Method and apparatus for end-to-end secure data communication
First Claim
1. A method for duplicating information in an IP packet with the sole intention of using it to partially or completely reverse the effect of intermediate NATs, comprising the steps of:
- Identifying parts of an IP packet that can be potentially modified by NATs;
Copying that information in its current form or copying it into a different format;
Inserting this information into an IP packet in a manner that keeps it protected from intermediate NATs.
0 Assignments
0 Petitions
Accused Products
Abstract
The disclosed invention is a new method and apparatus to achieve end-to-end secure communication over public and private networks. The method can provide security to all networked applications without any modifications to the applications. The method is compatible with other networking protocols, such as, network address translation (NAT), Internet control message protocol (ICMP), and all quality of service (QoS) protocols that operate up to the transport layer. Secure communication system based on other protocols such as IPSec cannot achieve end-to-end security, while remaining compatible with networking protocols such as NAT and ICMP.
-
Citations
12 Claims
-
1. A method for duplicating information in an IP packet with the sole intention of using it to partially or completely reverse the effect of intermediate NATs, comprising the steps of:
-
Identifying parts of an IP packet that can be potentially modified by NATs;
Copying that information in its current form or copying it into a different format;
Inserting this information into an IP packet in a manner that keeps it protected from intermediate NATs. - View Dependent Claims (2, 3, 4)
-
-
5. A method for studying the effect of intermediate NATs with the sole purpose of using it to partially or completely reverse the effect of intermediate NATs, comprising the steps of:
-
Identifying parts of an IP packet that can be potentially modified by intermediate NATs;
Identifying parts of an IP packet from same or different connections that contain information before intermediate NATs modified it;
Generating a look-up table that signifies the effect of intermediate NATs on the IP packets of that connection.
-
- 6. A method for reversing partially or fully the effect of intermediate NATs based on a look-up table that signifies the effect of NATs on the IP packets of that connections.
- 10. A method for correcting the information in outgoing IP packets so that they arrive in a state expected by the NATs.
Specification