US 12,267,421 B2
Post quantum secure ingress/egress network communication
Nataraj Nagaratnam, Cary, NC (US); Martin Schmatz, Zurich (CH); Navaneeth Rameshan, Zurich (CH); Vaijayanthimala K. Anand, Austin, TX (US); and Jeffrey J. Feng, Round Rock, TX (US)
Assigned to International Business Machines Corporation, Armonk, NY (US)
Filed by International Business Machines Corporation, Armonk, NY (US)
Filed on Oct. 18, 2021, as Appl. No. 17/451,312.
Prior Publication US 2023/0119304 A1, Apr. 20, 2023
Int. Cl. H04L 9/08 (2006.01); H04L 9/30 (2006.01); H04L 67/133 (2022.01); H04L 67/563 (2022.01)
CPC H04L 9/0855 (2013.01) [H04L 9/302 (2013.01); H04L 9/3066 (2013.01); H04L 67/133 (2022.05); H04L 67/563 (2022.05)] 17 Claims
OG exemplary drawing
 
1. A computer-implemented method for post quantum secure network communication, the method comprising:
using a number of processors to perform the steps of:
sending, by a client in a first computing cluster, an outbound message to a quantum safe cryptographic (QSC) proxy server in the first computing cluster, wherein the outbound message is addressed to a target server in a second computing cluster;
initiating, by the QSC proxy server, a hybrid QSC transport layer security (TLS) connection with an ingress controller in the second computing cluster, wherein the ingress controller uses a QSC key encapsulation mechanism algorithm for session key establishment in hybrid mode;
transferring, by the QSC proxy server, the message to the ingress controller via the QSC TLS connection;
routing, by the ingress controller, the message to the target server in the second computing cluster via a non-QSC connection; and
sending, by the target server, a response to the client via the QSC TLS connection.