WO2012018573A4 - Method for key identification using an internet security association and key management based protocol - Google Patents
Method for key identification using an internet security association and key management based protocol Download PDFInfo
- Publication number
- WO2012018573A4 WO2012018573A4 PCT/US2011/045136 US2011045136W WO2012018573A4 WO 2012018573 A4 WO2012018573 A4 WO 2012018573A4 US 2011045136 W US2011045136 W US 2011045136W WO 2012018573 A4 WO2012018573 A4 WO 2012018573A4
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- key
- protocol
- isakmp
- message
- header
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/164—Implementing security features at a particular protocol layer at the network layer
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
An initiating device: generates a message having an ISAKMP-based header that includes a security parameter index (SPI) field; identifies a key in the SPI field of the ISKMP-based header; and sends the message to a responding device. The responding device: receives the message; extracts the key identifier; and when a shared key is selected using the key identifier, uses the selected shared key to establish, with the initiating device, a session having a secure tunnel.
Claims
1. A method for key identification using an Internet Security Association and Key Management Protocol (ISAKMP)-based protocol, the method comprising:
an initiating device performing:
generating a message using the ISAKMP-based protocol that includes a security parameter index (SPI) field;
identifying a key in the SPI field of the message;
sending the message to a responding device;
wherein the message comprises a Session Initiation Request.
2. The method of claim 1 , wherein the key is a shared key between the initiating and responding devices for establishing a secure tunnel using the ISAKMP-based protocol.
3. The method of claim 1, wherein the ISAKMP-based protocol comprises an Internet Key Exchange (IKE) protocol.
4. The method of claim 3, wherein the IKE protocol comprises IKEvl or IKEv2.
5. The method of claim 1, wherein the ISAKMP-based protocol comprises an Association of Public Safety Communications Officials International Project 25 Packet Data Security Protocol.
6. (Cancelled).
7. The method of claim 1 , wherein the SPI field comprises the first eight bytes of the message.
8. A method for key identification using an Internet Security Association and Key Management Protocol (ISAKMP)-based protocol, the method comprising:
a responding device performing:
receiving a message from an initiating device that includes a key identifier that identifies a key;
extracting the key identifier, and attempting to select a shared key using the key identifier, wherein the shared key is for establishing a security session between the initiating and responding devices using the ISAKMP -based protocol;
when the message includes an ISAKMP -based header having a security parameter index (SPI) field that includes the key identifier, and the shared key is identified and selected using the key identifier, using the selected shared key to establish the security session with the initiating device;
wherein the message comprises a Session Initiation Request.
9. The method of claim 8 further comprising, when the key identifier fails to identify the shared key, using a default key to establish the security session with the initiating device.
10. The method of claim 8, wherein the ISAKMP -based header comprises an Internet Key Exchange (IKE) protocol header.
11. The method of claim 10, wherein the IKE protocol header comprises an IKEvl header or an IKEv2 header.
12. (Cancelled).
13. The method of claim 8, wherein the ISAKMP -based header comprises an Association of Public Safety Communications Officials International Project 25 Packet Data Security Protocol header.
14. The method of claim 8, wherein the SPI field comprises the first eight bytes of the message.
16
Applications Claiming Priority (4)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US37094310P | 2010-08-05 | 2010-08-05 | |
| US61/370,943 | 2010-08-05 | ||
| US13/173,020 | 2011-06-30 | ||
| US13/173,020 US8448235B2 (en) | 2010-08-05 | 2011-06-30 | Method for key identification using an internet security association and key management based protocol |
Publications (3)
| Publication Number | Publication Date |
|---|---|
| WO2012018573A2 WO2012018573A2 (en) | 2012-02-09 |
| WO2012018573A3 WO2012018573A3 (en) | 2012-07-12 |
| WO2012018573A4 true WO2012018573A4 (en) | 2012-09-07 |
Family
ID=44509649
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/US2011/045136 Ceased WO2012018573A2 (en) | 2010-08-05 | 2011-07-25 | Method for key identification using an internet security association and key management based protocol |
Country Status (1)
| Country | Link |
|---|---|
| WO (1) | WO2012018573A2 (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113746861B (en) * | 2021-09-13 | 2023-03-14 | 南京首传信安科技有限公司 | Data transmission encryption and decryption method and encryption and decryption system based on national encryption technology |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2004186814A (en) * | 2002-11-29 | 2004-07-02 | Fujitsu Ltd | Common key encryption communication system |
| US8059817B2 (en) * | 2006-06-20 | 2011-11-15 | Motorola Solutions, Inc. | Method and apparatus for encrypted communications using IPsec keys |
-
2011
- 2011-07-25 WO PCT/US2011/045136 patent/WO2012018573A2/en not_active Ceased
Also Published As
| Publication number | Publication date |
|---|---|
| WO2012018573A3 (en) | 2012-07-12 |
| WO2012018573A2 (en) | 2012-02-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP2012147478A5 (en) | ||
| EP2590356A1 (en) | Method, device and system for authenticating gateway, node and server | |
| CN102891848B (en) | Ipsec security alliance is utilized to be encrypted the method for deciphering | |
| WO2012141555A3 (en) | Method and apparatus for providing machine-to-machine service | |
| JP2011521510A5 (en) | ||
| CN107343179A (en) | A kind of video information encryption and video terminal security certification system, authentication method and its application | |
| RU2014106831A (en) | METHODS, DEVICES, AND SYSTEMS FOR CREATING PASS-THROUGH SECURE CONNECTIONS AND FOR SAFE TRANSFER OF DATA PACKAGES | |
| RU2016102035A (en) | EFFECTIVE NETWORK LEVEL FOR IPv6 PROTOCOL. | |
| WO2009100259A3 (en) | Methods and systems for shortened hash authentication and implicit session key agreement | |
| CN102420770B (en) | Method and equipment for negotiating internet key exchange (IKE) message | |
| RU2014123536A (en) | METHOD FOR DETERMINING DATA CONNECTIVITY BETWEEN A WIRELESS COMMUNICATION DEVICE AND A BASIC NETWORK BY AN IP ACCESS NETWORK, A WIRELESS COMMUNICATION DEVICE AND A COMMUNICATION SYSTEM | |
| TR201908159T4 (en) | Method and system for mobile terminals delivered between free session and encrypted session communications. | |
| NZ592061A (en) | Secure negotiation of authentication capabilities | |
| CN101986726A (en) | Method for protecting management frame based on wireless local area network authentication and privacy infrastructure (WAPI) | |
| CN101252584B (en) | Authentication method, system and equipment for bidirectional forwarding detection protocol conversation | |
| CN101895882A (en) | Data transmission method, system and device in a WiMAX system | |
| WO2015131609A1 (en) | Method for implementing l2tp over ipsec access | |
| CN106230587A (en) | Long connection anti-replay attack method | |
| CN105578463A (en) | Method and device for dual connection secure communication | |
| CN107786974A (en) | The method and system that cell phone application communicates with equipment safety in a kind of LAN | |
| CN101729871A (en) | Method for safe cross-domain access to SIP video monitoring system | |
| GB2494550A (en) | Dynamic address allocation to a radio device | |
| CN106465109A (en) | Cellular Authentication | |
| CN105391690B (en) | A kind of network interception defence method and system based on POF | |
| CN101621455A (en) | Method for managing network equipment, network management station, and equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 11748517 Country of ref document: EP Kind code of ref document: A2 |
|
| NENP | Non-entry into the national phase in: |
Ref country code: DE |
|
| 122 | Ep: pct application non-entry in european phase |
Ref document number: 11748517 Country of ref document: EP Kind code of ref document: A2 |