Method for discriminating a message between a terminal and a data server
US-2023262004-A1 · Aug 17, 2023 · US
Method for capturing a packet from an encrypted session
US12348500B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12348500-B2 |
| Application number | US-202118007963-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 1, 2021 |
| Priority date | Jun 4, 2020 |
| Publication date | Jul 1, 2025 |
| Grant date | Jul 1, 2025 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method for capturing a packet from an encrypted session established between a terminal unit and a data server. The packet includes a datum for determining a security key used for the encryption of the packet. The method is implemented by a device routing the packet between the terminal unit and the data server and includes: analysis of a plurality of packets transmitted by the terminal unit and destined for the server; identification of a cooperation packet from among the plurality of analyzed packets, the cooperation packet including the determining datum corresponding to a security key used for the encryption of packets transmitted by the terminal unit to the data server prior to the terminal unit sending the cooperation packet; and decryption of the received cooperation packet using a security key corresponding to the determining datum from the identified cooperation packet.
First claim
Opening claim text (preview).
The invention claimed is: 1. A capturing method for capturing a packet from an encrypted session established between a terminal unit and a data server, said packet comprising a datum for determining a security key used for encrypting the packet, the method being implemented by a device routing the packet between the terminal unit and the data server and comprising: analyzing the datum for determining the security key of a plurality of received packets transmitted by the terminal unit and destined for the server; identifying a cooperation packet from among the plurality of transmitted packets, said cooperation packet comprising a value of the determining datum, distinct from a value of the data for determining the security keys of the other packets of the plurality of packets, said value of the determining datum of the cooperation packet corresponding to a security key used for encrypting packets transmitted by the terminal unit to the data server prior to the terminal unit sending said cooperation packet; and decrypting the cooperation packet using a security key corresponding to the value of the determining datum of the identified cooperation packet. 2. The capturing method as claimed in claim 1 , wherein the determining datum is a binary phase element indicating a key change to be used by the terminal and the data server for encrypting and decrypting packets exchanged between the terminal unit and the data server. 3. The capturing method as claimed in claim 1 , wherein the cooperation packet is a packet of a secure data multiplexing protocol and the cooperation packet is identified from one or more of the following parameter(s): phase bit; value of a spin bit of a QUIC (Quick UDP Internet Communications) transport protocol packet; value of RR bits of the QUIC transport protocol packet; connection identifier. 4. The capturing method as claimed in claim 1 , wherein the cooperation packet is identified after activating, in the device, detection of the packets for which the determining datum has a value that differs from the determining datum of a plurality of successive packets previously received from the terminal unit. 5. The capturing method as claimed in claim 1 , wherein the security key associated with the determining datum is transmitted by the terminal unit to the device after an end of the session between the terminal unit and the data server. 6. The capturing method as claimed in claim 1 , wherein the security key associated with the determining datum was used for securing an exchange of packets from a previous session between the terminal unit and the data server. 7. The capturing method as claimed in claim 1 , wherein the security key associated with the determining datum is a key negotiated between the terminal unit and the data server during a step of initializing the session. 8. The capturing method as claimed in claim 1 , wherein the cooperation packet is removed from the plurality of packets when routing said plurality of packets to the data server. 9. The capturing method as claimed in claim 1 , further comprising analyzing, as well as identifying a cooperation packet, and decrypting the cooperation packet as defined in claim 1 , from among the packets transmitted by the data server to the terminal unit. 10. A device for capturing a packet from an encrypted session established between a terminal unit and a data server, said packet comprising a datum for determining a security key used for encrypting the packet, the device comprising: a processor; and a non-transitory computer readable medium comprising instructions stored thereon which when executed by the processor configure the device to implement a method comprising: analyzing the datum for determining the security key of a plurality of received packets transmitted by the terminal unit and destined for the server; identifying a cooperation packet from among the plurality of transmitted packets, said cooperation packet comprising a value of the determining datum, distinct from a value of the data for determining the security keys of the other packets of the plurality of packets, said value of the determining datum of the cooperation packet corresponding to a security key used for encrypting packets transmitted by the terminal unit to the data server prior to the terminal unit sending said cooperation packet; a decryption module, capable of decrypting the cooperation packet using a security key corresponding to the value of the determining datum of the identified cooperation packet. 11. A non-transitory computer readable medium comprising a computer program stored thereon comprising instructions for implementing a capturing method, when the program is executed by a processor of a device routing a packet between a terminal unit and a data server, the capturing method capturing the packet from an encrypted session established between the terminal unit and the data server, said packet comprising a datum for determining a security key used for encrypting the packet, the method comprising: analyzing the datum for determining the security key of a plurality of received packets transmitted by the terminal unit and destined for the server; identifying a cooperation packet from among the plurality of transmitted packets, said cooperation packet comprising a value of the determining datum, distinct from a value of the data for determining the security keys of the other packets of the plurality of packets, said value of the determining datum of the cooperation packet corresponding to a security key used for encrypting packets transmitted by the terminal unit to the data server prior to the terminal unit sending said cooperation packet; and decrypting the cooperation packet using a security key corresponding to the value of the determining datum of the identified cooperation packet.
Assignees
Inventors
Classifications
Adaptation or special uses of UDP protocol · CPC title
by embedding flow control information in regular packets, e.g. piggybacking · CPC title
for supporting traffic characterised by the type of applications · CPC title
during transmission, i.e. party's identity is protected against eavesdropping, e.g. by using temporary identifiers, but is known to the other party or parties involved in the communication · CPC title
Setup of application sessions (admission control or resource allocation in data switching networks H04L47/70) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12348500B2 cover?
- A method for capturing a packet from an encrypted session established between a terminal unit and a data server. The packet includes a datum for determining a security key used for the encryption of the packet. The method is implemented by a device routing the packet between the terminal unit and the data server and includes: analysis of a plurality of packets transmitted by the terminal unit a…
- Who is the assignee on this patent?
- Orange
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0435. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jul 01 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).