Device vulnerability detection during device handshake
US11695796B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 10, 2020 |
| Grant date | Jul 4, 2023 |
| Priority date | — |
| Expiry date | Jan 19, 2041 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/166
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Described are implementations that analyze the unencrypted messages of a cryptographic protocol handshake between two devices and/or the receipt or absence of encrypted messages of the handshake to detect security vulnerabilities of one or both of those devices. For example, the unencrypted messages of a TLS handshake between a client device and a server may be analyzed to determine security vulnerabilities of the client device. Because the disclosed implementations utilize the unencrypted messages of a handshake and/or detection of the receipt or absence of encrypted messages of the handshake, involvement in the handshake or decryption of encrypted messages of the handshake is not necessary. The requirement is that the disclosed implementations are able to observe the messages of a handshake that are used to establish a secure communication between the devices.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.