Method and apparatus for end-to-end encryption of a data packet in a computer network (Assignee -- Digital Equipment Corporation)

Disclaimer: This information comes from sources that cannot be verified. As such, make no assumptions about its completeness or accuracy. We endeavor to keep this information up to date as much as possible. Feel free to send comments/ updates to the Security News Editor.

01-21-97. MicroPatent:

Method and apparatus for end-to-end encryption of a data packet in a computer network (Assignee -- Digital Equipment Corporation)

Abstract: A technique to facilitate decryption processing of information packets transmitted over a communication network after encryption in accordance with a specific network protocol, the details of which may be subject to later change as standards are developed or modified.

Programmable registers are used in the decryption process to hold information for identifying an incoming information packet as being subject to the specific protocol and requiring decryption, and identifying a starting location of a data field to be decrypted. Specifically one programmable register contains a first offset locating an identifier field in the packet, in which a cryptographic identifier will be found if the packet is one conforming to the protocol; another programmable register contains a cryptographic identifier value that will be found in the identifier field if decryption is to be performed, and a third programmable register contains a second offset to locate the beginning of a data field to be decrypted.

Ex Claim Text: A network interface, comprising: a programmable register to store a protocol identifier corresponding to a particular protocol whose packets require decryption and a data offset value indicating the starting location of encrypted message data relative to a header in said packets; means for comparing the stored protocol identifier with the contents of a field in the received packet to determine whether the received packet belongs to the particular protocol; means for selecting data beginning at the indicated starting location in the received packet for decryption if the received packet belongs to the particular protocol; and means for decrypting the selected data; wherein the network interface further comprises: said programmable register also stores an identifier offset value indicating the location of a protocol identifier value relative to said header; and means for selecting the field at the indicated protocol identifier value location in the received packet and providing the selected field to the comparing means.

Assignee: Digital Equipment Corporation

Patent Number: 5594869

Issue Date: 1997 01 14

Inventor(s): Hawe, William R.; Lampson, Butler W.; Gupta, Amar

If you would like to purchase a copy of this patent, please call MicroPatent at 800-648-6787.