Data communication system using encrypted data packets

US 5,303,303 A
Filed: 02/08/1993
Issued: 04/12/1994
Est. Priority Date: 07/18/1990
Status: Expired due to Fees

First Claim

Patent Images

1. Apparatus for encrypting data for transmission over a communications network comprising:

means for generating a first packet comprising a header portion, an information - containing portion and a trailer portion;

means for encrypting the first packet; and

means for generating a second packet comprising a further header portion, the encrypted first packet, and a further trailer portion.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Data is encrypted for transmission over non-secure communication by providing data with a header and a trailer portion containing the full information as to the sender and recipient of the data so as to form a data packet, incrypting the data packet, and providing a further header and trailer portion to form a further data packet. The further header and trailer only contain information identifying the entry and exit nodes at which the further data packet enters and leaves the non-secure network. On arrival at the exit node the further data packet can be decrypted to reconstruct the original packet which is then conveyed to its destination via a local secure network. Padding non-secure network with dummy messages makes it impossible to identify the presence of genuine traffic between particular nodes of the non-secure network. Thus secure data may be sent via commercial non-secure packet switching networks without indicating its presence.

Citations

16 Claims

1. Apparatus for encrypting data for transmission over a communications network comprising:
- means for generating a first packet comprising a header portion, an information - containing portion and a trailer portion;
  
  means for encrypting the first packet; and
  
  means for generating a second packet comprising a further header portion, the encrypted first packet, and a further trailer portion.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. Apparatus as claimed in claim 1 in which the means for encrypting the first packet encrypts the information - containing portion separately from the header portion and trailer portion.
  - 3. A communications system comprising a plurality of subscribers connected by a communications network via a plurality of nodes, at least one subscriber being associated with each node;
    - each node including apparatus for encrypting data as claimed in claim 1 for transmission to another node and means for decrypting data for transmission to an associated subscriber.
  - 4. A system as claimed in claim 3 in which the further header portion contains data relating to the encrypting and the decrypting nodes.
  - 5. A system as claimed in claim 3 in which at least one node also allows communication between a pair of subscribers connected to that node.
  - 6. A system as claimed in claim 3 in which the header portion contains information relating to the destination subscriber address.
  - 7. A system as claimed in claim 6 in which the header portion also contains other information.
  - 8. A system as claimed in claim 3 in which for at least one node the means for decrypting data comprises a crypto bypass.
  - 9. A system as claimed in claim 3 in which at least one node comprises a respective encryption device for communication between the one node and each respective other node.
  - 10. A system as claimed in claim 3 in which at least one node comprises a respective encryption device for communication between the one node and at least one respective group of other nodes.
  - 11. A system as claimed in claim 3 in which at least one node comprises traffic padding means.
  - 12. A system as claimed in claim 3 in which at least one node functions as an exchange node such that encrypted traffic between nodes is routed via at least one exchange node.

13. Apparatus for decrypting a packet received from a communications network, the packet comprising an unencrypted first header portion, an encrypted first data portion, and an unencrypted trailer portion, the encrypted first data portion comprising an encrypted further packet comprising an encrypted second header portion, an encrypted second data portion and an encrypted second trailer portion, the apparatus comprising means to decrypt the encrypted further packet to produce an unencrypted further packet, the unencrypted further packet comprising the unencrypted second header portion, the unencrypted second data portion, and the unencrypted second trailer portion.

14. A method of encrypting data for transmission over a communications network comprising the steps of:
- (a) generating a first packet comprising a header portion, an information - containing portion and a trailer portion;
  
  (b) encrypting the first packet;
  
  (c) generating a second packet comprising a further header portion, the encrypted first packet, and a further trailer portion.
- View Dependent Claims (15)
- - 15. A method as claimed in claim 14 in which in step (b) the information - containing portion is encrypted separately from the header portion and trailer portion.

16. A method of decrypting a packet received from a communications network, the packet comprising an unencrypted first header portion, an encrypted first data portion, and an unencrypted trailer portion, the encrypted first data portion comprising an encrypted further packet comprising an encrypted second header portion, an encrypted second data portion and an encrypted second trailer portion, the method comprising the steps of:
- (a) extracting the encrypted first data portion from the packet to obtain the encrypted further data packet;
  
  (b) decrypting the encrypted further data packet;
  
  (c) generating a decrypted further packet comprising the unencrypted second header portion, the unencrypted second data portion, and the unencrypted second trailer portion.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
GPT Ltd.
Original Assignee
GPT Ltd.
Inventors
White, Andrew R.
Primary Examiner(s)
CANGIALOSI, SALVATORE A

Application Number

US07/988,112
Time in Patent Office

428 Days
Field of Search

380/23, 380/49
US Class Current

713/160
CPC Class Codes

H04L 63/04   for providing a confidentia...

H04L 9/40   Network security protocols

H04N 21/23476   by partially encrypting, e....

Data communication system using encrypted data packets

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Data communication system using encrypted data packets

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links