Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
1998-12-01
2002-06-04
Peeso, Thomas R. (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S170000, C713S171000, C713S176000
Reexamination Certificate
active
06401204
ABSTRACT:
BACKGROUND OF THE INVENTION
Given a communication between communication participants, it is necessary in many technical fields to secure the communication of the participants against any and all misuse with cryptographic methods. The expense that is required for a cryptographic securing of the entire communication is thereby dependent on the respective application. In private calls, for example, it is thus not especially significant under certain circumstances that all crytographically possible security measures be undertaken for securing the communication. Given communication with extremely confidential content, however, a very strict securing of the communication is, for example, of considerable significance.
The selection of security services, security mechanisms, security algorithms and security parameters for securing the communication is referred to as security policy that is adhered to during the communication between communication partners.
Since, however, the security needs and, connected therewith, the security policy differs from communication session to communication session and from application to application and since the communication participants do not in fact have all cryptographic methods available to them, serious discrepancies in the required or, respectively, possible security policy that is supported by the respective computer unit of the communication partner and can thus be assured can arise given frequently changing communication partners.
It is required that a uniform security policy for the respective communication is defined in every communication session within a group that participates in a communication session.
The problem arises in many different application protocols that are described, for example, in MMC overview article, for example CMAP, CDAP, etc., that different application protocols of the same or different computer units required a different security policy. Separate, specific cryptographic codes for the respective application protocol are also potentially required for a logical connection of the respective application protocol between two computer units. Since different application protocols can be implemented on one computer unit, a plurality of cryptographic codes may have to be exchanged between two computer units under certain circumstances. For this reason, it can also be necessary to negotiate a plurality of different security policies between two computer units.
A secure code exchange or a trustworthy negotiation of a security policy is based on a mutual authentification of the computer units involved in the negotiation or, respectively, in the code exchange be fore the actual code exchange or, respectively, the negotiation of the security policy.
An authentification phase in which the computer units mutually authenticate each other is usually implemented before every negotiation of a security policy or, respectively, before every code exchange.
Given a plurality of negotiations of security policy or code exchange procedures, this leads to a plurality of implemented authentifications that means an increased communication outlay and increased need for computing capacity.
This problem is even intensified when it is not only two computer units that communicate with one another but a plurality of computer units are provided that are assigned to different security domains. What is to be understood by a security domain in this context is a set of computer units that pursue a common security policy.
In this case, the authentification is usually implemented on the basis of the security domains.
An overview of generally employable cryptographic methods that can be utilized in the method can be found, for example, in S. Muftic, Sicherheitsmechanismen für Rechnernetze, Carl Hanser Verlag, Munich, ISBN 3-446-16272-0, pp. 34-70, 1992.
It is known to negotiate a security policy between two communication partners, whereby, however, the negotiation disclosed in this E. Kipp et al., The SSL Protocol, Internet Draft, available in the Internet in June 1995 at the following address: gopher://ds.internic.net:70/00/internet-drafts/draft-hickman-netscape-ssl-01.txt is limited to a few previously defined parameters.
SUMMARY OF THE INVENTION
It is an object of the invention to specify a method for code management between two computer units wherein the required communication expense and the computing capacity required for the implementation of the method is lower than in known methods.
According to the method of the present invention for cryptographic code management between a first computer unit and a second computer unit, an authentication is implemented between the first computer unit and the second computer unit. Authentification references with which authenticity of the computer unit is assured are exchanged between the first computer unit and the second computer unit during the authentification. A security policy is negotiated between the first computer unit and the second computer unit. At least one of the authentification references is employed in the negotiation of the security policy.
Given this method, an authentification is implemented between two computer units, authentification references being exchanged between the computer units in the framework thereof. A secret information with reference whereto an authentification of the computer units is possible is exchanged between the computer units together with the authentification references. A subsequent negotiation of a security policy and/or a subsequent code exchange between the computer units occurs upon employment of the authentification references.
As a result of this method, it is possible to avoid explicit authentification phases between the computer units for every new code exchange and/or for every new negotiation of security policy. Given a plurality of utilized application protocols, for example, this means a considerable reduction of required authentification phases, since the authentification only has to be implemented once between the computer units and the authentification of the computer units for all further steps occurs implicitly on the basis of the co-transmitted authentification references.
The communication expense between the computer units as well as the required calculating time is thus substantially reduced for a code management.
A further saving of required communication expense and required computing capacity is achieved given grouping of a plurality of computer units in security domains and an authentification of the computer units on the basis of the security domain that is respectively allocated to the computer unit. This is achieved by the modular structure of the method since an explicit authentification phase has to be implemented for respectively one computer unit of a security domain. When negotiations of a further security policy and/or a further code exchange between further computer units of the corresponding security domains for which a mutual authentification already occurred, the exchanged authentification references can be implicitly utilized in the further negotiation and/or the further code exchange for authentification of the further computer units.
In a development of the invention, further, it is advantageous to employ hash functions, since a formation of hash values can be implemented very fast upon employment of such hash functions. The implementation of the method is thus considerably speeded up.
A trustworthy, incontestable implementation of the method is possible by employing digital signatures in the method.
It is also advantageous to implement a connection cleardown phase (disconnect) within whose framework shared secrets, for example the exchanged code or the authentification references, are deleted. The security of the method is thus enhanced further since no exchanged, secret information are available to other computer units for potential, later misuse. The disconnect phase also serves for the synchronization of the computer units participating in the communication.
In a development of the method, it is advantageous to successively d
Euchner Martin
Kessler Volker
Peeso Thomas R.
Schiff & Hardin & Waite
Siemens Aktiengesellschaft
LandOfFree
Process for cryptographic code management between a first... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Process for cryptographic code management between a first..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Process for cryptographic code management between a first... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2931273