EP2338253A1 - A method for secure communication - Google Patents
A method for secure communicationInfo
- Publication number
- EP2338253A1 EP2338253A1 EP09813314A EP09813314A EP2338253A1 EP 2338253 A1 EP2338253 A1 EP 2338253A1 EP 09813314 A EP09813314 A EP 09813314A EP 09813314 A EP09813314 A EP 09813314A EP 2338253 A1 EP2338253 A1 EP 2338253A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- data packet
- communication
- predetermined
- communication equipments
- binary representations
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G09—EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
- G09C—CIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
- G09C1/00—Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/12—Transmitting and receiving encryption devices synchronised or initially set up in a particular manner
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/30—Compression, e.g. Merkle-Damgard construction
Definitions
- the present invention relates to a method for electronic communication between at least two communication equipments.
- An object of the invention is to decrease risks of harmful software code being given access to a communication equipment so that it causes damage. This object is attained by a method for electronic communication between at least two communication equipments, characterized by the steps of
- correlation information that is accessible to the communication equipments and correlates predetermined expressions, for usage in messages in communication sessions between the communication equipments, using predetermined binary representations, and
- the method allows secure electronic communication between communication equipments, which may be any type of equipments for electronic communication and processing of data, e.g., computers, systems of computers, handheld units such as mobile telephones, etc.
- the predetermined binary representations may be common uncrypted representations of respective of the predetermined expressions, e.g., by means of ASCII (American Standard Code for Information Interchange).
- the correlation information may contain an encryptation step from the predetermined expressions to the binary representations and vice versa.
- the predetermined expressions are preferably words or designations used in messages between the communication equipments. For instance, where one of the communication equipments is used by a person who is a member of a police squad, the predetermined expressions "50", “100”, “150”, “north”, “south”, “west”, “east”, “threat”, may be used in messages between the communication equipments, and the message "threat 100 west” means that there is a threat 100 m away in the westward direction.
- Each one of the predetermined expressions can be correlated with one respective of the predetermined binary representations. Alternatively, at least some of the predetermined binary representations can be correlated with combinations of two or more of the predetermined expressions.
- data packets sent between the communication equipments may contain one or more of the predetermined binary representations.
- the compared part is preferably a "payload" comprised by the data packet, i.e., a content or message conveyed by the data packet, except from data relating to the control of the communication.
- a communication protocol e.g., IP (Internet Protocol)
- IP Internet Protocol
- the predetermined expressions are used in messages between the communication equipments, i.e., between users of the communication equipments, and check of the presence of the binary representations for these expressions is included in the sending of the messages, checking of the proper message is included in a validation process for the authenticity thereof.
- the invention provides, by a check of contents of communication messages, a secure electronic communication, wherein the risk of foreign harmful software code, such as so- called viruses, worms, etc., entering and disturbing or damaging any of the communication equipments is reduced.
- the data packet is not allowed continued access to a communication session with another of the communication equipments.
- the prevention of continued access may be provided by deleting the data packet, or by storing the data packet in a way that makes that access to the communication session is prevented.
- Embodiments of the invention comprises the steps of creating, in a sending from the communication equipments, a message that contains at least one of the predetermined expressions, of selecting, by means of the correlation information, at least one of the binary representations that is correlated with at least one of the at least one predetermined expression of the message, of creating at least one data packet, each one of which comprises at least one of the selected binary representations, and of sending the data packet to another one of the communication equipments.
- the binary representations have a common predetermined length.
- Said length may be relatively small, e.g., 1 kB, which is considerably smaller than the length of usually occurring harmful software code, such as data viruses.
- the length of at least a part of the received data packet can be compared with the common predetermined length of the binary representations. If these lengths do not correspond, continued access for data packet of the communication session can be prevented.
- said receipt of the data packet is effected via a validation port in the communication equipment, the step of comparing at least a part of the received data packet with the predetermined binary representations being made on all data packets received in of the validation port.
- the validation port may be arranged to receive only one packet at a time.
- FIG. 1 schematically shows two communication equipments arranged to communicate with each other via a data network.
- Fig. 1 schematically shows two communication equipments 1 arranged to communicate with each other via a data network 2 by means of IP.
- Each one of the communication equipments 1 comprise a storage memory 11 and is arranged to store correlation information 12 in said same memory.
- the correlation information 12 contains predetermined expressions 121 for usage in messages in communication sessions between the communication equipments 1.
- the correlation information 12 correlates, e.g., by means of ASCII, the predetermined expressions 121 with predetermined binary representations 122. (In Fig. 1, there are shown fictitious binary numbers that do not correspond with ASCII.)
- the communication equipments 1 are arranged to create a message that contains at least one of the predetermined expressions 121, to select, by means of the correlation information 12, at least one of the binary representations 122 that is correlated with the predetermined expression 121 in the message, and to create a data packet 3 that comprises the selected binary representation 122 as well as send the data packet 3 to the other communication equipment by means of IP.
- the data packet contains, in addition to the binary representation 122, also a header 31 according to TCP/IP.
- the communication equipments 1 comprise a validation port 13 having a data storage and a processor, which validation port 13 is arranged to receive the data packet 3, and compare the binary representation 122 in the data packet 3 with the predetermined binary representations 122 in the storage memory 11 of the receiving communication unit 1. If it is clear that correspondence exists between one of the stored predetermined binary representations 122 and the predetermined binary representation 122 in the received data packet 3, the data packet is allowed continued access to the communication session between the communication equipments 1 , otherwise not. In the latter case, the data packet is deleted from the data storage of the validation port 13.
Abstract
Description
Claims
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
SE0801971A SE534758C2 (en) | 2008-09-15 | 2008-09-15 | Method with predetermined terms for secure electronic communication |
PCT/SE2009/051025 WO2010030231A1 (en) | 2008-09-15 | 2009-09-15 | A method for secure communication |
Publications (2)
Publication Number | Publication Date |
---|---|
EP2338253A1 true EP2338253A1 (en) | 2011-06-29 |
EP2338253A4 EP2338253A4 (en) | 2013-01-30 |
Family
ID=42005341
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP09813314A Withdrawn EP2338253A4 (en) | 2008-09-15 | 2009-09-15 | A method for secure communication |
Country Status (3)
Country | Link |
---|---|
EP (1) | EP2338253A4 (en) |
SE (1) | SE534758C2 (en) |
WO (1) | WO2010030231A1 (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
RU2708354C1 (en) * | 2018-10-03 | 2019-12-05 | Александр Александрович Бречко | Concealed information exchange method |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060098841A1 (en) * | 2003-03-11 | 2006-05-11 | Pim Tuyls | Method and system for enabling remote message composition |
-
2008
- 2008-09-15 SE SE0801971A patent/SE534758C2/en not_active IP Right Cessation
-
2009
- 2009-09-15 EP EP09813314A patent/EP2338253A4/en not_active Withdrawn
- 2009-09-15 WO PCT/SE2009/051025 patent/WO2010030231A1/en active Application Filing
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060098841A1 (en) * | 2003-03-11 | 2006-05-11 | Pim Tuyls | Method and system for enabling remote message composition |
Non-Patent Citations (1)
Title |
---|
See also references of WO2010030231A1 * |
Also Published As
Publication number | Publication date |
---|---|
WO2010030231A1 (en) | 2010-03-18 |
EP2338253A4 (en) | 2013-01-30 |
SE0801971A1 (en) | 2010-03-16 |
SE534758C2 (en) | 2011-12-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
RU2754871C2 (en) | Methods and device for last mile hyper-protected communication | |
US8423758B2 (en) | Method and apparatus for packet source validation architecture system for enhanced internet security | |
AU2016266557B2 (en) | Secure dynamic communication network and protocol | |
US8051480B2 (en) | System and method for monitoring and analyzing multiple interfaces and multiple protocols | |
US8191119B2 (en) | Method for protecting against denial of service attacks | |
CN101558599B (en) | Client device, mail system, program, and recording medium | |
CN101444119A (en) | System for implementing security police on mobile communication equipment | |
JP4692776B2 (en) | Method for protecting SIP-based applications | |
CN102761494A (en) | IKE (Internet Key Exchange) negotiation processing method and device | |
CN113746788A (en) | Data processing method and device | |
Castiglione et al. | Do you trust your phone? | |
CN111147524B (en) | Message sending end identification method and device and computer readable storage medium | |
CN105743868B (en) | A kind of data collection system and method for supporting encryption and non-encrypted agreement | |
US10491570B2 (en) | Method for transmitting data, method for receiving data, corresponding devices and programs | |
Shah et al. | TCP/IP network protocols—Security threats, flaws and defense methods | |
CN1996960B (en) | A filtering method for instant communication message and instant communication system | |
US9088595B2 (en) | Method and apparatus for packet source validation architecture system for enhanced internet security | |
EP2338253A1 (en) | A method for secure communication | |
US20140245385A1 (en) | Method and apparatus for packet source validation architecture system for enhanced internet security | |
CN107864136A (en) | A kind of stolen method of anti-locking system short message service | |
CN116418602B (en) | Metadata protection anonymous communication method and system based on trusted hardware | |
EP2109284A1 (en) | Protection mechanism against denial-of-service attacks via traffic redirection | |
CN108632090B (en) | Network management method and system | |
WO2005120004A1 (en) | Method for protecting against attacks in a high-speed network | |
CN114629669A (en) | Network anonymous channel construction method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20110415 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: AL BA RS |
|
RIN1 | Information on inventor provided before grant (corrected) |
Inventor name: STACKEGARD, PER Inventor name: KINNANDER, PER |
|
RIN1 | Information on inventor provided before grant (corrected) |
Inventor name: STACKEGARD, PER Inventor name: KINNANDER, PER |
|
DAX | Request for extension of the european patent (deleted) | ||
A4 | Supplementary search report drawn up and despatched |
Effective date: 20130107 |
|
RIC1 | Information provided on ipc code assigned before grant |
Ipc: H04L 9/32 20060101ALI20121224BHEP Ipc: H04L 9/12 20060101ALI20121224BHEP Ipc: G09C 1/00 20060101AFI20121224BHEP Ipc: G06F 21/00 20130101ALI20121224BHEP |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20130806 |