WO2009118730A4 - System and method for communicating over a network - Google Patents
System and method for communicating over a network Download PDFInfo
- Publication number
- WO2009118730A4 WO2009118730A4 PCT/IL2009/000327 IL2009000327W WO2009118730A4 WO 2009118730 A4 WO2009118730 A4 WO 2009118730A4 IL 2009000327 W IL2009000327 W IL 2009000327W WO 2009118730 A4 WO2009118730 A4 WO 2009118730A4
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- cookie
- sip
- server
- network
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/1066—Session management
- H04L65/1101—Session protocols
- H04L65/1104—Session initiation protocol [SIP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/062—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying encryption of the keys
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Multimedia (AREA)
- Telephonic Communication Services (AREA)
Abstract
A system 100 for communicating over a network 102 using a Session Initiation Protocol (SIP), the system comprising a server 101 adapted to transmit a first cookie encrypted using a first key K1, receive and decrypt a second cookie using a second key K2, and compare the first cookie with the second cookie; and a client machine (CM) 103 - 107 adapted to receive and decrypt the first cookie using the first key K1, and transmit the second cookie encrypted using the second key K2.
Claims
1. A method of authentication communication between a client machine (CM) and a server over a communication network using Session Initiation Protocol (SIP), comprising the steps of - (a) upon approached by the CM, generating and sending by the server to the CM a first encrypted SIP cookie;
(b) decrypting the first SIP cookie by the CM;
(c) generating by the CM and sending to the server a second encrypted SIP cookie ;
(d) decrypting by the server the second SIP cookie ;
(e) comparing by the server the second SIP cookie to the first SIP cookie;
(0 authorizing connection of the CM to the network by the sever when the result of the comparison conforms a predetermined criterion;
C h a r a c t e r i s e d in that the said encryption by the server and the said decryption by the CM of the first SIP cookie are made by using a first Key (Kl); the said encryption by the CM and the said decryption by the server of the second SIP cookie are made by using a second Key
(K2); and wherein the keys Kl and K2 have different values.
27
2. The method of Claim 1 wherein the network is the Internet.
3. The method of Claim 1 wherein the network is a packet-switched network.
4. The method of Claim 1 wherein communicating over the network comprises Voice over Internet Protocol (VoIP).
5. The method of Claim 1 wherein the first SIP cookie includes a validation stamp.
6. The method of Claim 5 wherein the second SIP cookie includes a validation stamp.
7. The method of Claim 5 and 6 wherein the validation stamp is time stamp.
8. The method of Claim 1 wherein Kl and/or K2 are revised according to a predetermined CM-server validation criteria.
9. The method of Claim 8 wherein Kl and/or K2 are periodically revised.
10. The method of Claim 1 wherein the predetermined criterion is based on a correlation between the first SIP cookie and the second SIP cookie.
11. The method of Claim 1 further comprising the step of storing the first cookie.
12. The method of Claim 11 wherein the storage of the first cookie is by the server.
13. The method of Claim 11 wherein the storage of the first cookie is in an externally located memory.
29
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| EP09725838A EP2272230A1 (en) | 2008-03-27 | 2009-03-24 | System and method for communicating over a network |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US6479608P | 2008-03-27 | 2008-03-27 | |
| US61/064,796 | 2008-03-27 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| WO2009118730A1 WO2009118730A1 (en) | 2009-10-01 |
| WO2009118730A4 true WO2009118730A4 (en) | 2009-12-03 |
Family
ID=40834307
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/IL2009/000327 Ceased WO2009118730A1 (en) | 2008-03-27 | 2009-03-24 | System and method for communicating over a network |
Country Status (2)
| Country | Link |
|---|---|
| EP (1) | EP2272230A1 (en) |
| WO (1) | WO2009118730A1 (en) |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8694783B2 (en) * | 2007-01-22 | 2014-04-08 | Samsung Electronics Co., Ltd. | Lightweight secure authentication channel |
-
2009
- 2009-03-24 WO PCT/IL2009/000327 patent/WO2009118730A1/en not_active Ceased
- 2009-03-24 EP EP09725838A patent/EP2272230A1/en not_active Withdrawn
Also Published As
| Publication number | Publication date |
|---|---|
| WO2009118730A1 (en) | 2009-10-01 |
| EP2272230A1 (en) | 2011-01-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9106648B2 (en) | Method and apparatus for data transmission | |
| KR102068367B1 (en) | A computer implemented system and method for lightweight authentication on datagram transport for internet of things | |
| US8214649B2 (en) | System and method for secure communications between at least one user device and a network entity | |
| MX2010003403A (en) | Authentication method and framework. | |
| WO2005114897A3 (en) | Pre-authentication of mobile clients by sharing a master key among secured authenticators | |
| WO2008011628A3 (en) | Device authentication | |
| TWI581599B (en) | Key generation system, data signature and encryption system and method | |
| WO2009037582A3 (en) | System and method for securely communicating on- demand content from closed network to dedicated devices, and for compiling content usage data in closed network securely communicating content to dedicated devices | |
| WO2011017099A3 (en) | Secure communication using asymmetric cryptography and light-weight certificates | |
| CA2548229A1 (en) | Enabling stateless server-based pre-shared secrets | |
| WO2006025989B1 (en) | Method and apparatus for automatically re-validating multiple clients of an authentication system | |
| CN103684787A (en) | Encryption-decryption method and terminal of data pack based on network transmission | |
| WO2008026060A3 (en) | Method, system and device for synchronizing between server and mobile device | |
| SG143127A1 (en) | Client credential based secure session authentication method and apparatus | |
| CA2558353A1 (en) | Key-based encryption | |
| RU2012125663A (en) | AUTHENTICATION SYSTEM, METHOD AND DEVICE | |
| WO2012087692A4 (en) | System and method for secure communications in a communication system | |
| WO2009126209A3 (en) | Methods and apparatus for authentication and identity management using a public key infrastructure (pki) in an ip-based telephony environment | |
| GB2440653A (en) | RTP/SIP authentication in client server systems | |
| CN105391549B (en) | Communication dynamics key implementation method between client and server | |
| WO2020131530A3 (en) | Secure data channel in a networked gaming system | |
| KR20090067194A (en) | How to provide a symmetric key to protect the key management protocol | |
| Palmieri et al. | Providing true end-to-end security in converged voice over IP infrastructures | |
| CN104243146A (en) | Encryption communication method and device and terminal | |
| Castiglione et al. | SPEECH: Secure personal end-to-end communication with handheld |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 09725838 Country of ref document: EP Kind code of ref document: A1 |
|
| NENP | Non-entry into the national phase |
Ref country code: DE |
|
| WWE | Wipo information: entry into national phase |
Ref document number: 2009725838 Country of ref document: EP |