Encryption of payload on narrow-band IP links

US 20010052072A1
Filed: 12/27/2000
Published: 12/13/2001
Est. Priority Date: 01/25/2000
Status: Abandoned Application

First Claim

Patent Images

1. A method of synchronizing encrypted data in an Internet Protocol based network, comprising the steps of:

encrypting a data packet to be transmitted;

generating a sequence number associated with said encrypted data packet; and

transmitting said encrypted data packet together with said sequence number via an Internet Protocol based link.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method and apparatus for synchronizing the transmitting side and the receiving side in an IP network that uses a stream encryption algorithm are disclosed. A sequence number is introduced into the payload of each packet at the transmitting side and transmitted with the packets. Upon receipt at the receiving side, the sequence number is extracted from the payload and used to synchronize the receiving side to the transmitting side. An error detection mechanism is used to detect when the synchronization is lost and a recovery procedure is initiated. The length of the sequence number is made sufficiently long to cope with any jitter variations in the IP network. This sequence number length is dynamically adjustable based on the amount of jitter detected in the network.

Citations

18 Claims

1. A method of synchronizing encrypted data in an Internet Protocol based network, comprising the steps of:
- encrypting a data packet to be transmitted;
  
  generating a sequence number associated with said encrypted data packet; and
  
  transmitting said encrypted data packet together with said sequence number via an Internet Protocol based link.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method according to claim 1, further comprising receiving said encrypted data packet together with said sequence number and decrypting said encrypted data packet based on a value of said sequence number.
  - 3. The method according to claim 2, further comprising checking said decrypted data packet for errors and sending an error message if errors are detected in a predetermined number of data packets.
  - 4. The method according to claim 3, further comprising initiating a data recovery procedure after reception of said error message.
  - 5. The method according to claim 4, further comprising resetting said sequence number to an initial value after initiating said data recovery procedure.
  - 6. The method according to claim 5, further comprising issuing a sequence number reset notification message after resetting said sequence number.
  - 7. The method according to claim 1, further comprising setting a length of said sequence number based on an amount of jitter in said Internet Protocol based link.
  - 8. The method according to claim 7, further comprising dynamically adjusting said length of said sequence number to compensate for changes in said amount of jitter in said Internet Protocol based link.

9. An apparatus for synchronizing encrypted data in an Internet Protocol based network, comprising:
- an encryption/decryption module configured to encrypt a data packet to be transmitted;
  
  a sequence number processor in said encryption/decryption module configured to generate a sequence number associated with said encrypted data packet; and
  
  a transceiver module connected to said encryption/decryption module configured to transmit said encrypted data packet together with said sequence number via an Internet Protocol based link.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
- - 10. The apparatus according to claim 9, wherein said sequence number processor is further configured to extract a sequence number from a received encrypted data packet.
  - 11. The apparatus according to claim 10, wherein said encryption/decryption module is further configured to decrypt said encrypted data packet based on a value of said extracted sequence number.
  - 12. The apparatus according to claim 11, further comprising an error detection module configured to check said decrypted data packet for errors and to cause an error message to sent if errors are detected in a predetermined number of data packets.
  - 13. The apparatus according to claim 12, wherein said error detection module is further configured to initiate a data recovery procedure upon detecting that errors have occurred in said predetermined number of data packets.
  - 14. The apparatus according to claim 13, wherein said sequence number processor is further configured to reset said sequence number to an initial value after initiation of said data recovery procedure.
  - 15. The apparatus according to claim 14, wherein said sequence number processor is further configured to issue a sequence number reset notification message after said sequence number is reset.
  - 16. The apparatus according to claim 9, wherein said sequence number processor is further configured to set a length of said sequence number based on an amount of jitter in said Internet Protocol based link.
  - 17. The apparatus according to claim 16, wherein said sequence number processor is further configured to dynamically adjust said length of said sequence number to compensate for changes in said amount of jitter in said Internet Protocol based link.

18. An apparatus for synchronizing encrypted data in an Internet Protocol based network, comprising:
- an encryption/decryption module configured to encrypt a data packet to be transmitted;
  
  a sequence number processor in said encryption/decryption module configured to generate a sequence number associated with said encrypted data packet;
  
  a transceiver module connected to said encryption/decryption module configured to transmit said encrypted data packet together with said sequence number via an Internet Protocol based link, wherein said sequence number processor is further configured to extract a sequence number from a received encrypted data packet, and said encryption/decryption module is further configured to decrypt said encrypted data packet based on a value of said extracted sequence number; and
  
  an error detection module configured to check said decrypted data packet for errors and to cause an error message to be sent if errors are detected in a predetermined number of data packets, said error detection module being further configured to initiate a data recovery procedure upon detecting that errors have occurred in said predetermined number of data packets, wherein said sequence number processor is further configured to reset said sequence number to an initial value after initiation of said data recovery procedure and to issue a sequence number reset notification message after said sequence number is reset.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Telefonaktiebolaget LM Ericsson
Original Assignee
Telefonaktiebolaget LM Ericsson
Inventors
Jung, Stefan

Application Number

US09/751,156
Publication Number

US 20010052072A1
Time in Patent Office

Days
Field of Search
US Class Current

713/160
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 69/16   Implementation or adaptatio...

H04L 69/163   In-band adaptation of TCP d...

H04L 69/166   IP fragmentation; TCP segme...

Encryption of payload on narrow-band IP links

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Encryption of payload on narrow-band IP links

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links