Signature specification for encrypted packet streams

US 8,868,906 B2
Filed: 11/19/2012
Issued: 10/21/2014
Est. Priority Date: 09/17/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A method, comprising:

receiving an encrypted stream of packets, wherein data included in the encrypted stream of packets is obscured by encryption;

specifying a signature for the encrypted stream of packets;

identifying an application type of the data included in the encrypted stream of packets using the signature, wherein the receiving, specifying and identifying are performed on at least one processor; and

communicating the signature to a communications device;

wherein the signature is based on one of size of the packets and timing between the packets;

wherein specifying the signature comprises specifying a packet for time-based insertion into the encrypted stream of packets, the packet having a size that identifies the application type of the data and not comprising data of the application type; and

wherein specifying the signature comprises establishing a pattern of packet sizes.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, systems, and products are disclosed for specifying a signature for an encrypted packet stream. One method receives the encrypted stream of packets, and encryption obscures the contents of a packet. A signature for insertion into the stream of packets is specified, and the signature identifies a type of data encrypted within the stream of packets. The signature identifies the contents of the packet despite the encryption obscuring the contents.

Citations

16 Claims

1. A method, comprising:
- receiving an encrypted stream of packets, wherein data included in the encrypted stream of packets is obscured by encryption;
  
  specifying a signature for the encrypted stream of packets;
  
  identifying an application type of the data included in the encrypted stream of packets using the signature, wherein the receiving, specifying and identifying are performed on at least one processor; and
  
  communicating the signature to a communications device;
  
  wherein the signature is based on one of size of the packets and timing between the packets;
  
  wherein specifying the signature comprises specifying a packet for time-based insertion into the encrypted stream of packets, the packet having a size that identifies the application type of the data and not comprising data of the application type; and
  
  wherein specifying the signature comprises establishing a pattern of packet sizes.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. A method according to claim 1, wherein specifying the signature comprises establishing the size for each of the packets in the encrypted stream of packets included in the encrypted stream of packets, the size for each packet identifying the application type of the data.
  - 3. A method according to claim 1, further comprising changing the signature.
  - 4. A method according to claim 1, further comprising specifying the signature as identifying Voice Over Internet Protocol data as the application type of the data included in the encrypted stream of packets.
  - 5. A method according to claim 1 wherein specifying the signature comprises establishing a pattern of timing intervals between the packets included in the encrypted stream of packets, the pattern of the timing intervals identifying the application type of the data included in the encrypted stream of packets.
  - 6. A method according to claim 1, wherein specifying the signature comprises establishing a periodic timing interval between two of the packets included in the encrypted stream of packets, the periodic timing interval identifying the application type of the data.

7. A system, comprising:
- a processor; and
  
  a memory device comprising computer readable program code on the memory device that when executed by the process causes the processor to perform operations comprising;
  
  receiving an encrypted stream of packets, wherein data included in the encrypted stream of packets is obscured by encryption;
  
  specifying a signature for the encrypted stream of packets;
  
  identifying an application type of the data included in the encrypted stream of packets using the signature, wherein the receiving, specifying and identifying are performed on at least one processor; and
  
  communicating the signature to a communications device;
  
  wherein the signature is based on one of size of the packets and timing between the packets;
  
  wherein specifying the signature comprises specifying a packet for time-based insertion into the encrypted stream of packets, the packet having a size that identifies the application type of the data and not comprising data andwherein specifying the signature comprises establishing a pattern of packet sizes.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. A system according to claim 7, wherein specifying the signature comprises establishing the size for each of the packets in the encrypted stream of packets included in the encrypted stream of packets, the size for each packet identifying the application type of the data.
  - 9. A system according to claim 7, wherein the operations further comprise changing the signature.
  - 10. A system according to claim 7, wherein the operations further comprise specifying the signature as identifying Voice Over Internet Protocol data as the application type of the data included in the encrypted stream of packets.
  - 11. A system according to claim 7, wherein specifying the signature comprises establishing a pattern of timing intervals between the packets included in the encrypted stream of packets, the pattern of the timing intervals identifying the application type of the data included in the encrypted stream of packets.
  - 12. A system according to claim 7, wherein specifying the signature comprises establishing a periodic timing interval between two of the packets included in the encrypted stream of packets, the periodic timing interval identifying the application type of the data.

13. A computer program product, comprising:
- a non-transitory computer readable medium comprising computer readable program code that when the computer readable program code is executed by a processor causes the processor to perform operations comprising;
  
  receiving an encrypted stream of packets, wherein data included in the encrypted stream of packets is obscured by encryption;
  
  specifying a signature for the encrypted stream of packets;
  
  identifying an application type of the data included in the encrypted stream of packets using the signature, wherein the receiving, specifying and identifying are performed on at least one processor; and
  
  communicating the signature to a communications device;
  
  wherein the signature is based on one of size of the packets and timing between the packets;
  
  wherein specifying the signature comprises specifying a packet for time-based insertion into the encrypted stream of packets, the packet having a size that identifies the application type of the data and not comprising data of the application type; and
  
  wherein specifying the signature comprises establishing a pattern of packet sizes.
- View Dependent Claims (14, 15, 16)
- - 14. A computer program product according to claim 13, wherein the operations further comprise specifying a signature as identifying Voice Over Internet Protocol as the application type of the data included in the encrypted stream of packets.
  - 15. A computer program product according to claim 13, wherein specifying the signature comprises establishing a pattern of timing intervals between the packets included in the encrypted stream of packets, the pattern of the timing intervals identifying the application type of the data included in the encrypted stream of packets.
  - 16. A computer program product according to claim 13, wherein specifying the signature comprises establishing a periodic timing interval between two of the packets included in the encrypted stream of packets, the periodic timing interval identifying the application type of the data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Aaron, Jeffrey A., Shrum, Edgar Vaughan Jr.
Primary Examiner(s)
Shiferaw, Eleni
Assistant Examiner(s)
CALLAHAN, PAUL E

Application Number

US13/681,066
Publication Number

US 20130080786A1
Time in Patent Office

701 Days
Field of Search

380/201, 380/240, 380/241, 713/160
US Class Current

713/160
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/12   Applying verification of th...

H04L 9/065   Encryption by serially and ...

H04L 9/3247   involving digital signatures

Signature specification for encrypted packet streams

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Signature specification for encrypted packet streams

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links