Systems and methods for transparent configuration authentication of networked devices
First Claim
1. A method for providing secure transmissions across a network comprising a client device and a server, the method comprising:
- at the client device, generating a stream of watermark bits;
generating a plurality of watermarks, each of the plurality of watermarks comprising a respective index number and a respective portion of the stream of watermark bits;
inserting the plurality of watermarks into respective headers of a plurality of outgoing packets;
receiving, at the server, the plurality of outgoing packets; and
determining if a received packet is valid based on the watermark in the header of the received packet;
wherein determining if a received packet is valid comprises;
comparing the watermark of the received packet to a first and a second window, each of the windows comprising a set of expected watermarks; and
accepting the watermark as valid if the received watermark matches one of the expected watermarks in the first or second windows; and
wherein comparing the watermark further comprises;
maintaining at the server a record of a pivotal index number representing the index number of the highest-numbered valid watermark received from the client device; and
comparing the watermark of the received packet to the first and the second window, wherein the first window represents expected watermarks whose index numbers precede the pivotal index number and the second window represents expected watermarks whose index numbers immediately supersede the pivotal index number.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems are disclosed for providing secure transmissions across a network comprising a transmitting device and a receiving device. At the transmitting device, a stream of watermark bits is generated. Next, a plurality of watermarks is generated, each of the plurality of watermarks comprising an index number and a portion of the stream of watermark bits. The watermarks are inserted into each header of a plurality of outgoing packets. At the receiving device, the plurality of outgoing packets are received and it is determined if a received packet is valid based on the watermark in the header of the received packet. The stream of watermark bits may be generated using a stream cipher such as RC4, a block cipher such as 3DES in CBC mode, or other equivalent pseudo-random stream generating techniques.
11 Citations
4 Claims
-
1. A method for providing secure transmissions across a network comprising a client device and a server, the method comprising:
-
at the client device, generating a stream of watermark bits; generating a plurality of watermarks, each of the plurality of watermarks comprising a respective index number and a respective portion of the stream of watermark bits; inserting the plurality of watermarks into respective headers of a plurality of outgoing packets; receiving, at the server, the plurality of outgoing packets; and determining if a received packet is valid based on the watermark in the header of the received packet; wherein determining if a received packet is valid comprises; comparing the watermark of the received packet to a first and a second window, each of the windows comprising a set of expected watermarks; and accepting the watermark as valid if the received watermark matches one of the expected watermarks in the first or second windows; and wherein comparing the watermark further comprises; maintaining at the server a record of a pivotal index number representing the index number of the highest-numbered valid watermark received from the client device; and comparing the watermark of the received packet to the first and the second window, wherein the first window represents expected watermarks whose index numbers precede the pivotal index number and the second window represents expected watermarks whose index numbers immediately supersede the pivotal index number.
-
-
2. A method for providing secure transmissions across a network comprising a client device and a server, the method comprising:
-
at the client device, generating a stream of watermark bits; generating a plurality of watermarks, each of the plurality of watermarks comprising a respective index number and a respective portion of the stream of watermark bits; inserting the plurality of watermarks into respective headers of a plurality of outgoing packets; receiving, at the server, the plurality of outgoing packets; and determining if a received packet is valid based on the watermark in the header of the received packet; wherein determining if a received packet is valid comprises; comparing the watermark of the received packet to a first and a second window, each of the windows comprising a set of expected watermarks; and accepting the watermark as valid if the received watermark matches one of the expected watermarks in the first or second windows; and wherein comparing the watermark further comprises; maintaining at the server a record of a pivotal index number representing the index number of the highest-numbered valid watermark received from the client device; comparing the watermark of the received packet to the first and the second window, wherein the first window represents expected watermarks whose index numbers precede the pivotal index number and the second window represents expected watermarks whose index numbers immediately supersede the pivotal index number; and increasing the pivotal index number if a match is found in the second window and deleting the matching expected watermark from the second window.
-
-
3. A system for providing secure transmissions across a network, the system comprising:
-
a client device for generating a stream of watermark bits; generating a plurality of watermarks, each of the plurality of watermarks comprising a respective index number and a respective portion of the stream of watermark bits; inserting the plurality of watermarks into respective headers of a plurality of outgoing packets; and transmitting the outgoing packets to a server; and a server for receiving the plurality of outgoing packets; and determining if a received packet is valid based on the watermark in the header of the received packet; wherein the server further determines if a received packet is valid by comparing the watermark of the received packet to a first and a second window, each of the windows comprising a set of expected watermarks; and
accepting the received watermark as valid if the received watermark matches one of the expected watermarks in the first or second windows; andwherein comparing the watermark further comprises; maintaining at the server a record of a pivotal index number representing the index number of the highest-numbered valid watermark received from the client device; and comparing the watermark of the received packet to the first and the second window, wherein the first window represents expected watermarks whose index numbers precede the pivotal index number and the second window represents expected watermarks whose index numbers immediately supersede the pivotal index number.
-
-
4. A system for providing secure transmissions across a network, the system comprising:
-
a client device for generating a stream of watermark bits; generating a plurality of watermarks, each of the plurality of watermarks comprising a respective index number and a respective portion of the stream of watermark bits; inserting the plurality of watermarks into respective headers of a plurality of outgoing packets; and transmitting the outgoing packets to a server; and a server for receiving the plurality of outgoing packets; and determining if a received packet is valid based on the watermark in the header of the received packet; wherein the server further determines if a received packet is valid by comparing the watermark of the received packet to a first and a second window, each of the windows comprising a set of expected watermarks; and
accepting the received watermark as valid if the received watermark matches one of the expected watermarks in the first or second windows; andwherein comparing the watermark further comprises; maintaining at the server a record of a pivotal index number representing the index number of the highest-numbered valid watermark received from the client device; and comparing the watermark of the received packet to the first and the second window, wherein the first window represents expected watermarks whose index numbers precede the pivotal index number and the second window represents expected watermarks whose index numbers immediately supersede the pivotal index number; and wherein the server increases the pivotal index number if a match is found in the second window and deletes the matching expected watermark from the second window.
-
Specification