Data communication system using encrypted data packets
First Claim
1. Apparatus for encrypting data for transmission over a communications network comprising:
- means for generating a first packet comprising a header portion, an information - containing portion and a trailer portion;
means for encrypting the first packet; and
means for generating a second packet comprising a further header portion, the encrypted first packet, and a further trailer portion.
1 Assignment
0 Petitions
Accused Products
Abstract
Data is encrypted for transmission over non-secure communication by providing data with a header and a trailer portion containing the full information as to the sender and recipient of the data so as to form a data packet, incrypting the data packet, and providing a further header and trailer portion to form a further data packet. The further header and trailer only contain information identifying the entry and exit nodes at which the further data packet enters and leaves the non-secure network. On arrival at the exit node the further data packet can be decrypted to reconstruct the original packet which is then conveyed to its destination via a local secure network. Padding non-secure network with dummy messages makes it impossible to identify the presence of genuine traffic between particular nodes of the non-secure network. Thus secure data may be sent via commercial non-secure packet switching networks without indicating its presence.
-
Citations
16 Claims
-
1. Apparatus for encrypting data for transmission over a communications network comprising:
-
means for generating a first packet comprising a header portion, an information - containing portion and a trailer portion; means for encrypting the first packet; and means for generating a second packet comprising a further header portion, the encrypted first packet, and a further trailer portion. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. Apparatus for decrypting a packet received from a communications network, the packet comprising an unencrypted first header portion, an encrypted first data portion, and an unencrypted trailer portion, the encrypted first data portion comprising an encrypted further packet comprising an encrypted second header portion, an encrypted second data portion and an encrypted second trailer portion, the apparatus comprising means to decrypt the encrypted further packet to produce an unencrypted further packet, the unencrypted further packet comprising the unencrypted second header portion, the unencrypted second data portion, and the unencrypted second trailer portion.
-
14. A method of encrypting data for transmission over a communications network comprising the steps of:
-
(a) generating a first packet comprising a header portion, an information - containing portion and a trailer portion; (b) encrypting the first packet; (c) generating a second packet comprising a further header portion, the encrypted first packet, and a further trailer portion. - View Dependent Claims (15)
-
-
16. A method of decrypting a packet received from a communications network, the packet comprising an unencrypted first header portion, an encrypted first data portion, and an unencrypted trailer portion, the encrypted first data portion comprising an encrypted further packet comprising an encrypted second header portion, an encrypted second data portion and an encrypted second trailer portion, the method comprising the steps of:
-
(a) extracting the encrypted first data portion from the packet to obtain the encrypted further data packet; (b) decrypting the encrypted further data packet; (c) generating a decrypted further packet comprising the unencrypted second header portion, the unencrypted second data portion, and the unencrypted second trailer portion.
-
Specification