&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
          function printpage()
          {
          window.print()
          }
        </script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=12348613.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 12,348,613 B2</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Encrypted packet inspection method and protection device</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Xinqian He,  Hangzhou (CN)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  Huawei Technologies Co., Ltd.,  Shenzhen (CN)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  Huawei Technologies Co., Ltd.,  Shenzhen (CN)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Apr.  25, 2023, as Appl. No. 18/306,681.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 18/306,681 is a continuation of application No. PCT/CN2021/088501, filed on Apr.  20, 2021.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Claims priority of application No. 202011155469.4 (CN), filed on Oct.  26, 2020; and application No. 202011377786.0 (CN), filed on Nov.  30, 2020.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Prior Publication US 2023/0261858 A1, Aug.  17, 2023</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>H04L 9/08</b></i> (2006.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>H04L 9/0825</b></i> (2013.01)&#xa0;[<i><b>H04L 9/0841</b></i> (2013.01); <i><b>H04L 9/0869</b></i> (2013.01)]</td>
            <td class="table_data" align="right"><b>19 Claims</b></td>
          </tr>
        </table>
        <center><img src="US12348613-20250701-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. An encrypted packet inspection method, wherein the method comprises:<div class="claim_text">separately sending, by a protection device, a man-in-the-middle Diffie-Hellman (DH) parameter to a client device and to a server, wherein the protection device is deployed between the client device and the server, and the man-in-the-middle DH parameter is a DH parameter generated by the protection device;</div>
                <div class="claim_text">generating, by the protection device, a first session key based on the man-in-the-middle DH parameter and a client DH parameter, wherein the client DH parameter is a DH parameter generated by the client device;</div>
                <div class="claim_text">generating, by the protection device, a second session key based on the man-in-the-middle DH parameter and a server DH parameter, wherein the server DH parameter is a DH parameter generated by the server;</div>
                <div class="claim_text">receiving, by the protection device, an original encrypted packet; and</div>
                <div class="claim_text">when the original encrypted packet originates from the client device, decrypting, by the protection device, the original encrypted packet with the first session key, inspecting plaintext data obtained through decryption, encrypting the inspected plaintext data with the second session key to obtain a target encrypted packet, and sending the target encrypted packet to the server; or</div>
                <div class="claim_text">when the original encrypted packet originates from the server, decrypting, by the protection device, the original encrypted packet with the second session key, inspecting plaintext data obtained through decryption, encrypting the inspected plaintext data with the first session key to obtain a target encrypted packet, and sending the target encrypted packet to the client device.</div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>