Hitless manual cryptographic key refresh in secure packet networks

In a hitless manual cryptographic key refresh scheme, a state machine may be independently maintained at each network node. The state machine may include a first state, a second state, and a third state. In the first state, which may be the steady state, a current cryptographic key may be used both for generating signatures for outgoing packets and for authenticating signatures of incoming packets. In the second state, which is entered when a new cryptographic key is provisioned, the old (i.e. formerly current) key may still be used for generating signatures for outgoing packets, however one or, if necessary, both of the old key and the newly provisioned key may be used for authenticating signatures of incoming packets. In the third state, the new key may be used for generating signatures for outgoing packets and either one or both of the old key and new key may be used for authenticating signatures of incoming packets.

Web www.patentalert.com

< Method, device and computer program product for activating the right of use at least one secured content item

> Method, apparatus, and program product for automatically provisioning secure network elements

> Key generation method for communication session encryption and authentication system

~ 00541