Computer network encryption/decryption device
First Claim
1. A method for encrypting a first packet transmitted from a first computer network to a second computer network, wherein said first packet includes a header field containing information about the first packet and a data field containing data, said method comprising the steps of:
- receiving said first packet from said first network;
extracting said information about the first packet from said header field of said first packet;
comparing said information about the first packet with matching criteria including a list of source addresses, a list of destination addresses, and key information, to determine if said first packet is to be encrypted; and
encrypting said first packet if said first packet is to be encrypted.
3 Assignments
0 Petitions
Accused Products
Abstract
A computer network encryption/decryption device includes at least one microprocessor, microprocessor support hardware, at least two network ports for connecting to upstream and downstream networks, memory hardware for storing program, configuration, and keylist data, and data encryption/decryption hardware. Both network ports have the same network address, making the device transparent to the local area network in which it is spliced. The device operates by selectively encrypting or decrypting only the data portion of a data packet, leaving the routing information contained in the header and trailer portions of the data packet unchanged.
46 Citations
6 Claims
-
1. A method for encrypting a first packet transmitted from a first computer network to a second computer network, wherein said first packet includes a header field containing information about the first packet and a data field containing data, said method comprising the steps of:
-
receiving said first packet from said first network; extracting said information about the first packet from said header field of said first packet; comparing said information about the first packet with matching criteria including a list of source addresses, a list of destination addresses, and key information, to determine if said first packet is to be encrypted; and encrypting said first packet if said first packet is to be encrypted. - View Dependent Claims (2, 3)
-
-
4. A method for decrypting the data field of a second packet transmitted from a second computer network to a first computer network, wherein said second packet includes a header field containing information about the second packet and a data field containing data, said method comprising the steps of:
-
receiving said second packet from said second network; extracting said information about the second packet from said header field of said second packet; comparing said information about the second packet with matching criteria including a list of source addresses, destination addresses and key information, to determine if said data field of said second packets is to be decrypted; and decrypting said data field of said second packet if said second packet is to be decrypted. - View Dependent Claims (5, 6)
-
Specification
-
- Resources
-
Current AssigneeVerizon Patent and Licensing Incorporated (Verizon Communications Inc.)
-
Original AssigneeUunet Technologies, Inc. (Verizon Communications Inc.)
-
InventorsAdams, Jr., Richard L., Hallenbeck, Peter D.
-
Primary Examiner(s)Gregory, Bernarr E.
-
Application NumberUS08/500,071Time in Patent Office708 DaysField of Search380/9, 380/23, 380/25, 380/49, 380/50, 380/4, 380/10, 380/28, 380/29, 380/30US Class Current713/153CPC Class CodesH04L 63/0428 wherein the data content is...H04L 9/088 Usage controlling of secret...H04L 9/40 Network security protocols
