Method and system for transmitting signaling information over a data transport network

US 20060045273A1
Filed: 08/31/2004
Published: 03/02/2006
Est. Priority Date: 08/31/2004
Status: Active Grant

First Claim

Patent Images

1. A method for transmitting signaling information over a data path of a network, the data path having an originating end and a terminating end and being characterized by a bandwidth, wherein said method comprises using in-band signaling to transmit the signaling information from the originating end of the data path to the terminating end of the data path without consuming any of the bandwidth of the data path.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for transmitting signaling information, such as cryptographic key synchronization information, over a data path of a network, the data path having an originating end and a terminating end. The method uses in-band signaling to transmit the signaling information from the originating end of the data path to the terminating end of the data path without consuming any bandwidth of the data path. More specifically, the method includes the steps of receiving user data to be transmitted over the data path and encrypting this user data with a cryptographic key, thereby generating cipher data. The method next includes processing the cipher data such that the cipher data includes the signaling information, and mapping the cipher data including the signaling information into a traffic unit for transmission over the data path.

Citations

27 Claims

1. A method for transmitting signaling information over a data path of a network, the data path having an originating end and a terminating end and being characterized by a bandwidth, wherein said method comprises using in-band signaling to transmit the signaling information from the originating end of the data path to the terminating end of the data path without consuming any of the bandwidth of the data path.
- View Dependent Claims (2)
- - 2. A method as defined in claim 1, wherein the signaling information is cryptographic key synchronization information.

3. A method for transmitting signaling information over a data path of a network, the data path being operative to transport a plurality of traffic units, at least a subset of the plurality of traffic units including a payload data portion, wherein said method comprises transmitting the signaling information within the payload data portions of the traffic units.
- View Dependent Claims (4)
- - 4. A method as defined in claim 3, wherein the signaling information is cryptographic key synchronization information.

5. A method for transmitting signaling information over a data path of a network, said method comprising:
- a) receiving user data to be transmitted over the data path;
  
  b) encrypting the user data with a cryptographic key, thereby generating cipher data;
  
  c) processing the cipher data such that the cipher data includes the signaling information;
  
  d) mapping the cipher data including the signaling information into a traffic unit; and
  
  e) transmitting the traffic unit over the data path.
- View Dependent Claims (6, 7, 8, 9)
- - 6. A method as defined in claim 5, wherein the signaling information is cryptographic key synchronization information.
  - 7. A method as defined in claim 6, wherein the cryptographic key is one of a plurality of predetermined cryptographic keys, the cryptographic key synchronization information being indicative of whether or not a switch of the cryptographic key has occurred since a previous encryption.
  - 8. A method as defined in claim 7, wherein said processing step includes encoding the cipher data by applying a non-separable cyclic code thereto.
  - 9. A method as defined in claim 8, wherein when the cryptographic key synchronization information is indicative of a switch of the cryptographic key since the previous encryption, said processing step further includes adding a predefined error pattern to the encoded cipher data.

10. A method for receiving signaling information over a data path of a network, said method comprising:
- a) receiving a traffic unit sent over the data path, the traffic unit including cipher data, the cipher data including signaling information;
  
  b) extracting the cipher data from the traffic unit;
  
  c) processing the cipher data in order to extract therefrom the signaling information;
  
  d) decrypting the cipher data on a basis of the extracted signaling information.
- View Dependent Claims (11, 12, 13)
- - 11. A method as defined in claim 10, wherein the signaling information is cryptographic key synchronization information, said decrypting step including decrypting the cipher data with a particular cryptographic key on a basis of the extracted cryptographic key synchronization information.
  - 12. A method as defined in claim 11, wherein the particular cryptographic key is one of a plurality of predetermined cryptographic keys, the cryptographic key synchronization information being indicative of whether or not a switch of the particular cryptographic key is required prior to decrypting the cipher data.
  - 13. A method as defined in claim 12, wherein said processing step includes detecting whether or not the cipher data includes a predefined error pattern by applying a non-separable cyclic code to the cipher data, said predefined error pattern being representative of a requirement to switch the particular cryptographic key prior to decrypting-the cipher data.

14. A cryptography system for a data transport network, said cryptography system comprising:
- a) an input for receiving user data to be transported over the data transport network;
  
  b) an encryption module operative to encrypt said user data with a cryptographic key for generating cipher data;
  
  c) a synchronization module operative to process said cipher data such that said cipher data includes signaling information;
  
  d) a mapping module coupled to said synchronization module, said mapping module being operative to map said cipher data including said signaling information into a traffic unit;
  
  e) an output for releasing said traffic unit to the data transport network.
- View Dependent Claims (15, 16, 17, 18)
- - 15. A system as defined in claim 14, wherein said signaling information is cryptographic key synchronization information.
  - 16. A system as defined in claim 15, wherein said cryptographic key is one of a plurality of predetermined cryptographic keys available to said encryption module, said encryption module being operative to periodically switch said cryptographic key used to encrypt said user data, said cryptographic key synchronization information being indicative of whether or not a switch of said cryptographic key has occurred since a previous encryption by said encryption module.
  - 17. A system as defined in claim 16, wherein said synchronization-module includes an encoder unit operative to encode said cipher data by applying a non-separable cyclic code thereto.
  - 18. A system as defined in claim 17, wherein said synchronization module is responsive to a switch of said cryptographic key by said encoder unit to add a predefined error pattern to said encoded cipher data prior to releasing said encoded cipher data to said mapping module.

19. A computer readable storage medium containing a program element for execution by a computing apparatus to implement a cryptography system for a data transport network, said cryptography system including:
- a) an encryption module operative to encrypt user data with a cryptographic key for generating cipher data, said user data being intended for transmission over the data transport network;
  
  b) a synchronization module operative to process said cipher data such that said cipher data includes signaling information;
  
  c) a mapping module coupled to said synchronization module, said mapping module being operative to map said cipher data including said signaling information into a traffic unit for transmission over the data transport network.

20. A cryptography system for a data transport network, said cryptography system comprising:
- a) an input for receiving user data to be transported over the data transport network;
  
  b) an encryption module operative to encrypt said user data with a cryptographic key for generating cipher data;
  
  c) a synchronization module operative to process-said cipher data such that said cipher data includes cryptographic key synchronization information;
  
  d) a mapping module coupled to said synchronization module, said mapping module being operative to map said cipher data including said cryptographic key synchronization information into a traffic unit;
  
  e) an output for releasing said traffic unit to the data transport network.

21. A cryptography system for a data transport network, said cryptography system comprising:
- a) an input for receiving a traffic unit from the data transport network, said traffic unit including cipher data, said cipher data including signaling information;
  
  b) a demapping module operative to extract said cipher data from said traffic unit;
  
  c) a synchronization module operative to process said cipher data for extracting therefrom said signaling information;
  
  d) a decryption module operative to decrypt said cipher data on a basis of said signaling information.
- View Dependent Claims (22, 23, 24, 25)
- - 22. A system as defined in claim 21, wherein said signaling information is cryptographic key synchronization information, said decryption module being operative to decrypt said cipher data with a particular cryptographic key on a basis of said cryptographic key synchronization information.
  - 23. A system as defined in claim 22, wherein said cryptographic key is one of a plurality of predetermined cryptographic keys available to said decryption module, said cryptographic key synchronization information being indicative of whether or not a switch of said cryptographic key is required prior to decrypting said cipher data.
  - 24. A system as defined in claim 23, wherein said synchronization module includes a decoder unit operative to apply a non-separable cyclic code to said cipher data received from said demapping module, said decoder unit being capable to detect a predefined error pattern in said cipher data.
  - 25. A system as defined in claim 24, wherein said synchronization module is responsive to the detection by said decoder unit of a predefined error pattern in said cipher data to cause said decryption module to switch said cryptographic key prior to decrypting said cipher data.

26. A computer readable storage medium containing a program element for execution by a computing apparatus to implement a cryptography system for a data transport network, the data transport network transporting a plurality of traffic units, at least a subset of the traffic units including cipher data, the cipher data including signaling information, said cryptography system including:
- a) a demapping module operative to extract the cipher data from the traffic units including cipher data;
  
  b) a synchronization module operative to process said cipher data for extracting therefrom said signaling information;
  
  c) a decryption module operative to decrypt said cipher data on a basis of said signaling information.

27. A cryptography system for a data transport network, said cryptography system comprising:
- a) an input for receiving a traffic unit from the data transport network, said traffic unit including cipher data, said cipher data including cryptographic key synchronization information;
  
  b) a demapping module operative to extract said cipher data from said traffic unit;
  
  c) a synchronization module operative to process said cipher data for extracting therefrom said cryptographic key synchronization information;
  
  d) a decryption module operative to decrypt said cipher data with a particular cryptographic key on a basis of said cryptographic key synchronization information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RPX Clearinghouse LLC (RPX Corporation)
Original Assignee
Rockstar Bidco LP (Rockstar Consortium Inc.)
Inventors
Mayer, Michael

Granted Patent

US 7,936,881 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/277
CPC Class Codes

H04L 43/0811   by checking connectivity

H04L 63/0428   wherein the data content is...

H04L 63/062   for key distribution, e.g. ...

H04L 63/068   using time-dependent keys, ...

H04L 9/0819   Key transport or distributi...

H04L 9/12   Transmitting and receiving ...

H04L 9/16   the keys or algorithms bein...

Method and system for transmitting signaling information over a data transport network

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for transmitting signaling information over a data transport network

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links