| CPC H04L 9/3247 (2013.01) [H04L 9/3226 (2013.01); H04L 9/3268 (2013.01)] | 21 Claims |
|
1. A computer-implemented method for establishing verified and trusted communications between an upstream node and a downstream node in a network, the method comprising:
granting, by a central authority, a credential to each of the upstream node and the downstream node, the credential being configured to allow the upstream node and the downstream node to cryptographically sign messages;
passing, by the downstream node to the upstream node, a cryptographically signed message containing a nonce;
contacting, by the upstream node, the central authority using the nonce;
validating, by the central authority, the nonce from the downstream node using a validation mechanism configured for validating the signature on the nonce based on the credential and signature type;
if validated, issuing, by the central authority, a new cryptographically signed message for the upstream node to present to the downstream node, the new cryptographically signed message containing the nonce associated with the downstream node; and
verifying, by the upstream node and the downstream node, that the credentials of both nodes are valid according to the central authority.
|