公开(公告)号：US11757630B2

公开(公告)日：2023-09-12

申请号：US17377303

申请日：2021-07-15

Applicant: Cisco Technology, Inc.

Inventor： Amjad Inamdar ,  Lionel Florit ,  Eric Voit ,  Sujal Sheth ,  Chennakesava Reddy Gaddam

IPC: H04L9/08 ,  H04L9/30

CPC classification number: H04L9/0852 ,  H04L9/0827 ,  H04L9/0869 ,  H04L9/304

Abstract: Systems and methods are provided for quantum-resistant secure key distribution between a peer and an EAP authenticator by using an authentication server. The systems and methods include receiving requests for a COMMON-SEED and a quantum-safe public key from a peer and an EAP authenticator. The COMMON-SEED is encrypted using the quantum-safe public key of the peer and the quantum-safe public key of the EAP authenticator, and the encrypted COMMON-SEED is sent to the peer along with a request for a PPK ID from the peer to complete authentication of the peer. The PPK ID is received from the peer, and the encrypted COMMON-SEED and PPK ID is sent to the EAP authenticator. A quantum-resistant secure channel is established between the peer and the EAP authenticator when the peer and the EAP authenticator share the same COMMON-SEED and the same PPK-ID.

公开(公告)号：US20230071333A1

公开(公告)日：2023-03-09

申请号：US18054219

申请日：2022-11-10

Applicant: Cisco Technology, Inc.

Inventor： Amjad Inamdar ,  Lionel Florit ,  Eric Voit ,  Sujal Sheth ,  Chennakesava Reddy Gaddam

IPC: H04L9/08 ,  H04L9/30

Abstract: Systems and methods are provided for quantum-resistant secure key distribution between a peer and an EAP authenticator by using an authentication server. The systems and methods include receiving requests for a COMMON-SEED and a quantum-safe public key from a peer and an EAP authenticator. The COMMON-SEED is encrypted using the quantum-safe public key of the peer and the quantum-safe public key of the EAP authenticator, and the encrypted COMMON-SEED is sent to the peer along with a request for a PPK_ID from the peer to complete authentication of the peer. The PPK_ID is received from the peer, and the encrypted COMMON-SEED and PPK_ID is sent to the EAP authenticator. A quantum-resistant secure channel is established between the peer and the EAP authenticator when the peer and the EAP authenticator share the same COMMON-SEED and the same PPK-ID.

公开(公告)号：US20220345300A1

公开(公告)日：2022-10-27

申请号：US17377303

申请日：2021-07-15

Applicant: Cisco Technology, Inc.

Inventor： Amjad Inamdar ,  Lionel Florit ,  Eric Voit ,  Sujal Sheth ,  Chennakesava Reddy Gaddam

IPC: H04L9/08 ,  H04L9/30

Abstract: A method is provided for quantum-resistant secure key distribution between a peer and an extendible authentication protocol (EAP) authenticator by using an authentication server. The method may include receiving requests for a COMMON-SEED and a McEliece public key from a peer and an EAP authenticator by an authentication server using an EAP method, encrypting the COMMON-SEED using the McEliece public key of the peer and the McEliece public key of the EAP authenticator by the authentication server, and sending the encrypted COMMON-SEED from the authentication server to the peer along with a request for a PPK_ID from the peer using the EAP method to complete authentication of the peer. The method may also include receiving the PPK_ID from the peer using the EAP method, where the PPK_ID is from a key pair consisting of PPK_ID and PPK obtained from a first SKS server in electrical communication with the peer based upon the encrypted COMMON-SEED. The method may also include sending the encrypted COMMON-SEED and PPK_ID from the authentication server to the EAP authenticator, and establishing a quantum-resistant secure channel between the peer and the EAP authenticator, where a message of EAP success is delivered from the EAP authenticator to the peer when the peer and the EAP authenticator share the same COMMON-SEED and the same PPK-ID.