公开(公告)号：US20210120033A1

公开(公告)日：2021-04-22

申请号：US16654867

申请日：2019-10-16

Applicant: Citrix Systems, Inc.

Inventor： Venkata Subba Rao Gorrepati ,  Jubin Jose ,  Ranjith Nath ,  Sathaiah Dontula

IPC: H04L29/06

Abstract: Disclosed herein includes a system, a method, and a device for preventing replay attacks in a cluster. A first node in the cluster having a plurality of nodes can receive an indication of a node event. The first node can access a first sequence number from a storage corresponding to a previous communication between the plurality of nodes. The first node can adjust the first sequence number by a delta indicative of an average number of communications between the plurality of nodes in the cluster in a determined time period to generate a second sequence number. The first node can transmit a packet including the second sequence number to the plurality of nodes in the cluster. The second sequence number can be used by the plurality of nodes to reset a starting sequence number for communications between the plurality of nodes to prevent replay attacks in the cluster.

公开(公告)号：US11336683B2

公开(公告)日：2022-05-17

申请号：US16654867

申请日：2019-10-16

Applicant: Citrix Systems, Inc.

Inventor： Venkata Subba Rao Gorrepati ,  Jubin Jose ,  Ranjith Nath ,  Sathaiah Dontula

IPC: H04L29/06

Abstract: Disclosed herein includes a system, a method, and a device for preventing replay attacks in a cluster. A first node in the cluster having a plurality of nodes can receive an indication of a node event. The first node can access a first sequence number from a storage corresponding to a previous communication between the plurality of nodes. The first node can adjust the first sequence number by a delta indicative of an average number of communications between the plurality of nodes in the cluster in a determined time period to generate a second sequence number. The first node can transmit a packet including the second sequence number to the plurality of nodes in the cluster. The second sequence number can be used by the plurality of nodes to reset a starting sequence number for communications between the plurality of nodes to prevent replay attacks in the cluster.