Communications system and packet structure

US 20050010759A1
Filed: 05/25/2004
Published: 01/13/2005
Est. Priority Date: 06/18/2003
Status: Active Grant

First Claim

Patent Images

1. A communications system where a transmitter transmits, to a receiver, message data as a plurality of packets, wherein each of the packets includes a data region comprising:

transmission object data that is one of division portions into which the message data is divided so that each of the division portions is contained within each of the packets;

authentication information that is used for executing substitution detection to the transmission object data; and

control information that at least indicates what kind of a constituent of the message data the transmission object data is, wherein, when the receiver receives each of the packets, the receiver executes, using the authentication information received, a substitution detection of whether the transmission object data received is normal data that is really sent from the transmitter, and restructures the message data from the transmission object data received based on the control information received.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a communications system, a transmitter transmits message data included in communications packets to a receiver. A data region of the communications packet includes an original data region D[n], an authentication data region P[n], and a control region C. The original data region D[n] includes data as a transmission object that is the message data itself or one of the data portions into which the message data is divided so that each of the data portions can be contained in a single packet. The authentication data region P[n] includes authentication information used for substitution detection of the data included in the original data region D[n]. The control region C includes control information. This structure enables the substitution detection to be performed with respect to the respective communications packets into which the message data is divided, resulting in decrease in the substitution detection period.

Citations

14 Claims

1. A communications system where a transmitter transmits, to a receiver, message data as a plurality of packets, wherein each of the packets includes a data region comprising:
- transmission object data that is one of division portions into which the message data is divided so that each of the division portions is contained within each of the packets;
  
  authentication information that is used for executing substitution detection to the transmission object data; and
  
  control information that at least indicates what kind of a constituent of the message data the transmission object data is, wherein, when the receiver receives each of the packets, the receiver executes, using the authentication information received, a substitution detection of whether the transmission object data received is normal data that is really sent from the transmitter, and restructures the message data from the transmission object data received based on the control information received.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The communications system of claim 1, wherein, when all the message data is included in a single packet, the transmitter forms a packet including the data region so that the transmission object data is all the message data, and the control information indicates that the transmission object data itself is the message data, and wherein, when the receiver receives the packet from the transmitter, the receiver treats the transmission object data received as all the message data based on the control information received that indicates that the transmission object data itself is the message data.
  - 3. The communications system of claim 1, wherein the authentication information is fixed data independent of the transmission object data, wherein the transmitter includes a transmitter-end storage for storing an encryption key and first information that is used for designating the authentication information, and forms a data region of a packet by encrypting, using the stored encryption key, a data row including the transmission object data, the authentication information, and the control information in a predetermined order, and wherein the receiver includes a receiver-end storage for storing a decryption key and second information that is the same as the first information stored in the transmitter-end storage, decrypts the data region included in the packet received from the transmitter using the decryption key stored in the receiver-end storage, extracts, from the decrypted data region, the transmission object data, the authentication information, and the control information, verifies the authentication information extracted using the second information stored in the receiver-end storage, determines that the transmission object data is normal data really sent from the transmitter when the authentication information extracted is successfully verified, and determines that the transmission object data is abnormal data really not sent from the transmitter when the authentication information extracted is not successfully verified.
  - 4. The communications system of claim 3, wherein the first information stored in the transmitter-end storage and the second information stored in the receiver-end storage are generated by using a random function.
  - 5. The communications system of claim 1, wherein the control information includes structure information indicating a structure of the data region.
  - 6. The communications system of claim 5, wherein the structure information includes one of a size of the transmission object data included in the data region and a size of a padding that is other than the transmission object data.

7. A packet structure used in a communications system where a transmitter transmits, to a receiver, message data as a plurality of packets, wherein each of the packets has the packet structure including a data region comprising:
- transmission object data that is one of division portions into which the message data is divided so that each of the division portions is contained within each of the packets;
  
  authentication information that is used for executing substitution detection to the transmission object data; and
  
  control information that at least indicates what kind of a constituent of the message data the transmission object data is.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The packet structure of claim 7, wherein the authentication information is fixed data independent of the transmission object data.
  - 9. The packet structure of claim 8, wherein the authentication information is previously generated by using a random function.
  - 10. The communications system of claim 7, wherein the control information includes structure information indicating a structure of the data region.
  - 11. The communications system of claim 10, wherein the structure information includes at least one of a size of the transmission object data included in the data region and a size of a padding other than the transmission object data.
  - 12. The communications system of claim 7, wherein the control information includes information identifying a group of the each of the packets, wherein the group is formed by the plurality of packets, each of which includes one of the division portions into which the same message data is divided.

13. An authentication method used in a communications system where a transmitter transmits, to a receiver, message data as at least one packet, wherein the transmitter includes a transmitter-end storage for storing an encryption key and first information that is fixed data independent of the message data and that is used for designating authentication information while the receiver includes a receiver-end storage for storing a decryption key and second information that is the same as the first information stored in the transmitter-end storage, the method comprising steps of:
- forming, in the transmitter, a data region of a packet by encrypting using the encryption key stored in the transmitter-end storage a data row including, in a predetermined order, the message data and the authentication information designated from the first information stored in the transmitter-end storage, transmitting, from the transmitter, the packet from the transmitter to the receiver, decrypting, in the receiver, the data region of the packet received from the transmitter using the decryption key stored in the receiver-end storage, extracting, in the receiver, the message data and the authentication information from the data region decrypted, verifying, in the receiver, the authentication information extracted using the second information stored in the receiver-end storage, and determining, in the receiver, that the message data is normal data that is really sent from the transmitter when the authentication information extracted is successfully verified, and that the message data is abnormal data that is really not sent from the transmitter when the authentication information extracted is not successfully verified.

14. A communications system where a transmitter transmits, to a receiver, message data as at least one packet, the transmitter comprising:
- a transmitter-end storage for storing an encryption key and first information that is fixed data independent of message data and used for designating authentication information;
  
  generating means for generating a data region of a packet by encrypting using the encryption key stored in the transmitter-end storage a data row including, in a predetermined order, the message data and the authentication information designated from the first information; and
  
  transmitting means for transmitting the packet to the receiver, and the receiver comprising;
  
  a receiver-end storage for storing a decryption key and second information that is the same as the first information stored in the transmitter-end storage;
  
  receiving means for receiving the packet sent from the transmitter;
  
  decrypting means for decrypting the data region of the packet received from the transmitter using the decryption key stored in the receiver-end storage;
  
  extracting means for extracting the message data and the authentication information from the data region decrypted;
  
  verifying means for verifying the authentication information extracted using the second information stored in the receiver-end storage; and
  
  determining means for determining that the message data is normal data that is really sent from the transmitter when the authentication information extracted is successfully verified, and that the message data is abnormal data that is really not sent from the transmitter when the authentication information extracted is not successfully verified.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
DENSO Corporation
Original Assignee
DENSO Corporation
Inventors
Wakiyama, Kenichi

Granted Patent

US 7,457,954 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/160
CPC Class Codes

H04L 63/08 for authentication of entit...

Communications system and packet structure

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Communications system and packet structure

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links