Patents by Inventor Dharmanandana Reddy Pothula
Dharmanandana Reddy Pothula has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11943209Abstract: In the IKE or IPSec SA rekeying, whether the rekey exchange includes the cryptographic suite in the payload depends on whether the cryptographic suite used in the old SA is changed on both ends, e.g., the initiator and the responder. If the cryptographic suite is not changed, then the rekey exchange does not include the cryptographic suite. Additionally, in the IPSec SA rekey, if the flowing information is not changed in either end, the rekey exchange further does not include the Traffic Selector (TS). As such, the size of the payload is decreased, which saves bandwidth, more processing time and power in the course of the IKE SA or the IPSec SA rekey.Type: GrantFiled: May 17, 2021Date of Patent: March 26, 2024Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Sandeep Kampati, Bharath Soma Satya Meduri, Dharmanandana Reddy Pothula, De Sheng
-
Patent number: 11888982Abstract: In the IKE or IPSec SA rekeying, whether the rekey exchange includes the cryptographic suite in the payload depends on whether the cryptographic suite used in the old SA is changed on both ends, e.g., the initiator and the responder. If the cryptographic suite is not changed, then the rekey exchange does not include the cryptographic suite. Additionally, in the IPSec SA rekey, if the flowing information is not changed in either end, the rekey exchange further does not include the Traffic Selector (TS). As such, the size of the payload is decreased, which saves bandwidth, more processing time and power in the course of the IKE SA or the IPSec SA rekey.Type: GrantFiled: May 16, 2021Date of Patent: January 30, 2024Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Sandeep Kampati, De Sheng, Dharmanandana Reddy Pothula, Bharath Soma Satya Meduri
-
Publication number: 20220263811Abstract: A method for Internet Key Exchange (IKE) re-authentication optimization includes sending, by a first network device and a second network device, a notification, which contains new Security Parameters Index (SPI) for new security association (SA), and sending, by the first network device alone, an OLD_SPI notification to map SPI of Internet Protocol Security (IPsec) (Authentication Header (AH)/Encapsulating Security Payload (ESP)) with the old IPSec SA.Type: ApplicationFiled: April 8, 2022Publication date: August 18, 2022Inventors: Sandeep Kampati, Lohit S, Shubham Mamodiya, Bharath Soma Satya Meduri, Vishnu Vardhan Bachu V N, Dharmanandana Reddy Pothula, Karthigaasri R T
-
Publication number: 20210273799Abstract: In the IKE or IPSec SA rekeying, whether the rekey exchange includes the cryptographic suite in the payload depends on whether the cryptographic suite used in the old SA is changed on both ends, e.g., the initiator and the responder. If the cryptographic suite is not changed, then the rekey exchange does not include the cryptographic suite. Additionally, in the IPSec SA rekey, if the flowing information is not changed in either end, the rekey exchange further does not include the Traffic Selector (TS). As such, the size of the payload is decreased, which saves bandwidth, more processing time and power in the course of the IKE SA or the IPSec SA rekey.Type: ApplicationFiled: May 16, 2021Publication date: September 2, 2021Applicant: HUAWEI TECHNOLOGIES CO.,LTD.Inventors: Sandeep Kampati, De Sheng, Dharmanandana Reddy Pothula, Bharath Soma Satya Meduri
-
Publication number: 20210273928Abstract: In the IKE or IPSec SA rekeying, whether the rekey exchange includes the cryptographic suite in the payload depends on whether the cryptographic suite used in the old SA is changed on both ends, e.g., the initiator and the responder. If the cryptographic suite is not changed, then the rekey exchange does not include the cryptographic suite. Additionally, in the IPSec SA rekey, if the flowing information is not changed in either end, the rekey exchange further does not include the Traffic Selector (TS). As such, the size of the payload is decreased, which saves bandwidth, more processing time and power in the course of the IKE SA or the IPSec SA rekey.Type: ApplicationFiled: May 17, 2021Publication date: September 2, 2021Applicant: HUAWEI TECHNOLOGIES CO.,LTD.Inventors: Sandeep Kampati, Bharath Soma Satya Meduri, Dharmanandana Reddy Pothula, De Sheng
-
Publication number: 20210105348Abstract: Disclosed are a system, method and devices for simultaneous MACsec key agreement (MKA) negotiation between the devices. The present application controls a basic TLV message exchange between supplicant and authenticator in case of race condition to establish the secure association key (SAK) channel. The present application by controlling a basic TLV message exchange enables to establish a secure channel in race condition and achieves a high reliability of the product as this makes product launch MACsec services quickly and available for the service. Accordingly, when both sides (two supplicants) exchange hello with basic TLV at the same time, triggering the race condition, drops first message from the authenticator at supplicant and update the peer MN and the supplicant will not send reply. The authenticator when send next message (basic+potential peer TLV) with peer MN incremented by 1, the supplicant will respond with incremental message with live peer TLV.Type: ApplicationFiled: December 16, 2020Publication date: April 8, 2021Inventors: Dharmanandana Reddy Pothula, Chandra Mohan Padamati, Antony Paul, Yun Qin, De Sheng
-
Patent number: 10904368Abstract: Disclosed are a system, method and devices for simultaneous MACsec key agreement (MKA) negotiation between the devices. The present application controls a basic TLV message exchange between supplicant and authenticator in case of race condition to establish the secure association key (SAK) channel. The present application by controlling a basic TLV message exchange enables to establish a secure channel in race condition and achieves a high reliability of the product as this makes product launch MACsec services quickly and available for the service. Accordingly, when both sides (two supplicants) exchange hello with basic TLV at the same time, triggering the race condition, drops first message from the authenticator at supplicant and update the peer MN and the supplicant will not send reply. The authenticator when send next message (basic+potential peer TLV) with peer MN incremented by 1, the supplicant will respond with incremental message with live peer TLV.Type: GrantFiled: May 23, 2019Date of Patent: January 26, 2021Assignee: Huawei Technologies Co., Ltd.Inventors: Dharmanandana Reddy Pothula, Chandra Mohan Padamati, Antony Paul, Yun Qin, De Sheng
-
Patent number: 10616761Abstract: Methods, servers, base stations and communication systems for configuring security parameters are disclosed. Embodiments of the present invention provide a method for configuring security parameters in a network, the network comprising at least one base station and a server providing service for the at least one base station. The method comprises updating, by the server, security parameters for the base station and sending, by the server, the updated security parameters to the base station, so that base stations transmits data between each other according to the updated security parameters.Type: GrantFiled: May 16, 2017Date of Patent: April 7, 2020Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Dharmanandana Reddy Pothula, Chi Zhang
-
Publication number: 20190281031Abstract: Disclosed are a system, method and devices for simultaneous MACsec key agreement (MKA) negotiation between the devices. The present application controls a basic TLV message exchange between supplicant and authenticator in case of race condition to establish the secure association key (SAK) channel. The present application by controlling a basic TLV message exchange enables to establish a secure channel in race condition and achieves a high reliability of the product as this makes product launch MACsec services quickly and available for the service. Accordingly, when both sides (two supplicants) exchange hello with basic TLV at the same time, triggering the race condition, drops first message from the authenticator at supplicant and update the peer MN and the supplicant will not send reply. The authenticator when send next message (basic+potential peer TLV) with peer MN incremented by 1, the supplicant will respond with incremental message with live peer TLV.Type: ApplicationFiled: May 23, 2019Publication date: September 12, 2019Inventors: Dharmanandana Reddy Pothula, Chandra Mohan Padamati, Antony Paul, Yun Qin, De Sheng
-
Publication number: 20170251363Abstract: Methods, servers, base stations and communication systems for configuring security parameters are disclosed. Embodiments of the present invention provide a method for configuring security parameters in a network, the network comprising at least one base station and a server providing service for the at least one base station. The method comprises updating, by the server, security parameters for the base station and sending, by the server, the updated security parameters to the base station, so that base stations transmits data between each other according to the updated security parameters.Type: ApplicationFiled: May 16, 2017Publication date: August 31, 2017Inventors: Dharmanandana Reddy Pothula, Chi Zhang
-
Publication number: 20170104734Abstract: A method for communication between femto access points (Aps) and a femto AP is presented. The method includes creating, by a first femto AP with a key server (KS), a first tunnel between the first femto AP and the KS, and downloading, by the first femto AP, a key as a first key and an access control list (ACL) from the KS through the first tunnel, wherein the ACL is configured to indicate a data flow access rule between the first femto AP and a second femto AP; encrypting, by the first femto AP, first data using the first key to obtain encrypted first data, and sending the encrypted first data to the second femto AP according to the data flow access rule indicated by the ACL, so that the second femto AP decrypts the encrypted first data using a second key.Type: ApplicationFiled: December 16, 2016Publication date: April 13, 2017Inventors: Dharmanandana Reddy Pothula, Chi Zhang