Invention Grant
- Patent Title: Secure session capability using public-key cryptography without access to the private key
-
Application No.: US16043972Application Date: 2018-07-24
-
Publication No.: US11044083B2Publication Date: 2021-06-22
- Inventor: Sébastien Andreas Henry Pahl , Matthieu Philippe François Tourne , Piotr Sikora , Ray Raymond Bejjani , Dane Orion Knecht , Matthew Browning Prince , John Graham-Cumming , Lee Hahn Holloway , Nicholas Thomas Sullivan , Albertus Strasheim
- Applicant: CLOUDFLARE, INC.
- Applicant Address: US CA San Francisco
- Assignee: CLOUDFLARE, INC.
- Current Assignee: CLOUDFLARE, INC.
- Current Assignee Address: US CA San Francisco
- Agency: Nicholson De Vos Webster & Elliott LLP
- Main IPC: H04L29/06
- IPC: H04L29/06 ; H04L9/08 ; H04L9/32 ; H04L9/14 ; H04L9/30
Abstract:
A first server establishes a secure session with a client device where a private key used in the handshake when establishing the secure session is stored in a different, second, server. The first server transmits messages between the client device and the second server where the second server has access to a private key that is not available on the first server. The first server receives from the second server a set of session key(s) used in the secure session for encrypting/decrypting communication between the client device and the first server. The session key(s) are generated using a master secret that is generated using a premaster secret generated using Diffie-Hellman public values selected by the client device and the second server. The first server uses the session key(s) to encrypt/decrypt communication with the client device.
Public/Granted literature
- US20180323969A1 SECURE SESSION CAPABILITY USING PUBLIC-KEY CRYPTOGRAPHY WITHOUT ACCESS TO THE PRIVATE KEY Public/Granted day:2018-11-08
Information query
