-
公开(公告)号:WO2007139794A3
公开(公告)日:2008-08-07
申请号:PCT/US2007012197
申请日:2007-05-18
Applicant: LUCENT TECHNOLOGIES INC , PATEL SARVAR , SUNDARAM GANAPAHTY SUBRAMANIAN
Inventor: PATEL SARVAR , SUNDARAM GANAPAHTY SUBRAMANIAN
CPC classification number: H04L63/0428 , H04L9/0822 , H04L63/061 , H04L2209/60 , H04L2209/80 , H04L2463/061 , H04L2463/062 , H04W12/02 , H04W12/04 , H04W12/10 , H04W84/12
Abstract: Methods are provided for securely transmitting a packet between' endpoints (120,140) of a- network. In one aspect, there is provided a method for establishing an end-to-end key using extant hop-by-hop security associations. In a second aspect, there is provided a method in which a packet-specific encryption key PEK is used to encrypt a packet p. A signature of the key PEK is independently computed at each of two, nodes, using an integrity key shared by the two nodes. The signature is sent from one of the two nodes to the other in association with the packet p. The receiving node uses the signature to verify that the packet p was originated by an entity having possession fo the PEK.
Abstract translation: 提供了用于在网络的'端点(120,140)之间安全地发送分组的方法。 一方面,提供了一种使用现有的逐跳安全关联来建立端对端密钥的方法。 在第二方面,提供了一种方法,其中使用分组专用加密密钥PEK来加密分组p。 使用两个节点共享的完整性密钥,在两个节点的每一个上独立地计算密钥PEK的签名。 签名从两个节点之一发送到另一个节点,与分组p相关联。 接收节点使用签名来验证分组p是由拥有PEK的实体发起的。
-
公开(公告)号:WO2007139794A8
公开(公告)日:2009-05-22
申请号:PCT/US2007012197
申请日:2007-05-18
Applicant: LUCENT TECHNOLOGIES INC , PATEL SARVAR , SUNDARAM GANAPAHTY SUBRAMANIAN
Inventor: PATEL SARVAR , SUNDARAM GANAPAHTY SUBRAMANIAN
CPC classification number: H04L63/0428 , H04L9/0822 , H04L63/061 , H04L2209/60 , H04L2209/80 , H04L2463/061 , H04L2463/062 , H04W12/02 , H04W12/04 , H04W12/10 , H04W84/12
Abstract: Methods are provided for securely transmitting a packet between' endpoints (120,140) of a- network. In one aspect, there is provided a method for establishing an end-to-end key using extant hop-by-hop security associations. In a second aspect, there is provided a method in which a packet-specific encryption key PEK is used to encrypt a packet p. A signature of the key PEK is independently computed at each of two, nodes, using an integrity key shared by the two nodes. The signature is sent from one of the two nodes to the other in association with the packet p. The receiving node uses the signature to verify that the packet p was originated by an entity having possession fo the PEK.
Abstract translation: 提供了用于在网络的'端点(120,140)之间安全地发送分组的方法。 一方面,提供了一种使用现有的逐跳安全关联来建立端对端密钥的方法。 在第二方面,提供了一种方法,其中使用分组专用加密密钥PEK来加密分组p。 使用两个节点共享的完整性密钥,在两个节点的每一个上独立地计算密钥PEK的签名。 签名从两个节点之一发送到另一个节点,与分组p相关联。 接收节点使用签名来验证分组p是由拥有PEK的实体发起的。
-
公开(公告)号:WO2007139794A2
公开(公告)日:2007-12-06
申请号:PCT/US2007/012197
申请日:2007-05-17
Inventor: PATEL, Sarvar , SUNDARAM, Ganapahty, Subramanian
CPC classification number: H04L63/0428 , H04L9/0822 , H04L63/061 , H04L2209/60 , H04L2209/80 , H04L2463/061 , H04L2463/062 , H04W12/02 , H04W12/04 , H04W12/10 , H04W84/12
Abstract: Methods are provided for securely transmitting a packet between endpoints of a network. In one aspect, there is provided a method for establishing an end-to-end key using extant hop-by-hop security associations. In a second aspect, there is provided a method in which a packet-specific encryption key PEK is used to encrypt a packet p . A signature of the key PEK is independently computed at each of two nodes, using an integrity key shared by the two nodes. The signature is sent from one of the two nodes to the other in association with the packet p . The receiving node uses the signature to verify that the packet p was originated by an entity having possession of the PEK.
Abstract translation: 提供了用于在网络的端点之间安全地传送分组的方法。 一方面,提供了一种使用现有的逐跳安全关联来建立端对端密钥的方法。 在第二方面,提供了一种方法,其中使用分组专用加密密钥PEK来加密分组p。 使用两个节点共享的完整性密钥,在两个节点的每一个上独立地计算密钥PEK的签名。 签名从两个节点之一发送到另一个节点,与分组p相关联。 接收节点使用签名来验证分组p是由拥有PEK的实体发起的。
-
-
Search Results
3
records
(took 0.018 seconds)
