Method for secure single-packet remote authorization
US8413248B2 · kind B2 · utility
Inventor
Key dates
| Filing date | Mar 22, 2007 |
| Grant date | Apr 2, 2013 |
| Priority date | — |
| Expiry date | Apr 1, 2031 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2151
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method for secure single-packet remote authorization using a single packet authorization (SPA) server on a host system that passively monitors the network for connection attempts and anonymously accept or rejects said attempts depending on whether a valid SPA packet is detected, an SPA client on a client system that is responsible for generating the appropriately encrypted SPA packet in order to gain access to services on the host, and a particular packet format sent from the client to the host to gain access. The packet format is encrypted and non-replayable by virtue of 16 bytes of random data in every message, and an MD5 sum that is a hash function of the random data (made via any known hashing function). The SPA server stores the MD5 sum of every valid SPA packet that it monitors and flags any duplicate access attempts using the same MD5 hash as a previously monitored packet, in which case the SPA server treats the packet as being generated by a malicious attempt to replay the original packet.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.