.ietf.org/proceedings/02mar/slides/ipv6-14.pdf], 6 pgs.
IETF Proceedings, “Security and Mobile IPv6”, Mar. 2001 [accessed May 29, 2005 from http://www.ietf.org/proceedings/01mar/slides/mobileip-9], 1 pg.
Kempf et al., “Threat Analysis for IPv6 Public Multi-Access Links”, draft-kempf-ipng-netaccess-threats-00.txt, Nov. 2001, 7 pgs.
Nikander et al., “Threat Models introduced by Mobile IPv6 and requirements for Security in Mobile IPv6”, draft-team-mobileip-mipv6-sec-reqts-00.txt, Jul. 12, 2001, 28 pgs.
Thomas, “Binding Updates Security”, draft-thomas-mobileip-bu-sec-00.txt, Nov. 2, 2001, 13 pgs.
Nikander et al., Binding Authentication Key Establishment Protocol for Mobile IPv6, draft-perkins-bake-01.txt, Jul. 2, 2001, 42 pgs.
Aura, Tuomas, Cryptographically Generated Addresses (CGA), Microsoft Research, Roger Needham Bldg, Cambridge CB3 OFB, UK.
Gehrmann, Christian, Mitchell, Chris J., Nyberg, Kaisa, “Manual Authentication for Wireless Devices”, Jan. 23, 2004, pp. 1-9.
McCune, Jonathan M., Perrig, Adrian, Reiter, Michael K., “Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication”, School of Computer Science, Carnegie Mellon Unversity, Nov. 2004, CMU-CS-04-174, pp. 1-20.
Balfanz, Dirk, Smetters, Paul Stewart, Wong, Chi H., “Talking to Strangers: Authentication in Ad-Hoc WIreless Networks”, Xerox Palo Alto Research Center. 13 pgs.
Anderson, Ross, Stajano, Frank, Lee, Jong-Hyeon, “Security Policies”, 43 pgs.
Intel Technology Journal, “Interoperable Home Infrastructure”, vol. 6, Issue 4, Published Nov. 15, 2002, ISSN 1535-766X, 78 pgs.
Final OA issued in U.S. Appl
Barron Jr. Gilberto
Merchant & Gould P.C.
Microsoft Corporation
Sandoval Kristin D
LandOfFree
Methods and systems for authenticating messages does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Methods and systems for authenticating messages, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Methods and systems for authenticating messages will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4002089