Apparatus for providing cryptographic support in a network
First Claim
1. An interface for coupling a host computer to a high-speed telecommunications network, comprising reassembler means for reassembling and decrypting data that has been encrypted in accordance with a pre-defined key and segmented into a plurality of asynchronous transfer mode (ATM) cells, each cell comprising a virtual channel identifier (VCI) and a cell body, said reassembler means comprising:
- (a) cell manager means for separating each cell body from that cell body'"'"'s corresponding VCI;
(b) linked list manager means for storing linked list data indicative of addresses at which said cell bodies are to be stored;
(c) content addressable memory (CAM) means for storing said VICs and providing pointers into said linked list data;
(d) lookup controller means, operatively coupled to said cell manager means, said linked list manager means, and said CAM means, for writing said VCIs to said CAM means;
(e) reassembly buffer means, operatively coupled to said linked list manager means, for storing said cell bodies; and
(f) decryption means, operatively coupled to said cell manager means, said linked list manager means, and said reassembly buffer means, for decrypting said data in accordance with said key and writing the decrypted data to said reassembly buffer means.
0 Assignments
0 Petitions
Accused Products
Abstract
A host interface comprising a reassembler for reassembling and decrypting data that has been encrypted in accordance with a pre-defined key and segmented into a plurality of asynchronous transfer mode (ATM) cells. Each cell comprises a virtual channel identifier (VCI), a multiplexing identifier (MID) if the data is transmitted using the CCITT specified Class 4 connectionless transfer ATM adaptation layer (AAL), and a cell body. The reassembler comprises a cell manager for separating each cell body from that cell body'"'"'s corresponding VCI and MID (if present), a linked list manager for managing and storing linked list data indicative of addresses at which the cell bodies are to be stored, a content addressable memory (CAM) for managing and storing the VCIs (and MIDs for connectionless data) and providing pointers into the linked list data, a lookup controller for writing the VCIs to the CAM, a reassembly buffer for storing the cell bodies, and a decryption device for decrypting the data and writing the decrypted data to the reassembly buffer. The major subsections operate concurrently to form an ATM cell-processing pipeline. The interface may also comprise a segmenter for encrypting data received from a host computer and segmenting the encrypted data into a plurality of ATM cells.
-
Citations
10 Claims
-
1. An interface for coupling a host computer to a high-speed telecommunications network, comprising reassembler means for reassembling and decrypting data that has been encrypted in accordance with a pre-defined key and segmented into a plurality of asynchronous transfer mode (ATM) cells, each cell comprising a virtual channel identifier (VCI) and a cell body, said reassembler means comprising:
-
(a) cell manager means for separating each cell body from that cell body'"'"'s corresponding VCI; (b) linked list manager means for storing linked list data indicative of addresses at which said cell bodies are to be stored; (c) content addressable memory (CAM) means for storing said VICs and providing pointers into said linked list data; (d) lookup controller means, operatively coupled to said cell manager means, said linked list manager means, and said CAM means, for writing said VCIs to said CAM means; (e) reassembly buffer means, operatively coupled to said linked list manager means, for storing said cell bodies; and (f) decryption means, operatively coupled to said cell manager means, said linked list manager means, and said reassembly buffer means, for decrypting said data in accordance with said key and writing the decrypted data to said reassembly buffer means. - View Dependent Claims (2, 3)
-
-
4. An interface for coupling a host computer to a high-speed telecommunications network, comprising a reassembler for reassembling and decrypting data that has been encrypted in accordance with a pre-defined key and segmented into a plurality of asynchronous transfer mode (ATM) cells, each cell comprising a virtual channel identifier (VCI) and a cell body, said reassembler comprising:
-
(a) a cell manager for separating each cell body from that cell body'"'"'s corresponding VCI; (b) a linked list manager for storing linked list data indicative of addresses at which said cell bodies are to be stored; (c) a content addressable memory (CAM) for storing said VCIs and providing pointers into said linked list data; (d) a lookup controller for writing said VCIs to said CAM, said lookup controller being operatively coupled to said cell manager, linked list manager, and CAM; (e) a reassembly buffer for storing said cell bodies, said reassembly buffer being operatively coupled to said linked list manager; and (f) a decryption circuit, operatively coupled to said cell manager, said linked list manager, and said reassembly buffer, for decryption said data in accordance with said key; wherein said cell manager, linked list manager, CAM, lookup controller, reassembly buffer, and decryption circuit operate concurrently with one another. - View Dependent Claims (5, 6)
-
-
7. A reassembler, for use in an interface between a host computer and a high-speed telecommunications network, for reassembling and decrypting data that has been encrypted in accordance with a pre-defined key and segmented into a plurality of cells each of which comprises at least a virtual channel identifier (VCI) and a cell body, comprising:
-
(a) first means for separating each cell body from its corresponding VCI and determining respective linked list reference addresses for the VCIs; (b) a decryption circuit for receiving cell bodies from said first means and decrypting said cell bodies in accordance with said key; (c) a first data path coupling said first means to said decryption circuit; (d) a reassembly buffer for storing said cell bodies after said cell bodies have been decrypted; (e) a second data path coupling said decryption circuit to said reassembly buffer; and (f) linked list manager for receiving said key from said host device and providing said key to said decryption circuit in parallel with movement of said cell bodies from said first means to said decryption circuit, and for storing linked list data indicative of addresses at which the decrypted cell bodies are stored in said reassembly buffer. - View Dependent Claims (8, 9)
-
-
10. A method of operating an interface between a host computer and a high-speed telecommunications network, for use in reassembling and decrypting data that has been encrypted in accordance with a pre-defined key and segmented into a plurality of cells each of which comprises at least a virtual channel identifier (VCI) and a cell body, comprising the steps of:
-
(a) separating each cell body from its corresponding VCI and determining respective linked list reference addresses for the VCIs; (b) receiving said key from said host device; (c) providing said cell bodies and said key in parallel to said decryption circuit; (d) decrypting said cell bodies in accordance with said key; (e) storing the decrypted cell bodies in a buffer; and (f) storing linked list data indicative of addresses at which the decrypted cell bodies are stored in said reassembly buffer.
-
Specification
-
- Resources
-
Current AssigneeTrustees Of The University Of Pennsylvania (University of Pennsylvania)
-
Original AssigneeTrustees Of The University Of Pennsylvania (University of Pennsylvania)
-
InventorsTraw, C. Brendan S., Smith, Jonathan M., Farber, David J.
-
Primary Examiner(s)Shaw, Dale M.
-
Assistant Examiner(s)MEKY, MOUSTAFA M
-
Application NumberUS08/152,085Time in Patent Office242 DaysField of Search395/200, 395/275, 380/4, 380/21, 380/23, 380/25, 380/29, 380/37, 380/42, 380/43, 380/44, 380/49, 364/222.5, 364/260.81, 364/918.7, 364/949.71US Class Current713/153CPC Class CodesH04L 2209/125 Parallelization or pipelini...H04L 2209/24 Key scheduling, i.e. genera...H04L 63/04 for providing a confidentia...H04L 69/324 in the data link layer [OSI...H04L 9/0637 Modes of operation, e.g. ci...H04L 9/083 involving central third par...
