×

Non-cryptographic addressing

  • US 8,261,062 B2
  • Filed: 06/22/2005
  • Issued: 09/04/2012
  • Est. Priority Date: 03/27/2003
  • Status: Active Grant
First Claim
Patent Images

1. A method for allowing a first device not capable of implementing a cryptographically generated address (CGA)-based protocol to participate in a first network controlled by a CGA-based protocol, wherein the first network comprises a plurality of devices, the method comprising:

  • a) extracting, by a second device, a first network address from a first message received from a third device, the first network address identifying the third device and including a hash of at least one cryptographic address parameter, the at least one parameter being a first public key associated with the third device;

    b) extracting, by the second device, a second network address from a second message, the second network address identifying the first device, wherein the second network address is not an encoding of a hash of a public key, and wherein the first device, the second device, and the third device are operatively connected via the first network;

    c) determining based on the first network address whether the first network address of the third device comprises one from the group consisting of;

    a cryptographic address and a non-cryptographic address, wherein determining further comprises;

    extracting a predetermined portion from the first network address;

    retrieving a predetermined value that indicates whether an address is cryptographic;

    comparing the predetermined portion from the first network address to the predetermined value;

    d) based on the comparison of the predetermined portion from the first network address to the predetermined value, identifying, by the second device, the first network address as a cryptographic address;

    e) authenticating the first message using the first network address and a first authentication scheme, the first authentication scheme including a cryptographic-address-based authentication scheme, wherein the authenticating comprises verifying the identity of a sender of the first message by checking a value of data for a routing prefix stored in a parameters structure to determine if the stored data is equal to a routing prefix of the first network address, wherein the verifying fails if the stored data differs from the routing prefix of the first network address;

    f) determining based on the second network address whether the second network address of the first device comprises one from the group consisting of;

    a cryptographic address and a non-cryptographic address, wherein determining further comprises;

    extracting a predetermined portion from the second network address;

    comparing the predetermined portion from the second network address to the predetermined value;

    g) based on the comparison of the predetermined portion from the second network address to the predetermined value;

    identifying, by the second device, the second network address as a non-cryptographic address;

    h) authenticating the second message using the second network address and a second authentication scheme, wherein the second authentication scheme comprises a non-cryptographic-address-based authentication scheme; and

    i) prioritizing the first message and the second message for processing, wherein the prioritizing comprises identifying the address type of each message as one of;

    (1) an authentic cryptographic address, (2) an authentic non-cryptographic address, and (3) a non-authenticated address, and wherein a message with an authentic cryptographic address is processed before a message with an authentic non-cryptographic address, and a message with an authentic non-cryptographic address is processed before a message with a non-authenticated address.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×