Verifying cryptographic identity during media session initialization
US8200959B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 28, 2007 |
| Grant date | Jun 12, 2012 |
| Priority date | — |
| Expiry date | Jul 8, 2030 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0823
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
An authentication agent may cryptographically identify a remote endpoint that sent a media initialization message even though intermediate devices may modify certain fields in the message after a signature is inserted. The originating endpoint's agent may create the signature over some fields of the message using an enterprise network's private key. The agent may insert the signature into the message and send the message to a recipient endpoint's authentication agent. The recipient agent may verify the signature, receive a certificate including a second public key, and challenge the identity of the originating endpoint in order to confirm that identity. This challenge may request a confirmation that the originating endpoint knows the private key corresponding to the second public key and may occur while running encrypted media at the endpoints. After the originating endpoint is authenticated, the endpoints may exchange encrypted and/or unencrypted media.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.