Method and apparatus for a per-packet encryption system
First Claim
Patent Images
1. A system for encrypting packets on a network comprising:
- A. a plurality of network nodes;
B. a communication channel between said plurality of network nodes;
C. one or more packets sent between said plurality of network nodes over said communication channel;
D. wherein said one or more packets contain an encryption key identifier and a payload;
E. one or more encryption keys stored on one or more of said plurality of network nodes; and
F. a system for encrypting said payload based on said encryption key identifier and said one or more encryption keys;
1 Assignment
0 Petitions
Accused Products
Abstract
A network security system designed to provide per-packet encryption based on an encryption key identifier and an associated encryption key. Packets or groups of packets are encrypted based on information that relates to the packet such as service type, network number, and the like. This encryption criterion is associated with an encryption key and encryption key identifier. When a packet contains the certain criteria, the packet is encrypted using the encryption key. The packet is sent across the network using the encryption key identifier and the encrypted payload. The targeted nodes decrypt the packet using the reverse process.
-
Citations
52 Claims
-
1. A system for encrypting packets on a network comprising:
-
A. a plurality of network nodes;
B. a communication channel between said plurality of network nodes;
C. one or more packets sent between said plurality of network nodes over said communication channel;
D. wherein said one or more packets contain an encryption key identifier and a payload;
E. one or more encryption keys stored on one or more of said plurality of network nodes; and
F. a system for encrypting said payload based on said encryption key identifier and said one or more encryption keys;
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for decrypting packets on a network comprising:
-
A. a plurality of network nodes;
B. a communication channel between said plurality of network nodes;
C. one or more packets sent between said plurality of network nodes over said communication channel;
D. wherein said one or more packets further comprises an encryption key identifier and a payload;
E. one or more encryption keys stored on one or more of said plurality of network nodes; and
F. a system for decrypting said payload based on said encryption key identifier and said one or more encryption keys. - View Dependent Claims (11, 12, 13)
-
-
14. A system for encrypting packets on a network comprising:
-
A. a plurality of network nodes;
B. a communication channel between said plurality of network nodes;
C. one or more packets forming a packet group which are sent on said communication channel between said plurality of network nodes;
D. said packet group further comprising an encryption key identifier and a payload;
E. one or more encryption keys for occurrences of said encryption key identifier; and
F. a system for encrypting said payload based on said encryption key identifier and said one or more encryption keys. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A system for decrypting packets on a network comprising:
-
A. a plurality of network nodes;
B. a communication channel between said plurality of network nodes;
C. one or more packets forming a packet group which are sent on said communication channel between said plurality of network nodes;
D. said packet group further comprising an encryption key identifier and a payload;
E. one or more encryption keys; and
F. a system for decrypting said payload based on said encryption key identifier and said one or more encryption keys. - View Dependent Claims (24, 25, 26)
-
-
27. A method for encrypting packets on a network comprising:
-
A. selecting an encryption key and an associated encryption key identifier;
B. encrypting data to form a payload using said encryption key;
C. building a packet comprising said payload and said encryption key identifier; and
D. sending said packet from a sending network node across a communication channel. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. A method for decrypting packets on a network comprising:
-
A. receiving a packet on a communication channel wherein said packet further comprises an encryption key identifier and a payload; and
B. decrypting said payload by using an encryption key which is indicated by said encryption key identifier. - View Dependent Claims (37, 38, 39)
-
-
40. A method for encrypting packets on a network comprising:
-
A. selecting an encryption key and an associated encryption key identifier;
B. encrypting data with said encryption key which forms one or more payloads;
C. building one or more packets which form a packet group from said one or more payloads wherein a packet from said packet group further comprises an encryption key identifier which identifies said encryption key; and
D. sending said packet group from a sending network node across a communication channel. - View Dependent Claims (41, 42, 43, 44, 45, 46, 47, 48)
-
-
49. A method for decrypting packets on a network comprising:
A. receiving one or more packets which form a packet group on a communication channel wherein said packet group further comprises an encryption key identifier and one or more payloads; and
p1 B. decrypting said one or more payloads using an encryption key which is indicated by said encryption key identifier.- View Dependent Claims (50, 51, 52)
Specification