TCP/IP-BASED COMMUNICATION SYSTEM AND ASSOCIATED METHODOLOGY PROVIDING AN ENHANCED TRANSPORT LAYER PROTOCOL

US 20140115320A1
Filed: 10/18/2013
Published: 04/24/2014
Est. Priority Date: 08/08/2003
Status: Active Grant

First Claim

Patent Images

1. (canceled)

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A more secure TCP/IP protocol stack is provided having an enhanced transport layer. Encryption and decryption logic is arranged on the transmission side and on the reception side for processing a payload of a transport layer protocol, such as TCP or UDP. By employing this enhanced transport layer, a cryptograph process communication can be realized by dissolving various kinds of restrictions which a conventional IPsec or SSL possesses without affecting upper layer processing, and, at the same time, maintaining compatibility with the IP layer.

Citations

20 Claims

1. (canceled)

2. A networking device that communicates via a network according to a communication protocol, comprising:
- a protocol encryption unit configured to encrypt, in a transport layer of the communication protocol, at least a payload of a packet to be transmitted according to the communication protocol, the protocol encryption unit appending encryption information generated in the transport layer before or after the payload;
  
  a protocol decryption unit configured to decrypt at least a payload of a received packet based on encryption information appended before or after the payload of the received packet;
  
  wherein the protocol encryption unit and the protocol decryption unit respectively encrypt and decrypt packets when the encryption information in the received packet indicates that transport layer encryption is supported.
- View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10)
- - 3. The networking device according to claim 2, wherein the communication protocol is one of a Transmission Control Protocol (TCP) or a User Datagram Protocol (UDP).
  - 4. The networking device according to claim 2, wherein an encryption algorithm used by the protocol encryption unit and the protocol decryption unit is periodically updated.
  - 5. The networking device according to claim 2, wherein the protocol encryption unit does not encrypt plain text.
  - 6. The networking device according to claim 2, wherein the protocol encryption unit does not encrypt the payload of the packet to be transmitted when the encryption information in the received packet indicates that transport layer encryption is not supported.
  - 7. The networking device according to claim 2, wherein the networking device is one of a router, a gateway, a bridge or a server.
  - 8. The networking device according to claim 2, wherein the encryption information of the packet to be transmitted includes information identifying the networking device.
  - 9. The networking device according to claim 8 wherein the information identifying the networking device includes at least one of a serial number, a version number and a release number.
  - 10. The networking device according to claim 8, wherein the information identifying the networking device is obtained from a third-party authentication server.

11. A method to cause a networking device to communicate via a network using a communication protocol, comprising:
- decrypting, in a protocol decryption unit of the networking device, at least a payload of a received packet based on encryption information appended before or after the payload of the received packet;
  
  encrypting, in a protocol encryption unit of the networking device and in a transport layer of the communication protocol, at least a payload of a packet to be transmitted according to the communication protocol when the encryption information in the received packet indicates that transport layer encryption is supported; and
  
  appending, by the encrypting unit, encryption information generated in the transport layer before or after the payload when the encryption information in the received packet indicates that transport layer encryption is supported.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The method according to claim 11, wherein the networking device includes one of a router, a gateway, a bridge and a server.
  - 13. The method according to claim 11, the payload of the packet to be transmitted are not encrypted when the encryption information in the received packet indicates that transport layer encryption is not supported.
  - 14. The method according to claim 11, wherein the encryption information of the packet to be transmitted includes information identifying the networking device.
  - 15. The method according to claim 14, wherein the information identifying the networking device includes at least one of a serial number, a version number and a release number.
  - 16. The method according to claim 14, wherein the information identifying the networking device is obtained from a third-party authentication server.
  - 17. The method according to claim 14, wherein the communication protocol is one of a Transmission Control Protocol (TCP) or a User Datagram Protocol (UDP).

18. A non-transitory computer-readable medium storing computer readable instructions thereon, the computer readable instructions when executed by a networking device cause the networking device to perform a method comprising:
- decrypting at least a payload of a received packet based on encryption information appended before or after the payload of the received packet;
  
  encrypting, in a transport layer of a communication protocol, at least a payload of a packet to be transmitted according to the communication protocol when the encryption information in the received packet indicates that transport layer encryption is supported; and
  
  appending encryption information generated in the transport layer before or after the payload when the encryption information in the received packet indicates that transport layer encryption is supported.
- View Dependent Claims (19, 20)
- - 19. The non-transitory computer-readable medium according to claim 18, wherein the networking device is one of a router, a gateway, a bridge and a server.
  - 20. The non-transitory computer-readable medium according to claim 18, wherein the payload of the packet to be transmitted are not encrypted when the encryption information of the received packet indicates that transport layer encryption is not supported.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Into Company Limited
Original Assignee
Into Company Limited
Inventors
OZAKI, Hirotsugu, Ogawa, Keiko

Granted Patent

US 9,749,449 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/151
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/0485   Networking architectures fo...

H04L 63/166   at the transport layer

H04L 69/161   Implementation details of T...

H04L 69/30   Definitions, standards or a...

TCP/IP-BASED COMMUNICATION SYSTEM AND ASSOCIATED METHODOLOGY PROVIDING AN ENHANCED TRANSPORT LAYER PROTOCOL

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

TCP/IP-BASED COMMUNICATION SYSTEM AND ASSOCIATED METHODOLOGY PROVIDING AN ENHANCED TRANSPORT LAYER PROTOCOL

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links