Showing papers on "Handshake published in 2002"

How effective is the IEEE 802.11 RTS/CTS handshake in ad hoc networks

Abstract: IEEE 802.11 MAC mainly relies on two techniques to combat interference: physical carrier sensing and RTS/CTS handshake (also known as "virtual carrier sensing"). Ideally, the RTS/CTS handshake can eliminate most interference. However, the effectiveness of RTS/CTS handshake is based on the assumption that hidden nodes are within transmission range of receivers. In this paper, we prove using analytic models that in ad hoc networks, such an assumption cannot hold due to the fact that power needed for interrupting a packet reception is much lower than that of delivering a packet successfully. Thus, the "virtual carrier sensing" implemented by RTS/CTS handshake cannot prevent all interference. Physical carrier sensing can complement this in some degree. However, since interference happens at receivers, while physical carrier sensing is detecting transmitters (the same problem causing the hidden terminal situation), physical carrier sensing cannot help much, unless a very large carrier sensing range is adopted, which is limited by the antenna sensitivity. We investigate how effective is the RTS/CTS handshake in terms of reducing interference. We show that in some situations, the interference range is much larger than transmission range, where RTS/CTS cannot function well. Then, a simple MAC layer scheme is proposed to solve this problem. Simulation results verify that our scheme can help IEEE 802.11 resolve most interference caused by large interference range.

Optimizing public-key encryption for wireless clients

Abstract: Providing acceptable levels of security imposes significant computational requirements on wireless clients, servers, and network elements. These requirements are often beyond the modest processing capabilities and energy (battery) resources available on wireless clients. The relatively small sizes of wireless data transactions imply that public-key encryption algorithms dominate the security processing requirements. We propose techniques to improve the computational efficiency of public-key encryption algorithms. We focus on the modular exponentiation based encryption/decryption employed in many popular public-key algorithms. We study an extensive suite of algorithmic optimizations to the basic modular exponentiation algorithm and new advanced techniques. The proposed algorithmic optimizations lead to an "algorithm design space", across which performance varies significantly (over an order-of-magnitude). We evaluated the proposed algorithmic optimization techniques by obtaining processing times for the SSL (secure sockets layer) handshake protocol on a state-of-the-art embedded processor by using the optimal algorithm configuration and a popular conventional algorithm configuration. The results demonstrate that the optimum algorithm configuration leads to a 5.7/spl times/ improvement in SSL handshake protocol processing times. The proposed techniques are complementary to, and can be applied in conjunction with, improvements in security mechanisms and protocols, new hardware architectures, and improvements in silicon technologies.

Method and apparatus for increasing the security of wireless data services

Abstract: The security of wireless communications between two or more devices is enhanced by requiring detection of the physical proximity of the devices. One or more of the devices operates in a non-secure mode, wherein the authentication process required to enter into secure communications is disabled. Upon detection of the physical proximity of another device, the device enters a secure mode, wherein authentication is enabled. The entry of a security code required by the authentication process may comprise the transmission of a device address or other data, either across the proximity detection interface or via the wireless communications interface. In addition to the detection of physical proximity, a hardware handshake protocol between the two devices may be defined. For additional security, the device must enter a handshake mode before the hardware handshake will complete. The handshake mode may require entry of a password or screening by a biometric sensor. Preferrably, the wireless communication system is based on the Bluetooth technology.

Prevention of denial of service attacks

Abstract: Denial of service type attacks are attacks where the nature of a system used to establish communication sessions is exploited to prevent the establishment of sessions. For example, to establish a Transmission Control Protocol (TCP)/Internet Protocol (IP) communication session, a three-way handshake is performed between communication endpoints. When a connection request is received, resources are allocated towards establishing the communication session. Malicious entities can attack the handshake by repeatedly only partially completing the handshake, causing the receiving endpoint to run out of resources for allocating towards establishing sessions, thus preventing legitimate connections. Illustrated embodiments overcome such attacks by delaying allocating resources until after the three-way handshake is successfully completed.

Method and apparatus for providing peer authentication for a transport layer session

Abstract: A handshake protocol, for encapsulation by the so-called TLS Record Protocol, for use by a client ( 11 ) and a server ( 12 ) in authenticating each other. The handshake protocol is based on the TLS Handshake Protocol, but replaces the PKI trust infrastructure of that protocol with the IMS AKA trust infrastructure, which is based on a private key stored on a so-called smart card ( 11 a ) in the client terminal ( 11 ), and also stored (usually) in a Home Subscriber Server ( 14 ) serving as a trusted third party (but instead sometimes in the server ( 12 ) being authenticated), the third party providing information to the server ( 12 ) sufficient for the server ( 12 ) to authenticate the client ( 11 ) and also sufficient for the server ( 12 ) to provide to the client ( 11 ) information sufficient for the client ( 11 ) to authenticate the server ( 12 ).

Event-driven discovery method and apparatus

Abstract: Provided is a method and apparatus for performing discovery between devices in a network Using event-driven discovery, devices conserve energy resources and more rapidly join a given network The event-driven discovery detects a common-event associated with a first device preparing to communicate with a second device The first device then discovers the second device in response to detection of the common-event For example, this common-event could be a handshake with another person During discovery, the first and second devices exchange respective information and optionally may establish a communication session to exchange further information if desired

Methods and apparatus for accelerating secure session processing

Abstract: Methods and apparatus are provided for an entity such as a CPU to efficiently call a cryptography accelerator to perform cryptographic operations. A function call causes the cryptography accelerator to execute multiple cryptographic operations in a manner tailored for specific processing steps, such as steps during a handshake phase of a secured session. The techniques provide efficient use of hardware processing resources, data interfaces, and memory interfaces.

Clock synchronization through handshake signalling

Abstract: We present a method for synchronizing pausible clocks in GALS (Globally Asynchronous, Locally Synchronous) systems. In contrast to most conventional GALS schemes the method is not based on including in each ring oscillator a synchronizing element (such as for instance an arbiter) which on one side can pause the clock and on the other side offers a handshake interface. Instead, we propose a scheme in which each synchronous module has both an incoming and an outgoing clock signal, which have been obtained by opening the module's ring oscillator. Since these clock signals also behave as handshake signals, handshake circuits can be used to synchronize the clocks. We demonstrate the technique in the context of processors and memories. All the designs have been simulated and showed functionally correct.

A New Hybrid Channel Access Scheme for Ad Hoc Networks

Abstract: : Many contention-based channel access schemes have been proposed for multi-hop ad hoc networks in the recent past, and they can be divided into two categories, sender-initiated and receiver-initiated, according to the collision avoidance handshake in use. The sender-initiated scheme is adopted in the IEEE 802.11 Medium Access Control (MAC) protocol, which is by far the most popular and studied protocol. However, the IEEE 802.11 MAC protocol can experience serious fairness problems due to location-dependent contention and the binary exponential backoff it uses. On the other hand, a receiver-initiated collision avoidance handshake is more effective at the receiver's side. Hence, the authors propose a hybrid channel access scheme that combines both sender-initiated and receiver-initiated collision avoidance schemes. The new scheme involves only some additional queue management and book-keeping work while maintaining compatibility with the existing IEEE 802.11 protocol. Simulation experiments show that the new scheme is very effective, as it can achieve much better fairness than the original sender-initiated scheme with almost no degradation in throughput. The hybrid scheme also eliminates the need for a good traffic estimator, which is usually mandatory in pure receiver-initiated schemes.

Fast-Track Session Establishment for {TLS}

Abstract: We propose a new, “fast-track” handshake mechanism for TLS. A fast-track client caches a server’s public parameters and negotiated parameters in the course of an initial, enabling handshake. These parameters need not be resent on subsequent handshakes. The new mechanism reduces both network traffic and the number of round trips, and requires no additional server state. These savings are most useful in high latency environments such as wireless networks. We include a rollback mechanism to allow a server to gracefully revert to an ordinary TLS handshake when needed. Our design is fully backwards compatible: fast-track clients can interoperate with servers unaware of fast-track and vise versa. We have implemented our proposal to demonstrate the savings in network traffic and round trips.

Method and system for prevention of network denial-of-service attacks

Abstract: An approach for preventing denial-of-service attacks on Secure Sockets Layer (“SSL”) protocol is described. Queues are generated for handshake state connections and data transmission connections. A connection object representing a new SSL connection is time-stamped as it enters the handshake portion of the SSL protocol. A connection pointer to the connection object is placed at the head of the handshake queue. As new SSL messages are transferred between client and SSL server, the time-stamp is updated when the entire message is received, the connection pointer is repositioned to the head of the queue. A timer event periodically surveys the queues. If connection packet transmission gaps remain below a specified maximum handshake gap time, a connection is allowed to progress to the data transmission state. If any connection exceeds the specified gap time, the SSL connection is dropped.

Synchronizing initial handshake in ADSL annex C to TTR

Abstract: Techniques for establishing TTR indication in ADSL Annex C based communication systems are disclosed. The techniques enable, for example, hyperframe alignment and synchronized initialization procedures (e.g., G.hs).

A WTLS handshake protocol with user anonymity and forward secrecy

Abstract: Forward secrecy and user anonymity are provided in the WTLS for the wireless Internet communications. Forward secrecy can be built by using Diffie-Hellman key agreement with random numbers in the Hello messages, and user anonymity by employing the signcryption scheme to the ClientKeyExchange and CertificateVerify procedure. In addition to these features, the modified WTLS handshake protocol has mutual authentication and key agreement against man-in-the-middle attacks. The resulting security features, bandwidth efficiency, and computational load are analyzed in comparison with the existing WTLS.

Three-Way Handshake for Intermediate System to Intermediate System (IS-IS) Point-to-Point Adjacencies

Abstract: The IS-IS routing protocol (ISO 10589) requires reliable protocols at the link layer for point-to-point links. As a result, it does not use a three-way handshake when establishing adjacencies on point-to- point media. This paper defines a backward-compatible extension to the protocol that provides for a three-way handshake. It is fully interoperable with systems that do not support the extension.

Synchronization of chroma and luma using handshaking

Abstract: An apparatus for synchronizing chroma and luma data includes a first handshake block (104) for luma data, a second handshake block (148) for chroma data, and a means (330, 350) for providing a handshake signal to the first block (104) and to the second block (148) based at least in part on a determination that they are both ready to transfer data, and further for inhibiting provision of the handshake signal based at least in part on a determination that at least one of the first block (104) and the second block (148) is not ready to transfer data.

Method and system for estabilishing connection

Abstract: The invention relates to a method and system for establishing a first type of connection, wherein a handshake processing is performed with the other party of the first type of connection. If the handshake processing is successful, the first type of connection is established. If the handshake processing is not successful, i.e. the other party does not support the first type of connection, a fallback procedure is started to change the call to a second type of connection determined during the connection establishment. The change to the second type of connection may be performed directly or may be based on a call retry procedure. Thereby, inconvenient disconnections or error processings at the end terminals can be prevented.

Handshake sequential circuit, handshake repeating device, sequential data generating device and handshake method

Abstract: PROBLEM TO BE SOLVED: To construct a handshake sequencing circuit on an array of variable logic cells. SOLUTION: A gate G1 where a request from a request source X is sent as a request to an output destination Y is composed of the LUT Ms1 of a cell 1A, a gate G2 where acknowledge from the output destination Y is sent as a request to an output destination Z is composed of the LUT Me1 of the cell 1A, wire where acknowledge from the output destination Z is sent as acknowledge to the request source X is composed of the LUT Mn1 of the cell 1A, and a Muller-C element 11 where the request of an input source X and the acknowledge of the output destination Y are inputted and a signal for controlling the opening/closing of first and second gates is outputted is composed of the LUT Mw1 of the cell 1A and the LUT Me2 of a cell 1B.

Apparatus, method, program and recording medium for selecting real-time processing type gateway, and session setting server

Abstract: PROBLEM TO BE SOLVED: To solve a problem that an optimal gateway can not be selected during a 3-way handshake procedure. SOLUTION: In a first step, a gateway is temporarily selected and in a second step, an optimal gateway is selected again. In a third step, the optimal gateway is reported. Thereby, the optimal gateway can be selected during the 3-way handshake procedure. COPYRIGHT: (C)2004,JPO

Relaying method, repeater, program, and recording medium

Abstract: PROBLEM TO BE SOLVED: To reduce traffic in a communication network of a narrow band while ensuring security for encryption communication. SOLUTION: A DTE (data terminal equipment) 11 and an LWP 16 perform handshake processing to start an encipherment communication corresponding to an SSL (secure socket layer). If the LWP 16 succeeds in handshake with the DTE 11, the LWP 16 performs handshake processing in order to start the encipherment communication of the SSL with a WWW server 14 designated by the DTE 11. The LWP 16 transmits information related to the certification of the WWW server 14 obtained in the handshake processing to the DTE 11 only at the first time. This reduces traffic in a mobile packet communication network 12. COPYRIGHT: (C)2003,JPO

Counting a number of occurrences of a first RTS (ready to send) and a first RTR (ready to receive) signals for limiting a data transfer bandwidth through handshake suppression

Abstract: An apparatus for limiting a data transfer bandwidth through handshake suppression is configured to generate a first reset signal, generate a second reset signal a predetermined number of clock cycles after generating the first reset signal, generate a handshake count representing a number of receptions, between the first reset signal and the second reset signal, of a first Ready to Send (“RTS”) handshake signal and a first Ready to Receive (“RTR”) handshake signal, and disable a second RTR handshake signal and the first RTS handshake signal based on a comparison of the handshake count and a maximum value.

Programmable bandwidth limiter using handshake suppression

Abstract: An apparatus (62) for limiting a data transfer bandwidth through handshake suppression is configured to generate a first reset signal, generate a second reset signal a predetermined number of clock cycles after generating the first reset signal, generate a handshake count representing a number of receptions, between the first reset signal and the second reset signal, of a first Ready to Send ('RTS') handshake signal and a first Ready to Receive ('RTR') handshake signal, and disable a second RTR handshake signal and the first RTS handshake signal based on a comparison of the handshake count and a maximum value.

A single-rail handshake CDMA correlator

Abstract: In this paper, we present a CDMA correlator design using asynchronous handshake circuits. Compared to the traditional synchronous design, the asynchronous design has the advantage of low energy consumption and low electro-magnetic interference. In our design, all the handshake components are implemented using a standard 0.35 /spl mu/m cell library. This design compares favorably to the synchronous design.

Enhancing productivity with automation of material and information flow by chaining distributed controller units

Abstract: A training concept is described on how to implement measures to increase Productivity for trainees on technician level. It's focusing on implementing network systems to chain distributed programmable controller units. Seven PLC controlled stations made an assembly line for a model cylinder (25 mm /spl times/ 40 mm). The class will be divided into groups and each will be assigned to one station. The time will be measured which is needed to assemble one Output by the work of "7 operators". To automate a material flow a parallel I/O communication network will be installed. Finally the whole installation is networked by means of plugs, sockets and cables. 4 input/4 output bits at each station are used to program the handshake procedures. Obviously only one operator is needed to start the assembly task. To add a convenient information flow the wired I/O network will be replaced by a PROFIBUS DP network. The installation work is reduced dramatically but the projecting task is on the other hand more complex. The information flow needs a data design and also the procedure of the handshake should be taken correctly. Concerning Productivity the factor Time will be measured also with this configuration.

Signaling method and apparatus

Abstract: In the exemplary system, a 'software' handshake is employed to signal from the keyboard (18) when it is desired to 'wake up' the host (10) After the handshake is completed, a key scan code is communicated to the host Thereafter the host may revert to 'sleep' mode until another keystroke (press or release) occurs This helps to conserve power and increase battery life

Signaling method and apparatus with a host and human input device

Abstract: In the exemplary system, a “software” handshake is employed to signal from the keyboard when it is desired to “wake up” the host. After the handshake is completed, a key scan code is communicated to the host. Thereafter the host may revert to “sleep” mode until another keystroke (press or release) occurs. This helps to conserve power and increase battery life.