Invention Grant
US08996855B2 HTTP layer countermeasures against blockwise chosen boundary attack
有权
HTTP层对抗屏蔽选择边界攻击的对策
- Patent Title: HTTP layer countermeasures against blockwise chosen boundary attack
- Patent Title (中): HTTP层对抗屏蔽选择边界攻击的对策
-
Application No.: US13676730Application Date: 2012-11-14
-
Publication No.: US08996855B2Publication Date: 2015-03-31
- Inventor: Alexander Sherkin , Gregory Marc Zaverucha , Alexander Truskovsky , Michael Matovsky , Osman Zohaib Arfeen
- Applicant: Research In Motion Limited , Certicom Corp.
- Applicant Address: CA Waterloo, Ontario CA Mississauga, Ontario
- Assignee: BlackBerry Limited,Certicom Corp.
- Current Assignee: BlackBerry Limited,Certicom Corp.
- Current Assignee Address: CA Waterloo, Ontario CA Mississauga, Ontario
- Agency: Integral Intellectual Property Inc.
- Agent Miriam Paton; Amy Scouten
- Main IPC: H04L29/06
- IPC: H04L29/06
Abstract:
A client application, when executed by a processor, is operative to create a HyperText Transfer Protocol (HTTP) request containing a target header that includes a confidential value. The HTTP request is to be sent over a Secure Sockets Layer (SSL) 3.0 connection or a Transport Layer Security (TLS) 1.0 connection to a web server. The client application implements at its HTTP layer a countermeasure to a blockwise chosen-boundary attack. The client application generates an additional header having a header name that is not recognizable by the web server and inserts the additional header into the HTTP request ahead of the target header, thus creating a modified HTTP request. The modified HTTP request is to be sent, instead of the unmodified HTTP request, over the SSL 3.0 connection or the TLS 1.0 connection to the web server.
Public/Granted literature
- US20140136834A1 HTTP Layer Countermeasures Against Blockwise Chosen Boundary Attack Public/Granted day:2014-05-15
Information query
