Cryptography – Key management – Key distribution
Reexamination Certificate
2002-04-05
2008-09-02
Barron, Jr., Gilberto (Department: 2132)
Cryptography
Key management
Key distribution
C380S273000, C713S155000
Reexamination Certificate
active
07421083
ABSTRACT:
Application servers are programmed such that when an application server changes a compromised service key, the compromised key is saved by the application server until all tickets that may have been issued under the compromised key expire. Whenever the application server receives a ticket from a client issued under the compromised key, it generates an authenticator for an error message using the session key extracted from the ticket and sends the error message with this authenticator to the client. Clients are programmed to be able to receive error messages from application servers that have changed their service keys. Because the error messages include an authenticator generated by the application server using the session key extracted from the compromised ticket, the client is able to rely on the error message. The client is able to automatically request a new ticket from a key distribution center in response to a successful authentication of the error message.
REFERENCES:
patent: 5515439 (1996-05-01), Bantz et al.
patent: 6073242 (2000-06-01), Hardy et al.
patent: 6175920 (2001-01-01), Schanze
patent: 6198824 (2001-03-01), Shambroom
patent: 6240187 (2001-05-01), Lewis
patent: 6253326 (2001-06-01), Lincke et al.
patent: 6256741 (2001-07-01), Stubblebine
patent: 6445797 (2002-09-01), McGough
patent: 6684331 (2004-01-01), Srivastava
patent: 6782103 (2004-08-01), Arthan et al.
patent: 6792424 (2004-09-01), Burns et al.
patent: 6907127 (2005-06-01), Kravitz et al.
patent: 6947556 (2005-09-01), Matyas et al.
patent: 7047405 (2006-05-01), Mauro
patent: 2001/0032254 (2001-10-01), Hawkins
patent: 2002/0002468 (2002-01-01), Spagna et al.
patent: 2002/0007453 (2002-01-01), Nemovicher
patent: 2002/0116632 (2002-08-01), Itoh et al.
patent: 06311228 (1994-11-01), None
Adamson et al., “Joining Security Realms”, Feb. 7, 1995. http://www.citi.umich.edu/techreports/reports/citi-tr-95-1.pdf.
Bellovin et al., “Limitation of the Kerberos Authentication System”, USENIX—Winter '91. http://citeseer.ist.psu.edu/3136.html.
Itoi, “Secure Coprocessor Integration with Kerberos V5”, 9th USENIX Security Symposium, Aug. 14-17, 2000. http://www.usenix.org/publications/library/proceedings/sec2000/full—papers/itoi/itoi.pdf.
Bella, “Kerberos Version IV: Inductive Analysis of the Secrecy Goals”, ESORICS '98, 1998. http://citeseer.ist.psu.edu/61361.html.
Sirbu et al., “Distributed Authentication in Kerberos using Public Key Cryptography”, Carnegie Mellon University. 1997. http://ieeexplore.ieee.org/iel3/4421/12557/00579231.pdf?tp=&arnumber=579231&isnumber=12557.
Kohl, “The Kerberos Network Authentication Service (V5)”, Networking Working Group Request for Comments: 1510, Sep. 1993. http://citeseer.ist.psu.edu/654839.html.
Barron Jr. Gilberto
General Instrument Corporation
Herring Virgil
Wiener Stewart M.
LandOfFree
System for seamlessly updating service keys with automatic... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System for seamlessly updating service keys with automatic..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System for seamlessly updating service keys with automatic... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3991607