Processing

Please wait...

Settings

Settings

Goto Application

1. WO2020108730 - DOMAIN NAME SYSTEM QUERIES

Publication Number WO/2020/108730
Publication Date 04.06.2020
International Application No. PCT/EP2018/082559
International Filing Date 26.11.2018
IPC
H04L 29/12 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
12characterised by the data terminal
H04L 29/06 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02Communication control; Communication processing
06characterised by a protocol
CPC
H04L 61/1511
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
61Network arrangements or network protocols for addressing or naming
15Directories; Name-to-address mapping
1505involving standard directories or standard directory access protocols
1511using domain name system [DNS]
H04L 61/6013
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
61Network arrangements or network protocols for addressing or naming
60Details
6013Proxying of addresses
H04L 63/045
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
04for providing a confidential data exchange among entities communicating through data packet networks
0428wherein the data content is protected, e.g. by encrypting or encapsulating the payload
045wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
H04L 63/0478
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
04for providing a confidential data exchange among entities communicating through data packet networks
0428wherein the data content is protected, e.g. by encrypting or encapsulating the payload
0478applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
Applicants
  • TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) [SE]/[SE]
Inventors
  • NIILO LEHTIKUJA, Niilo
  • SALMELA, Patrik
Agents
  • ERICSSON
Priority Data
Publication Language English (EN)
Filing Language English (EN)
Designated States
Title
(EN) DOMAIN NAME SYSTEM QUERIES
(FR) INTERROGATIONS DE SYSTÈME DE NOM DE DOMAINE
Abstract
(EN)
Embodiments presented herein relates to a method for secure domain name system (DNS) queries. The method is performed in a DNS client, and the method comprises obtaining (S100) an encryption key and internet protocol, IP, address for a final DNS resolver, creating (S110) a session key, encrypting (S120) a DNS query and the created session key with the obtained encryption key, and sending (S130) a DNS message containing the encrypted DNS query and the created session key to an intermediate DNS resolver, different from the final DNS resolver, together with the obtained IP address for the final DNS resolver. Methods, nodes, computer programs, and a computer program product for secure DNS queries are also presented.
(FR)
Selon certains modes de réalisation, la présente invention concerne un procédé destiné à des interrogations de système de nom de domaine sécurisé (DNS). Le procédé est mis en oeuvre dans un client DNS, et le procédé comprend l'obtention (S100) d'une clé de chiffrement et d'une adresse de protocole internet, IP, pour un résolveur DNS final, la création (S110) d'une clé de session, le chiffrement (S120) d'une interrogation DNS et de la clé de session créée avec la clé de chiffrement obtenue, et l'envoi (S130) d'un message DNS contenant l'interrogation DNS chiffrée et la clé de session créée à un résolveur DNS intermédiaire, différent du résolveur DNS final, conjointement avec l'adresse IP obtenue pour le résolveur DNS final. L'invention concerne également des procédés, des nœuds, des programmes d'ordinateur et un produit-programme d'ordinateur destinés à des interrogations DNS sécurisées.
Latest bibliographic data on file with the International Bureau