METHOD AND APPARATUS FOR ANONYMOUS IP DATAGRAM EXCHANGE USING DYNAMIC NEWTORK ADDRESS TRANSLATION
13 Assignments
0 Petitions
Accused Products
Abstract
Methods, apparatus, system and computer program are provided for concealing the identity of a network device transmitting a datagram having a network layer header. A unique local identifier and broadcast address are determined in accordance with a next-hop address. A partially encrypted network layer header is determined by encrypting a plurality of identifying portions of the network layer header, where one portion of the network layer header is the unique local identifier. The datagram is encapsulated with another network layer header whose address is set to the broadcast address. The encapsulated datagram can be received and detunneled, and an address of a recipient can be extracted from the network layer header. The datagram is then admitted into a network domain.
-
Citations
59 Claims
-
1-49. -49. (canceled)
-
50. A method comprising:
-
receiving a datagram at a network device, the datagram having a first header; determining a next-hop network element to which the datagram will be forwarded; determining a unique next-hop identifier in accordance with a next-hop address associated with the next-hop network element; generating a broadcast address in accordance with the next-hop address; including the unique next-hop identifier in the first header; encrypting a plurality of identifying portions of the first header, including the unique next hop identifier; encapsulating the datagram with a second header whose address is set to the broadcast address; and transmitting the datagram according to the broadcast address.
-
-
51. A method, comprising:
-
providing in a network, by operation of a computer, an IP datagram including a first header; and anonymously exchanging, by operation of said computer, said datagram from a sending node to an intended recipient node in said network by; wrapping said datagram inside another routable datagram having a second header; setting the destination address of said second header to a broadcast address of a subnet of said network, nodes of said subnet including said recipient node; transmitting said another routable datagram via said broadcast address; said nodes of said subnet including said intended recipient node receiving said another routable datagram; and said intended recipient node accessing said datagram inside said another routable datagram. - View Dependent Claims (52, 53, 54, 55, 56, 57, 58, 59)
-
Specification