Encryption with selective disclosure of protocol identifiers
First Claim
1. A method for encryption of information packets for transmission over a communication network, the method comprising:
- determining whether or not to encrypt an information packet prior to transmittal over a communication network;
if an information packet is to be encrypted, deciding whether or not to conceal the identity of an underlying network protocol by means of which the information packet was generated;
if the underlying network protocol is to be concealed, using a special protocol identifier in a plaintext portion of a header in the information packet, to indicate that the underlying network protocol is to remain anonymous; and
subsequently identifying the underlying network protocol within an encrypted portion of a header in the information packet, whereby monitoring of encrypted network traffic will not be distorted by the use of incorrect protocol identifiers.
5 Assignments
0 Petitions
Accused Products
Abstract
A method for selective disclosure of the identity of a communication protocol under which an information packet originated, but without incorrectly identifying the protocol in a header accompanying the packet. If there is a need to conceal the identity of the underlying source protocol, a special anonymous protocol identifier is used, instead of the real protocol identifier, in the header of an encrypted information packet. Network monitors can then still provide accurate information concerning traffic on the network, without having this information distorted by the use of incorrect communication protocols. If there is a desire to reveal the underlying protocol, a subnetwork protocol frame format is used to store the protocol identity and signify whether the packet is encrypted. A packet that is of a non-subnetwork protocol can be encapsulated with a subnetwork header containing a special code signifying that there is an encapsulated packet and containing the original protocol identifier.
85 Citations
6 Claims
-
1. A method for encryption of information packets for transmission over a communication network, the method comprising:
-
determining whether or not to encrypt an information packet prior to transmittal over a communication network; if an information packet is to be encrypted, deciding whether or not to conceal the identity of an underlying network protocol by means of which the information packet was generated; if the underlying network protocol is to be concealed, using a special protocol identifier in a plaintext portion of a header in the information packet, to indicate that the underlying network protocol is to remain anonymous; and subsequently identifying the underlying network protocol within an encrypted portion of a header in the information packet, whereby monitoring of encrypted network traffic will not be distorted by the use of incorrect protocol identifiers.
-
-
2. A method for encryption of information packets for transmission over a communication network, the method comprising:
-
determining whether or not to encrypt an information packet prior to transmittal over a communication network; if an information packet is to be encrypted, deciding whether to conceal or reveal the identity of an underlying network protocol by means of which the information packet wa generated; and if the underlying network protocol is to be revealed, storing the identity of the protocol in a protocol identifier field in a plaintext portion of a header of the information packet. - View Dependent Claims (3, 4, 5, 6)
-
Specification