Piggy-backed key exchange protocol for providing secure low-overhead browser connections from a client to a server using a trusted third party

Assignee

• International Business Machines Corporation · US

Inventors

• Carl Binding · Thalwil, CH
• Stefan Georg Hild · Zürich, CH
• Luke O'Connor · Adliswil, CH
• Sandeep K. Singhal · Kirkland, US
• Victor Shoup · Zürich, CH
• Michael Steiner · Windom, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/0428
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A method, system, and computer program product for establishing security parameters that are used to exchange data on a secure connection. A piggy-backed key exchange protocol is defined, with which these security parameters are advantageously exchanged. By piggy-backing the key exchange onto other already-required messages (such as a client's HTTP GET request, or the server's response thereto), the overhead associated with setting up a secure browser-to-server connection is minimized. This technique is defined for a number of different scenarios, where the client and server may or may not share an encoding scheme, and is designed to maintain the integrity of application layer communication protocols. In one scenario, a client and a server exchange secure messages using a trusted third party.