Method and Apparatus for Updating Anti-Replay Window in Ipsec
First Claim
1. A method of updating an anti-replay window in IPSec (Internet Protocol Security), comprising:
- determining whether a difference between a sequence number extracted from a received packet and a maximum value of a sequence number of an anti-replay window is greater than a predetermined value;
if the difference is greater than the predetermined value, creating a first bit map based on a size of the anti-replay window and a second bit map based on the sequence number extracted from the received packet, respectively; and
comparing the number of bit values in the first bit map of packets received during a predetermined time with the number of bit values in the second bit map of the packets received during the predetermined time; and
updating the anti-replay window based on the result of the comparison.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for updating an anti-replay window in Internet Protocol Security (IPSec). The method includes determining whether a difference between a sequence number extracted from a received packet and a maximum value of a sequence number of an anti-replay window is greater than a predetermined value; if it is determined that the difference is greater than the predetermined value, creating a first bit map based on a size of the anti-replay window and a second bit map based on the sequence number extracted from the received packet, respectively; comparing the number of bit values in the first bit map of packets received during a predetermined time with the number of bit values in the second bit map of packets received during the predetermined time, and updating the anti-replay window.
-
Citations
31 Claims
-
1. A method of updating an anti-replay window in IPSec (Internet Protocol Security), comprising:
-
determining whether a difference between a sequence number extracted from a received packet and a maximum value of a sequence number of an anti-replay window is greater than a predetermined value; if the difference is greater than the predetermined value, creating a first bit map based on a size of the anti-replay window and a second bit map based on the sequence number extracted from the received packet, respectively; and comparing the number of bit values in the first bit map of packets received during a predetermined time with the number of bit values in the second bit map of the packets received during the predetermined time; and updating the anti-replay window based on the result of the comparison. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 21)
-
-
13. An apparatus to update an anti-replay window in IPSec (Internet Protocol Security), the apparatus comprising:
-
a determination unit to determine whether a difference between a sequence number extracted from a received packet and a maximum value of a sequence number of the anti-replay window is greater than a predetermined value; a bit map creating unit to create a first bit map based on a size of the anti-replay window and a second bit map based on the sequence number extracted from the received packet, respectively, if the difference is greater than the predetermined value; and an updating unit to compare the number of bit values in the first bit map of packets received during a predetermined time with the number of bit values in the second bit map of the packets received during a predetermined time, and to update the anti-replay window based on the result of the comparison. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
-
22. A method of updating an anti-replay window in Internet Protocol Security (IPSec), the method comprising:
-
receiving a packet; if a difference between a sequence number of the packet and a maximum value of an anti-replay window is greater than a predetermined value, creating a first bit map based on a size of the anti-replay window and a second bit map based on the sequence number; and updating the anti-replay window based on the first bit map or the second bit map. - View Dependent Claims (23, 24, 25)
-
-
26. An apparatus to perform Internet Protocol Security (IPSec) using an anti-replay window according to a status of sequence numbers of received packets, the apparatus comprising:
-
a packet receiver to receive packets; a bit map creating unit to create a first bit map based on a size of the anti-replay window and a second bit map based on a sequence number of a packet received by the packet receiver, if a difference between the sequence number and a maximum value of the anti-replay window is greater than a predetermined value; and an updating unit to update the anti-replay window based on the first bit map or the second bit map. - View Dependent Claims (27, 28, 29, 30, 31)
-
Specification