System and method for multicasting IPSec protected communications
First Claim
1. A method of decrypting an Internet Protocol Security (IPSec)-encrypted multicast communication, comprising:
- receiving an Internet Protocol Security (IPSec)-encrypted multicast communication at a device having IPSec decryption capabilities;
modifying the received multicast communication to appear as a unicast communication to the IPSec decryption capabilities; and
decrypting the modified communication using IPSec decryption capabilities.
6 Assignments
0 Petitions
Accused Products
Abstract
A system and method is provided which allows multicast communications encrypted using IPSec protocol to be received by receivers in a network. In order to allow the receivers to receive the encrypted multicast communication, the address information of the received multicast communication is modified to appear as a unicast communication being transmitted directly to the address of the receiver, such that the receiver may then decrypt the received multicast communication using IPSec decryption capabilities or may, alternatively, forward the received multicast communication in its encrypted state to other devices. The system and method further provide IPSec encryption key delivery to the receiver using an encrypted markup language file. Multiple keys may also be generated for a given IP address of a receiver with each key being generated for a particular multicasting hierarchical classification.
49 Citations
40 Claims
-
1. A method of decrypting an Internet Protocol Security (IPSec)-encrypted multicast communication, comprising:
-
receiving an Internet Protocol Security (IPSec)-encrypted multicast communication at a device having IPSec decryption capabilities;
modifying the received multicast communication to appear as a unicast communication to the IPSec decryption capabilities; and
decrypting the modified communication using IPSec decryption capabilities. - View Dependent Claims (2, 3, 4)
-
-
5. A device for decrypting an Internet Protocol Security (IPSec)-encrypted multicast communication, said device comprising:
-
a processor;
a memory;
a receiver for receiving an Internet Protocol Security (IPSec)-encrypted multicast communication;
a communication modification module executable by the processor for modifying the received multicast communication to appear as a unicast communication to an IPSec decryption module; and
a decryption device for decrypting the modified communication using IPSec protocol decryption. - View Dependent Claims (6, 7, 8)
-
-
9. A machine-readable medium having program instructions stored thereon executable by a processing unit for performing the steps of:
-
receiving an Internet Protocol Security (IPSec)-encrypted multicast communication at a device having IPSec decryption capabilities;
modifying the received multicast communication to appear as a unicast communication to the IPSec decryption capabilities; and
decrypting the modified communication using IPSec decryption capabilities. - View Dependent Claims (10, 11, 12)
-
-
13. A device for decrypting an Internet Protocol Security (IPSec)-encrypted multicast communication, said device comprising:
-
means for receiving an Internet Protocol Security (IPSec)-encrypted multicast communication at a device having IPSec decryption capabilities;
means for modifying the received multicast communication to appear as a unicast communication to the IPSec decryption capabilities; and
means for decrypting the modified communication using IPSec decryption capabilities. - View Dependent Claims (14, 15, 16)
-
-
17. A method comprising:
-
generating a key to be used to encrypt and decrypt data;
placing the generated key into a markup language file;
encrypting the markup language file;
transmitting the encrypted markup language file to a receiver; and
decrypting the encrypted markup language file at the receiver to determine the generated key. - View Dependent Claims (18, 19, 20, 24)
-
-
21. A device for providing an encrypted key to a remote location, said device comprising:
-
a processor;
a memory;
a key server for generating a key to be used to encrypt and decrypt data and for placing the generated key into a markup language file;
an encryption device for encrypting the markup language file;
a transmitter for transmitting the encrypted markup language file to a receiver; and
a decryption device decrypting the encrypted markup language file at the receiver to determine the generated key. - View Dependent Claims (22, 23)
-
-
25. A device for providing an encrypted key to a remote location, said device comprising:
-
means for generating a key to be used to encrypt and decrypt data;
means for placing the generated key into a markup language file;
means for encrypting the markup language file;
means for transmitting the encrypted markup language file to a receiver; and
means for decrypting the encrypted markup language file at the receiver to determine the generated key. - View Dependent Claims (26, 27, 28)
-
-
29. A machine-readable medium having program instructions stored thereon executable by a processing unit for performing the steps of:
-
generating a key to be used to encrypt and decrypt data;
placing the generated key into a markup language file;
encrypting the markup language file;
transmitting the encrypted markup language file to a receiver; and
decrypting the encrypted markup language file at the receiver to determine the generated key. - View Dependent Claims (30, 31, 32)
-
-
33. A method of broadcasting a secure multicast communication, said method comprising:
-
assigning content to be delivered in various hierarchies in an IP multicast communication;
assigning different encryption keys for each respective hierarchy of the IP multicast communication;
encrypting the content in the various hierarchies in an IP multicast communication using respectively assigned encryption keys;
transmitting the encryption keys for the various hierarchies of the IP multicast communication to respective receivers intended to receive respective encryption keys;
transmitting the encrypted IP multicast communication to the receivers;
decrypting the content in the various hierarchies of the IP multicast communication at only those receivers having the respective encryption keys for such content. - View Dependent Claims (34, 35, 36, 37, 38)
-
-
39. A device for broadcasting a secure multicast communication, said device comprising:
-
means for assigning content to be delivered in various hierarchies in an IP multicast communication;
means for assigning different encryption keys for each respective hierarchy of the IP multicast communication;
means for encrypting the content in the various hierarchies in an IP multicast communication using respectively assigned encryption keys;
means for transmitting the encryption keys for the various hierarchies of the IP multicast communication to respective receivers intended to receive respective encryption keys;
means for transmitting the encrypted IP multicast communication to the receivers;
means for decrypting the content in the various hierarchies of the IP multicast communication at only those receivers having the respective encryption keys for such content.
-
-
40. A method of broadcasting a multicast communication to a plurality of receivers, said method comprising:
-
grouping receivers into desired groups of receivers;
assigning different encryption keys for each respective group of receivers;
transmitting the encryption keys for the respective groups of receivers for use in decrypting respective multicast communications received by the receivers.
-
Specification