“Method For Performing Tls/Ssl Inspection Based On Verified Subject Name” in Patent Application Approval Process (USPTO 20200204519)

2020 JUL 10 (NewsRx) -- By a News Reporter-Staff News Editor at Insurance Daily News -- A patent application by the inventors ISAEV, Pavel (Ashkelon, IL); SAYAG, Idan (Tel Aviv, IL); VOLODIN, Alexey (Tel Aviv, IL); ZEGMAN, Tamir (Tel Aviv, IL), filed on December 20, 2018, was made available online on June 25, 2020, according to news reporting originating from Washington, D.C., by NewsRx correspondents.

This patent application is assigned to Check Point Software Technologies Ltd. (Tel Aviv, Israel).

The following quote was obtained by the news editors from the background information supplied by the inventors: “Transport Layer Security (TLS), and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communications security over a computer network. SSL and TLS are defined in a series of Request For Comments (RFCs), the latest is RFC 8446 (https://tools.ietf.org/html/rfc8446), this document is incorporated by reference herein. Several versions of the protocols find widespread use in applications such as serving web traffic. Encrypted web traffic typically needs to be inspected for security reasons, by security and other inspection devices. However, there are instances where web traffic should not be decrypted and inspected, such as in cases where it is needed to protect the privacy of an individual or an organization, or when following security policies, or regulations such as Health Insurance: Portability and Accountability Act (HIPAA) in the United States.

“A Hypertext Transfer Protocol Secure (HTTPS) Inspection Rule Base is a set of rules used to define which HTTPS traffic will be decrypted and inspected by a Security Gateway, and which traffic including data, will be bypassed, for example, such that TLS/SSL inspection is not performed on the traffic. As a result of the bypass, the traffic passes through the security gateway to its intended destination. Rules in the rule base can match the connections by Internet Protocol (IP) addresses, transport layer information, such as Transmission Control Protocol (TCP) ports, as well as site’s identity. TCP is defined in a series of Request For Comments (RFCs), such as RFC 793 (https://tools.ietf.org/html/rfc793), this document is incorporated by reference herein. This categorization process requires knowledge of the ‘subject name’ of the web site.

“One example for deciding on bypassing is shown in FIG. 1. Here, a contemporary bypass is performed by security gateways, e.g., a firewall 10, between a client, represented by the client computer 12 (‘client’ and ‘client computer’ used interchangeably herein) and a server 14, along a communications network such as the Internet. The process involves a client side connection 20, between the client 12 and the firewall 10. The connection comprises a TCP handshake 20a between the firewall 10 and the client 12, followed by a Client Hello message 20b, sent from the client 12 to the firewall 10. The Client Hello message 20b is typically the first message of the connection. The firewall 10 analyzes the Client Hello message 20b, and Server Name Indication (SNI) information within the Client Hello message 20b. The SNI information is, for example, normally used in the TLS handshake 20a, to allow a server, which, for example, hosts multiple websites, to use the correct set of TLS/SSL credentials, for the requested web site. The Security Gateway, based on the SNI information, renders a decision 24, and then processes the traffic by either bypassing it, for example by forwarding encrypted and/or TLS/SSL handshake messages exchanged between the client and the server without altering them and/or decrypting them; inspecting it, for example by decrypting the traffic and performing additional security checks on the decrypted traffic; or blocking it, for example by dropping further packets belonging to the connection.

“However, this method is imprecise and could lead to violations of the enterprise security policy. For example, a malicious client could send a Client Hello message that includes an innocent looking SNI extension. This could lead the Security Gateway to assume that the client is connecting to a legitimate website. However, the client is actually circumventing the Gateway security mechanisms in order to connect to a malicious website, or other site, which should be inspected or blocked according to the security policy of the Gateway.”

In addition to the background information obtained for this patent application, NewsRx journalists also obtained the inventors’ summary information for this patent application: “The present invention is directed to an inspection decision mechanism. This mechanism provides a precise site identity that facilities, for example, security, privacy and improved connectivity. Security devices with this mechanism apply a rule base that determines which cryptographically protected traffic should be inspected, bypassed, for example, excluded from decryption, or blocked.

“The present invention provides methods and systems for processing cryptographically secured connections by a gateway, between a client and a server. Upon receiving TCP and TLS/SSL handshakes associated with a client side connection, from a client (client computer) to the gateway, a probing connection is established. The probing connection completes the handshakes, and based on the completion of the handshakes, the gateway renders a decision, to bypass, block or inspect, the connections between the client and the server, allowing or not allowing data to pass through the connections between the client and the server.

“The present invention provides a verified subject name, based on certificate authentication, to a rule base before an inspection/bypass/block decision is made. For example, a gateway analyzes a server certificate to identify a site. It does so by using a probing connection, which provides an additional security layer in the aforementioned inspection/bypass/block decision.

“The probing connection allows the gateway to identify the site which is hosted on the server. The gateway opens a connection with the server, for example, by performing a TCP (Transmission Control Protocol) handshake with the server followed by a TLS/SSL handshake. In the TLS/SSL handshake, the gateway sends an SNI message (for example, based on an SNI message originally sent by the client to the gateway), followed by additional handshake messages between the gateway and the server, one of the messages being a server certificate message which includes, for example, a server certificate. The server certificate message is sent by the server to the gateway. The gateway analyzes the information sent by the server, including information found in the server certificate message, in order to determine the identity of the site.

“Embodiments of the invention are directed to a method for processing cryptographically secured connections by a gateway between a client and a server. The method comprises: receiving a connection request from a client, responding to the received connection request by initiating a probing connection to the server, the probing connection including: 1) performing a cryptographic protocol with the server, the cryptographic protocol including causing the server to provide an indicator to a site hosted by the server; 2) receiving data from the server including an indicator to a site hosted by the server; and, 3) analyzing the received indicator to determine the identity of the site hosted by the server; and, processing the connection based, at least in part, on the determined identity of the site hosted by the server.

“Optionally, the method is such that, the processing the connection includes a decision to block, inspect, or bypass the connection, where the decision is, at least in part, based on the determined identity.

“Optionally, the method is such that, the cryptographic protocol includes a Transport Control Protocol (TCP) handshake and a Transport Layer Security (TLS) handshake.

“Optionally, the method is such that, the received connection request includes a Client Hello message, and the TLS handshake includes a copy of the Client Hello message sent by the client including a Server Name Indication (SNI) extension.

“Optionally, the method is such that, the indicator received from the server includes a server certificate.

“Optionally, the method is such that, the site includes a website hosted by the server.

“Optionally, the method is such that, the protocol includes at least one of: a Datagram Transport Layer Security (DTLS) handshake or a Quick UDP Internet Connections (QUIC) handshake.

“Embodiments of the invention are directed to a computer system for processing cryptographically secured connections by a gateway between a client and a server. The computer system comprises: a storage medium for storing computer components, and, at least one processor for executing the computer components. The computer components comprise: a first computer component for receiving a connection request from a client; a second computer component for responding to the received connection request by initiating a probing connection to the server, the probing connection including: 1) performing a cryptographic protocol with the server, the cryptographic protocol including causing the server to provide an indicator to a site hosted by the server; 2) receiving data from the server including an indicator to a site hosted by the server; and, 3) analyzing the received indicator to determine the identity of the site hosted by the server. There is also a third component for processing the connection based, at least in part, on the determined identity of the site hosted by the server.

“Optionally, the computer system additionally comprises a fourth component for deciding to block, inspect, or bypass the connection, where the decision is, at least in part, based on the determined identity.

“Optionally, the computer system is such that, the cryptographic protocol includes a Transport Control Protocol (TCP) handshake and a Transport Layer Security (TLS) handshake.

“Optionally, the computer system is such that, the received connection request includes a Client Hello message, and the TLS handshake includes a copy of the Client Hello message sent by the client including a Server Name Indication (SNI) extension.

“Optionally, the computer system is such that, the indicator received from the server includes a server certificate.

“Optionally, the computer system is such that, the site includes a website hosted by the server.

“Optionally, the computer system is such that, the protocol includes at least one of: a Datagram Transport Security Protocol (DTLS) handshake or a Quick UDP Internet Connections (QUIC) handshake.

“Embodiments of the invention are directed to a computer usable non-transitory storage medium having a computer program embodied thereon for causing a suitably programmed system to process cryptographically secured connections by a gateway between a client and a server, by performing the following steps when such program is executed on the system. The steps comprise: receiving a connection request from a client; responding to the received connection request by initiating a probing connection to the server, the probing connection including: 1) performing a cryptographic protocol with the server, the cryptographic protocol including causing the server to provide an indicator to a site hosted by the server; 2) receiving data from the server including an indicator to a site hosted by the server; and, 3) analyzing the received indicator to determine the identity of the site hosted by the server; and, processing the connection based, at least in part, on the determined identity of the site hosted by the server.

“Optionally, the computer usable non-transitory storage medium is such that, the processing the connection includes a decision to block, inspect, or bypass the connection, where the decision is, at least in part, based on the determined identity.

“Optionally, the computer usable non-transitory storage medium is such that, the cryptographic protocol includes a Transport Control Protocol (TCP) handshake and a Transport Layer Security (TLS) handshake.

“Optionally, the computer usable non-transitory storage medium is such that, the received connection request includes a Client Hello message, and the TLS handshake includes a copy of the Client Hello message sent by the client including a Server Name Indication (SNI) extension.

“Optionally, the computer usable non-transitory storage medium is such that, the indicator received from the server includes a server certificate.

“Optionally, the computer usable non-transitory storage medium is such that, the site includes a website hosted by the server.

“Optionally, the computer usable non-transitory storage medium is such that, the protocol includes at least one of: a Datagram Transport Security Protocol (DTLS) handshake or a Quick UDP Internet Connections (QUIC) handshake.

“Unless otherwise defined herein, all technical and/or scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which the invention pertains. Although methods and materials similar or equivalent to those described herein may be used in the practice or testing of embodiments of the invention, exemplary methods and/or materials are described below. In case of conflict, the patent specification, including definitions, will control. In addition, the materials, methods, and examples are illustrative only and are not intended to be necessarily limiting.”

The claims supplied by the inventors are:

“1. A method for processing cryptographically secured connections by a gateway between a client and a server comprising: receiving a connection request from a client; responding to the received connection request by initiating a probing connection to the server, the probing connection including: performing a cryptographic protocol with the server, the cryptographic protocol including causing the server to provide an indicator to a site hosted by the server; receiving data from the server including an indicator to a site hosted by the server; and, analyzing the received indicator to determine the identity of the site hosted by the server; and, processing the connection based, at least in part, on the determined identity of the site hosted by the server.

“2. The method of claim 1, wherein the processing the connection includes a decision to block, inspect, or bypass the connection, where the decision is, at least in part, based on the determined identity.

“3. The method of claim 1, wherein the cryptographic protocol includes a Transport Control Protocol (TCP) handshake and a Transport Layer Security (TLS) handshake.

“4. The method of claim 3, wherein the received connection request includes a Client Hello message, and the TLS handshake includes a copy of the Client Hello message sent by the client including a Server Name Indication (SNI) extension.

“5. The method of claim 4, wherein the indicator received from the server includes a server certificate.

“6. The method of claim 1, wherein the site includes a website hosted by the server.

“7. The method of claim 2 wherein the protocol includes at least one of: a Datagram Transport Layer Security (DTLS) handshake or a Quick UDP Internet Connections (QUIC) handshake.

“8. A computer system for processing cryptographically secured connections by a gateway between a client and a server comprising: a storage medium for storing computer components; and, at least one processor for executing the computer components comprising: a first computer component for receiving a connection request from a client; a second computer component for responding to the received connection request by initiating a probing connection to the server, the probing connection including: performing a cryptographic protocol with the server, the cryptographic protocol including causing the server to provide an indicator to a site hosted by the server; receiving data from the server including an indicator to a site hosted by the server; and, analyzing the received indicator to determine the identity of the site hosted by the server; and, a third component for processing the connection based, at least in part, on the determined identity of the site hosted by the server.

“9. The computer system of claim 8, additionally comprising a fourth component for deciding to block, inspect, or bypass the connection, where the decision is, at least in part, based on the determined identity.

“10. The computer system of claim 9, wherein the cryptographic protocol includes a Transport Control Protocol (TCP) handshake and a Transport Layer Security (TLS) handshake.

“11. The computer system of claim 10, wherein the received connection request includes a Client Hello message, and the TLS handshake includes a copy of the Client Hello message sent by the client including a Server Name Indication (SNI) extension.

“12. The computer system of claim 11, wherein the indicator received from the server includes a server certificate.

“13. The computer system of claim 8, wherein the site includes a website hosted by the server.

“14. The computer system of claim 9, wherein the protocol includes at least one of: a Datagram Transport Security Protocol (DTLS) handshake or a Quick UDP Internet Connections (QUIC) handshake.

“15. A computer usable non-transitory storage medium having a computer program embodied thereon for causing a suitably programmed system to process cryptographically secured connections by a gateway between a client and a server, by performing the following steps when such program is executed on the system, the steps comprising: receiving a connection request from a client; responding to the received connection request by initiating a probing connection to the server, the probing connection including: performing a cryptographic protocol with the server, the cryptographic protocol including causing the server to provide an indicator to a site hosted by the server; receiving data from the server including an indicator to a site hosted by the server; and, analyzing the received indicator to determine the identity of the site hosted by the server; and, processing the connection based, at least in part, on the determined identity of the site hosted by the server.

“16. The computer usable non-transitory storage medium of claim 15, wherein the processing the connection includes a decision to block, inspect, or bypass the connection, where the decision is, at least in part, based on the determined identity.

“17. The computer usable non-transitory storage medium of claim 16, wherein the cryptographic protocol includes a Transport Control Protocol (TCP) handshake and a Transport Layer Security (TLS) handshake.

“18. The computer usable non-transitory storage medium of claim 17, wherein the received connection request includes a Client Hello message, and the TLS handshake includes a copy of the Client Hello message sent by the client including a Server Name Indication (SNI) extension.

“19. The computer usable non-transitory storage medium of claim 18, wherein the indicator received from the server includes a server certificate.

“20. The computer usable non-transitory storage medium of claim 15, wherein the site includes a website hosted by the server.

“21. The computer usable non-transitory storage medium of claim 16, wherein the protocol includes at least one of: a Datagram Transport Security Protocol (DTLS) handshake or a Quick UDP Internet Connections (QUIC) handshake.”

URL and more information on this patent application, see: ISAEV, Pavel; SAYAG, Idan; VOLODIN, Alexey; ZEGMAN, Tamir. Method For Performing Tls/Ssl Inspection Based On Verified Subject Name. Filed December 20, 2018 and posted June 25, 2020. Patent URL: http://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PG01&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.html&r=1&f=G&l=50&s1=%2220200204519%22.PGNR.&OS=DN/20200204519&RS=DN/20200204519

(Our reports deliver fact-based news of research and discoveries from around the world.)