Method and apparatus for anonymous IP datagram exchange using dynamic network address translation

US 7,739,497 B1
Filed: 03/21/2002
Issued: 06/15/2010
Est. Priority Date: 03/21/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A computer-implemented method for concealing the identity of a network device transmitting a datagram having a network layer header, comprising:

determining, by operation of a computer, a unique next-hop identifier in accordance with a next-hop address that identifies a next-hop that the datagram will visit;

generating, by operation of said computer, a broadcast address in accordance with the next-hop address;

creating, by operation of said computer, a partially encrypted network layer header by encrypting a plurality of identifying portions of the network layer header, wherein one portion of the network layer header is the unique next-hop identifier; and

encapsulating, by operation of said computer, the datagram with another network layer header whose address is set to the broadcast address.

View all claims

17 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, apparatus, system and computer program are provided for concealing the identity of a network device transmitting a datagram having a network layer header. A unique local identifier and broadcast address are determined in accordance with a next-hop address. A partially encrypted network layer header is determined by encrypting a plurality of identifying portions of the network layer header, where one portion of the network layer header is the unique local identifier. The datagram is encapsulated with another network layer header whose address is set to the broadcast address. The encapsulated datagram can be received and detunneled, and an address of a recipient can be extracted from the network layer header. The datagram is then admitted into a network domain.

165 Citations

View as Search Results

49 Claims

1. A computer-implemented method for concealing the identity of a network device transmitting a datagram having a network layer header, comprising:
- determining, by operation of a computer, a unique next-hop identifier in accordance with a next-hop address that identifies a next-hop that the datagram will visit;
  
  generating, by operation of said computer, a broadcast address in accordance with the next-hop address;
  
  creating, by operation of said computer, a partially encrypted network layer header by encrypting a plurality of identifying portions of the network layer header, wherein one portion of the network layer header is the unique next-hop identifier; and
  
  encapsulating, by operation of said computer, the datagram with another network layer header whose address is set to the broadcast address.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. A method according to claim 1, further comprising:
    - receiving and detunneling, by operation of said computer, the encapsulated datagram;
      
      extracting, by operation of said computer, an address of a recipient from the network layer header; and
      
      admitting, by operation of said computer, the datagram into a network domain.
  - 3. A method according to claim 1, further comprising:
    - storing, by operation of said computer, at least one subnet address, a host machine address, an encryption key corresponding to a network interface of a router connected to a local domain, a plurality of host encryption keys for a plurality of other hosts in the local domain, and a router address of the router, wherein the router has stored in a table the plurality of keys indexed by a plurality of addresses corresponding to the other hosts and the address of the host machine;
      
      creating, by operation of said computer, at least one unique initialization vector for each host in the local domain and the router in accordance with the unique local identifier; and
      
      distributing, by operation of said computer, each initialization vector to each host in the local domain.
  - 4. A method according to claim 1, further comprising:
    - setting, by operation of said computer, the next-hop address to an address of a recipient when the recipient host subnet matches a sending host subnet; and
      
      consulting, by operation of said computer, a routing table to find an address corresponding to the recipient host subnet when the recipient host subnet does not match the sending host subnet and setting the next-hop address to the found address.
  - 5. A method according to claim 1, further comprising:
    - setting, by operation of said computer, the next-hop address to a multicast address.
  - 6. A method according to claim 1, further comprising:
    - creating, by operation of said computer, a link-layer frame containing the encapsulated datagram, wherein when the next-hop address matches a sending host subnet, the destination link-layer address is set to a link-layer broadcast value and a source link-layer address is chosen per a link-layer addressing description, wherein when the next-hop address does not equal the sending host subnet, a conventional link-layer processing is performed to cross a link-layer collision boundary; and
      
      transmitting, by operation of said computer, the link-layer frame with the encapsulated datagram.
  - 7. A method according to claim 6, further comprising:
    - transmitting, by operation of said computer, on a time-controlled basis.
  - 8. A method according to claim 6, further comprising:
    - receiving, by operation of said computer, the link-layer frame with the encapsulated datagram;
      
      discarding and/or ignoring, by operation of said computer, the received link-layer frame;
      
      decrypting, by operation of said computer, the identifying portions and the unique next-hop identifier of the partially encrypted network layer header; and
      
      determining, by operation of said computer, whether the datagram is intended for a receiving network device.
  - 9. A method according to claim 8, further comprising:
    - determining, by operation of said computer, whether the destination address matches the receiving machine'"'"'s address; and
      
      determining, by operation of said computer, whether the decrypted unique next-hop identifier matches the receiving machine'"'"'s unique next-hop identifier.
  - 10. A method according to claim 8, further comprising:
    - dropping, by operation of said computer, the datagram if determined in the determining step that the datagram is not intended for the receiving network device; and
      
      processing, by operation of said computer, the datagram if determined in the determining step that the datagram is intended for the receiving network device.
  - 11. A method according to claim 1, further comprising:
    - periodically emitting, by operation of said computer, spurious traffic.
  - 12. A method according to claim 1, further comprising:
    - determining, by operation of said computer, an encryption key; and
      
      encrypting, by operation of said computer, the plurality of identifying portions of the network layer header in accordance with the encryption key.

13. An apparatus for concealing the identity of a network device transmitting a datagram having a network layer header, comprising:
- a processor including processing circuitry configured todetermine a unique next-hop identifier in accordance with a next-hop address that identities a next-hop that the datagram will visit,generate a broadcast address in accordance with the next-hop address,create a partially encrypted network layer header by encrypting a plurality of identifying portions of the network layer header, wherein one portion of the network layer header is the unique next-hop identifier, andencapsulate the datagram with another network layer header whose address is set to the broadcast address.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 14. An apparatus according to claim 13, further comprising:
    - a memory adapted to store at least one subnet address;
      
      a host machine address, an encryption key corresponding to a network interface of a router connected to a local domain, a plurality of host encryption keys for a plurality of other hosts in the local domain, and a router address of the router, wherein the router has stored in a table the plurality of keys indexed by a plurality of addresses corresponding to the other hosts and the address of the host machine,wherein said processor is further adapted to create at least one unique initialization vector for each host in the local domain and the router in accordance with the unique local identifier, and to distribute each initialization vector to each host in the local domain.
  - 15. An apparatus according to claim 13, wherein said processor is further adapted to set the next-hop address to an address of a recipient when the recipient host subnet matches a sending host subnet, and to consult a routing table to find an address corresponding to the recipient host subnet when the recipient host subnet does not match the sending host subnet and set the next-hop address to the found address.
  - 16. An apparatus according to claim 13, wherein said processor is further adapted to set the next-hop address to a multicast address.
  - 17. An apparatus according to claim 13, further comprising:
    - a transceiver adapted to transmit a link-layer frame with the encapsulated datagram,wherein said processor is further adapted to create the link-layer frame containing the encapsulated datagram, wherein when the next-hop address matches a sending host subnet, the destination link-layer address is set to a link-layer broadcast value and a source link-layer address is chosen per a link-layer addressing description, wherein when the next-hop address does not equal the sending host subnet, a conventional link-layer processing is performed to cross a link-layer collision boundary.
  - 18. An apparatus according to claim 17, wherein transmission of the link-layer frame with the encapsulated datagram occurs on a time-controlled basis.
  - 19. An apparatus according to claim 17, wherein said transceiver is further adapted to receive the link-layer frame with the encapsulated datagram, and said processor is further adapted to discard and/or ignore the received link-layer frame, decrypt the identifying portions and the unique next-hop identifier of the partially encrypted network layer header, and determine whether the datagram is intended for a receiving network device.
  - 20. An apparatus according to claim 19, wherein said processor is further adapted to determine whether the destination address matches the receiving machine'"'"'s address, anddetermine whether the decrypted unique next-hop identifier matches the receiving machine'"'"'s unique next-hop identifier.
  - 21. An apparatus according to claim 19, wherein said processor is further adapted to drop the datagram if determined that the datagram is not intended for a predetermined host, and process the datagram if the datagram is intended for the predetermined host.
  - 22. An apparatus according to claim 13, wherein said processor is further adapted to periodically emit spurious traffic via said transceiver.
  - 23. An apparatus according to claim 13, wherein said processor is further adapted to determine an encryption key, and encrypt the plurality of identifying portions of the network layer header in accordance with the encryption key.

24. An apparatus for forwarding a datagram having a network layer header, comprising:
- a transceiver adapted to receive an encapsulated datagram from a network device;
  
  a processor including processing circuitry configured to detunnel the encapsulated datagram, extract an address from the network layer header, and admit the datagram into a network domain,wherein the network device is adapted to determine a unique next-hop identifier in accordance with a next-hop address that identifies a next-hop that the datagram will visit, generate a broadcast address in accordance with the next-hop address, create a partially encrypted network layer header by encrypting a plurality of identifying portions of the network layer header, wherein one portion of the network layer header is the unique next-hop identifier, encapsulate the datagram with another network layer header whose address is set to the broadcast address, and transmit the encapsulated datagram.

25. A machine-readable medium having stored thereon a computer program, for concealing the identity of a network device transmitting a datagram having a network layer header, operable to:
- determine a unique next-hop identifier in accordance with a next-hop address;
  
  generate a broadcast address in accordance with the next-hop address that identifies a next-hop that the datagram will visit;
  
  create a partially encrypted network layer header by encrypting a plurality of identifying portions of the network layer header, wherein one portion of the network layer header is the unique next-hop identifier; and
  
  encapsulate the datagram with another network layer header whose address is set to the broadcast address.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
- - 26. A machine-readable medium according to claim 25, wherein the computer program is further operable to:
    - store at least one subnet address, a host machine address, an encryption key corresponding to a network interface of a router connected to a local domain, a plurality of host encryption keys for a plurality of other hosts in the local domain, and a router address of the router, wherein the router has stored in a table the plurality of keys indexed by a plurality of addresses corresponding to the other hosts and the address of the host machine;
      
      create at least one unique initialization vector for each host in the local domain and the router in accordance with the unique next-hop identifier; and
      
      distribute each initialization vector to each host in the local domain.
  - 27. A machine-readable medium according to claim 25, wherein the computer program is further operable to:
    - set the next-hop address to an address of a recipient when the recipient host subnet matches a sending host subnet; and
      
      consult a routing table to find an address corresponding to the recipient host subnet when the recipient host subnet does not match the sending host subnet and setting the next-hop address to the found address.
  - 28. A machine-readable medium according to claim 25, wherein the computer program is further operable to:
    - set the next-hop address to a multicast address.
  - 29. A machine-readable medium according to claim 25, wherein the computer program is further operable to:
    - create a link-layer frame containing the encapsulated datagram, wherein when the next-hop address matches a sending host subnet, the destination link-layer address is set to a link-layer broadcast value and a source link-layer address is chosen per a link-layer addressing description, wherein when the next-hop address does not equal the sending host subnet, a conventional link-layer processing is performed to cross a link-layer collision boundary; and
      
      transmit the link-layer frame with the encapsulated datagram.
  - 30. A machine-readable medium according to claim 29, wherein the computer program is further operable to:
    - transmit on a time-controlled basis.
  - 31. A machine-readable medium according to claim 29, wherein the computer program is further operable to:
    - receive the link-layer frame with the encapsulated datagram;
      
      discard and/or ignoring the received link-layer frame;
      
      decrypt the identifying portions and the unique local identifier of the partially encrypted network layer header; and
      
      determine whether the datagram is intended for a receiving network device.
  - 32. A machine-readable medium according to claim 31, wherein the computer program is further operable to:
    - determine whether the destination address matches the receiving machine'"'"'s address; and
      
      determine whether the decrypted unique next-hop identifier matches the receiving machine'"'"'s unique next-hop identifier.
  - 33. A machine-readable medium according to claim 31, wherein the computer program is further operable to:
    - drop the datagram if determined that the datagram is not intended for the receiving network device;
      
      process the datagram if determined that the datagram is intended for the receiving network device.
  - 34. A machine-readable medium according to claim 25, wherein the computer program is further operable to:
    - periodically emit spurious traffic.
  - 35. A machine-readable medium according to claim 25, wherein the computer program is further operable to:
    - determine an encryption key; and
      
      encrypt the plurality of identifying portions of the network layer header in accordance with the encryption key.

36. A machine-readable medium having stored thereon a computer program, for forwarding a datagram having a network layer header, operable to:
- receive and detunnel an encapsulated datagram from a transceiver;
  
  extract an address from the network layer header; and
  
  admit the datagram into a network domain,wherein the transceiver is adapted to determine a unique next-hop identifier in accordance with a next-hop address that identifies a next-hop that the datagram will visit, generate a broadcast address in accordance with the next-hop address, create a partially encrypted network layer header by encrypting a plurality of identifying portions of the network layer header, wherein one portion of the network layer header is the unique next-hop identifier, encapsulate the datagram with another network layer header whose address is set to the broadcast address, and transmit the encapsulated datagram.

37. An apparatus for concealing the identity of a network device transmitting a datagram having a network layer header, comprising:
- means for determining a unique next-hop identifier in accordance with a next-hop address that identifies a next-hop that the datagram will visit;
  
  means for generating a broadcast address in accordance with the next-hop address;
  
  means for creating a partially encrypted network layer header by encrypting a plurality of identifying portions of the network layer header, wherein one portion of the network layer header is the unique next-hop identifier; and
  
  means for encapsulating the datagram with another network layer header whose address is set to the broadcast address.
- View Dependent Claims (38, 39, 40, 41, 42, 43, 44, 45, 46, 47)
- - 38. An apparatus according to claim 37, further comprising:
    - means for storing at least one subnet address, a host machine address, an encryption key corresponding to a network interface of a router connected to a local domain, a plurality of host encryption keys for a plurality of other hosts in the local domain, and a router address of the router, wherein the router has stored in a table the plurality of keys indexed by a plurality of addresses corresponding to the other hosts and the address of the host machine;
      
      means for creating at least one unique initialization vector for each host in the local domain and the router in accordance with the unique next-hop identifier; and
      
      means for distributing each initialization vector to each host in the local domain.
  - 39. An apparatus according to claim 37, further comprising:
    - means for setting the next-hop address to an address of a recipient when the recipient host subnet matches a sending host subnet;
      
      means for consulting a routing table to find an address corresponding to the recipient host subnet when the recipient host subnet does not match the sending host subnet; and
      
      means for setting the next-hop address to the found address.
  - 40. An apparatus according to claim 37, further comprising:
    - means for setting the next-hop address to a multicast address.
  - 41. An apparatus according to claim 37, further comprising:
    - means for creating a link-layer frame containing the encapsulated datagram, wherein when the next-hop address matches a sending host subnet, the destination link-layer address is set to a link-layer broadcast value and a source link-layer address is chosen per a link-layer addressing description, wherein when the next-hop address does not equal the sending host subnet, a conventional link-layer processing is performed to cross a link-layer collision boundary; and
      
      means for transmitting the link-layer frame with the encapsulated datagram.
  - 42. An apparatus according to claim 41, further comprising:
    - means for transmitting on a time-controlled basis.
  - 43. An apparatus according to claim 41, further comprising:
    - means for receiving the link-layer frame with the encapsulated datagram;
      
      means for discarding and/or ignoring the received link-layer frame;
      
      means for decrypting the identifying portions and the unique next-hop identifier of the partially encrypted network layer header; and
      
      means for determining whether the datagram is intended for a receiving network device.
  - 44. An apparatus according to claim 43, further comprising:
    - means for determining whether the destination address matches the receiving machine'"'"'s address; and
      
      means for determining whether the decrypted unique next-hop identifier matches the receiving machine'"'"'s unique next-hop identifier.
  - 45. An apparatus according to claim 43, further comprising:
    - means for dropping the datagram if determined that the datagram is not intended for the receiving network device; and
      
      means for processing the datagram if determined that the datagram is intended for the receiving network device.
  - 46. An apparatus according to claim 37, further comprising:
    - means for periodically emitting spurious traffic.
  - 47. An apparatus according to claim 37, further comprising:
    - means for determining an encryption key; and
      
      means for encrypting the plurality of identifying portions of the network layer header in accordance with the encryption key.

48. An apparatus for forwarding a datagram having a network layer header, comprising:
- means for receiving an encapsulated datagram from a network device;
  
  means for detunneling the encapsulated datagram;
  
  means for extracting an address from the network layer header; and
  
  means for admitting the datagram into a network domain,wherein the network device is adapted to determine a unique next-hop identifier in accordance with a next-hop address that identifies a next-hop that the datagram will visit, generate a broadcast address in accordance with the next-hop address, create a partially encrypted network layer header by encrypting a plurality of identifying portions of the network layer header, wherein one portion of the network layer header is the unique next-hop identifier, encapsulate the datagram with another network layer header whose address is set to the broadcast address, and transmit the encapsulated datagram.

49. A system for concealing the identity of a network device transmitting a datagram having a network layer header, comprising:
- a first processor adapted to determine a unique next-hop identifier in accordance with a next-hop address, generate a broadcast address in accordance with the next-hop address that identifies a next-hop that the datagram will visit, create a partially encrypted network layer header by encrypting a plurality of identifying portions of the network layer header, wherein one portion of the network layer header is the unique next-hop identifier, and encapsulate the datagram with another network layer header whose address is set to the broadcast address;
  
  a first transceiver electrically coupled to said first processor for transmitting and receiving the encapsulated datagram; and
  
  a second transceiver adapted to receive the encapsulated datagram,a second processor, electrically coupled to said second transceiver, adapted to detunnel the encapsulated datagram, extract an address from the network layer header, and admit the datagram into a network domain via the second transceiver.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Forcepoint Federal Holdings LLC (Forcepoint LLC), Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Original Assignee
Verizon Corporate Services Group Incorporated (Verizon Communications Inc.)
Inventors
Bubnis, Edward A. Jr., Keller, Thomas E., Fink, Russell Andrew
Primary Examiner(s)
CERVETTI, DAVID GARCIA

Application Number

US10/103,424
Time in Patent Office

3,008 Days
Field of Search

713/162, 713/161, 713/160, 713/153
US Class Current

713/162
CPC Class Codes

H04L 61/2539   Hiding addresses; Keeping a...

H04L 63/0407   wherein the identity of one...

H04L 63/1466   Active attacks involving in...

H04L 69/22   Parsing or analysis of headers

Method and apparatus for anonymous IP datagram exchange using dynamic network address translation

First Claim

17 Assignments

0 Petitions

Accused Products

Abstract

165 Citations

49 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for anonymous IP datagram exchange using dynamic network address translation

First Claim

17 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

165 Citations

49 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links