- 专利标题: SECURE SESSION CAPABILITY USING PUBLIC-KEY CRYPTOGRAPHY WITHOUT ACCESS TO THE PRIVATE KEY
-
申请号: US14937805申请日: 2015-11-10
-
公开(公告)号: US20160080337A1公开(公告)日: 2016-03-17
- 发明人: Sébastien Andreas Henry Pahl , Matthieu Philippe François Tourne , Piotr Sikora , Ray Raymond Bejjani , Dane Orion Knecht , Matthew Browning Prince , John Graham-Cumming , Lee Hahn Holloway , Nicholas Thomas Sullivan , Albertus Strasheim
- 申请人: CLOUDFLARE, INC.
- 主分类号: H04L29/06
- IPC分类号: H04L29/06
摘要:
A server establishes a secure session with a client device where a private key used in the handshake when establishing the secure session is stored in a different server. During the handshake procedure, the server receives a premaster secret that has been encrypted using a public key bound with a domain for which the client device is attempting to establish a secure session. The server transmits the encrypted premaster secret to the different server for decryption along with other information necessary to compute a master secret and session keys for the secure session. The different server decrypts the encrypted premaster secret, generates the master secret, and generates session keys that are used in the secure session for encrypting and decrypting communication between the client device and the server and transmits those session keys to that server.
公开/授权文献
信息查询