System and Method of Encrypting Network Address for Anonymity and Preventing Data Exfiltration
First Claim
1. A method of sending a data packet from a client through a network and to a server, the data packet having an originating address portion and destination address portion, the network having a first mix router and a second mix router, the client having a client address, the first mix router having a first mix router address, the second mix router having a second mix router address and the server having a server address, said method comprising:
- encrypting the originating address portion of the data packet based on the client address and encrypting the destination portion of the data packet based on one of the first mix router address and the second mix router address to generate an encrypted data packet;
transmitting the encrypted data packet to the one of the first mix router and the second mix router;
decrypting the originating address portion of the encrypted data packet and the destination portion of the encrypted data packet to generate a decrypted data packet;
providing a first data packet based on the decrypted data packet to the other of the first mix router and the second mix router; and
providing a second data packet to the server.
1 Assignment
0 Petitions
Accused Products
Abstract
A method is provided for sending a data packet from a client through a network and to a server. The data packet is a data structure having an originating address portion and destination address portion. The network includes a first mix router and a second mix router. The client has a client address, whereas the first mix router has a first mix router address, the second mix router has a second mix router address and the server has a server address. The method includes encrypting the originating address portion of the data packet and encrypting the destination portion of the data packet, transmitting the encrypted data packet, decrypting the originating address portion of the encrypted data packet and the destination portion of the encrypted data packet, providing a first data packet and providing a second data packet. Specifically, the encrypting the originating address portion of the data packet is based on the client address and the encrypting the destination portion of the data packet is based on one of the first mix router address and the second mix router address. The encrypting generates an encrypted data packet. The encrypted data packet is transmitted to the one of the first mix router and the second mix router, wherein it is decrypted to generate a decrypted data packet. The first data packet is based on the decrypted data packet and is provided to the other of the first mix router and the second mix router. The second data packet is provided to the server.
125 Citations
20 Claims
-
1. A method of sending a data packet from a client through a network and to a server, the data packet having an originating address portion and destination address portion, the network having a first mix router and a second mix router, the client having a client address, the first mix router having a first mix router address, the second mix router having a second mix router address and the server having a server address, said method comprising:
-
encrypting the originating address portion of the data packet based on the client address and encrypting the destination portion of the data packet based on one of the first mix router address and the second mix router address to generate an encrypted data packet; transmitting the encrypted data packet to the one of the first mix router and the second mix router; decrypting the originating address portion of the encrypted data packet and the destination portion of the encrypted data packet to generate a decrypted data packet; providing a first data packet based on the decrypted data packet to the other of the first mix router and the second mix router; and providing a second data packet to the server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method of sending a data packet from a client through a network and to a server, the data packet having an originating address portion and destination address portion, the network having a first mix router and a second mix router, the client having a client address, the first mix router having a first mix router address, the second mix router having a second mix router address and the server having a server address, said method comprising:
-
encrypting the originating address portion of the data packet based on the client address and encrypting the destination portion of the data packet based on one of the first mix router address and the second mix router address to generate an encrypted data packet; transmitting the encrypted data packet to the one of the first mix router and the second mix router; decrypting the originating address portion of the encrypted data packet and the destination portion of the encrypted data packet to generate a decrypted data packet; re-encrypting the originating address portion of the decrypted data packet based on the one of the first mix router address and the second mix router address and re-encrypting the destination portion of the decrypted data packet based on the other of the first mix router address and the second mix router address to generate an re-encrypted data packet; transmitting the re-encrypted data packet to the other of the first mix router and the second mix router; decrypting the originating address portion of the re-encrypted data packet and the destination portion of the re-encrypted data packet to generate a twice-decrypted data packet; re-encrypting the originating address portion of the twice-decrypted data packet based on the other of the first mix router address and the second mix router address and re-encrypting the destination portion of the twice-decrypted data packet based on the server address to generate a twice-re-encrypted data packet; and transmitting the twice-re-encrypted data packet to the server, wherein each of the encrypted data packet, re-encrypted data packet and the twice-re-encrypted data packet includes a global prefix identifier portion, an encrypted code portion and a pseudo-randomly generated value portion, and wherein the encrypted code portion is based on the pseudo-randomly generated value.
-
-
20. A data processing system program product for executing instructions in a data processing system, the data processing system program product comprising a data processing system-readable storage medium having data processing system-readable program code embodied in the medium, the data processing system being operable to send a data packet through a network and to a server, the data packet having an originating address portion and destination address portion, the network having a first mix router and a second mix router, the data processing system having a data processing system address, the first mix router having a first mix router address, the second mix router having a second mix router address and the server having a server address, the data processing system-readable program code being operable to instruct the data processing system to perform a method comprising:
-
encrypting the originating address portion of the data packet based on the data processing system address and encrypting the destination portion of the data packet based on one of the first mix router address and the second mix router address to generate an encrypted data packet; transmitting the encrypted data packet to the one of the first mix router and the second mix router; decrypting the originating address portion of the encrypted data packet and the destination portion of the encrypted data packet to generate a decrypted data packet; providing a first data packet based on the decrypted data packet to the other of the first mix router and the second mix router; and providing a second data packet to the server.
-
Specification