公开(公告)号：US20160119291A1

公开(公告)日：2016-04-28

申请号：US14920657

申请日：2015-10-22

Applicant: NETFLIX, INC

Inventor： James Mitch ZOLLINGER ,  Wesley MIAW

IPC: H04L29/06

CPC classification number: H04L63/04 ,  H04L9/3228 ,  H04L9/3297 ,  H04L63/0428 ,  H04L63/061 ,  H04L63/068 ,  H04L63/083

Abstract: One embodiment of the present invention includes a server machine configured to establish a secure communication channel with a client machine via renewable tokens. The server machine receives a plurality of messages from a client machine over a secure communication channel, where the plurality of messages includes a first message that includes at least two of user authentication data, entity authentication data, first key exchange data, and encrypted message data. The server machine transmits, to the client machine, a second message that includes a master token comprising second key exchange data associated with the first key exchange data and at least one of a renewal time and an expiration time.

Abstract translation: 本发明的一个实施例包括被配置为经由可再生令牌与客户端机器建立安全通信信道的服务器机器。 服务器机器通过安全通信信道从客户端机器接收多个消息，其中多个消息包括第一消息，其包括用户认证数据，实体认证数据，第一密钥交换数据和加密消息数据中的至少两个 。 服务器机器向客户机发送包括主令牌的第二消息，该主令牌包括与第一密钥交换数据相关联的第二密钥交换数据和更新时间和到期时间中的至少一个。

公开(公告)号：US20160119318A1

公开(公告)日：2016-04-28

申请号：US14920641

申请日：2015-10-22

Applicant: NETFLIX, INC

Inventor： James Mitch ZOLLINGER ,  Wesley MIAW

IPC: H04L29/06 ,  H04W12/06 ,  H04L9/08 ,  H04W12/08

CPC classification number: H04L63/083 ,  H04L9/0819 ,  H04L9/0841 ,  H04L9/0861 ,  H04L9/3228 ,  H04L9/3242 ,  H04L9/3247 ,  H04L63/061 ,  H04W12/06 ,  H04W12/08

Abstract: One embodiment of the present invention includes an approach for efficient start-up for secured connections and related services. A client machine receives, via an application program, a request to send a secure message to a server machine. The client machine transmits a plurality of messages to the server machine that includes a first message comprising at least two of user authentication data, entity authentication data, key exchange data, and encrypted message data. The client machine receives, from the server machine, a second message that includes a first master token comprising a first set of session keys for encrypting and authenticating messages exchanged with the server machine.

Abstract translation: 本发明的一个实施例包括用于有效启动安全连接和相关服务的方法。 客户机通过应用程序接收向服务器机器发送安全消息的请求。 客户机向服务器机器发送多个消息，其包括包括用户认证数据，实体认证数据，密钥交换数据和加密消息数据中的至少两个的第一消息。 客户端计算机从服务器机器接收第二消息，该消息包括第一主令牌，该第一主令牌包括用于加密和认证与服务器机器交换的消息的第一组会话密钥。

公开(公告)号：US20160119307A1

公开(公告)日：2016-04-28

申请号：US14920661

申请日：2015-10-22

Applicant: NETFLIX, INC

Inventor： James Mitch ZOLLINGER ,  Wesley MIAW

IPC: H04L29/06 ,  G06F11/14

CPC classification number: H04L63/08 ,  H04L9/3228 ,  H04L9/3247 ,  H04L63/0823 ,  H04L63/0846

Abstract: Embodiments of the present invention include techniques for reestablishing a secure communication channel between a client machine and a server machine. A client machine receives, from a server machine, a first message generated in connection with a first master token. The client machine detects an error condition associated with the first message. The client machine transmits, to the server machine, a second message generated in connection with a pre-provisioned key that includes a request for a new master token. The client machine receives, from the server machine, a third message that includes a second master token. The client machine transmits, to the server machine, a fourth message generated in connection with the second master token.

Abstract translation: 本发明的实施例包括在客户机和服务器机之间重新建立安全通信信道的技术。 客户机从服务器机器接收与第一主令牌相关联地生成的第一消息。 客户端机器检测与第一消息相关联的错误状况。 客户端机器向服务器机器发送与包括对新的主令牌的请求的预先提供的密钥相关联地生成的第二消息。 客户机从服务器机器接收包含第二主令牌的第三消息。 客户端机器向服务器机器发送与第二主令牌相关联地生成的第四消息。