AU701622B2 - Secure satellite receive-only local area network with address filter - Google Patents

Secure satellite receive-only local area network with address filter Download PDF

Info

Publication number
AU701622B2
AU701622B2 AU63764/96A AU6376496A AU701622B2 AU 701622 B2 AU701622 B2 AU 701622B2 AU 63764/96 A AU63764/96 A AU 63764/96A AU 6376496 A AU6376496 A AU 6376496A AU 701622 B2 AU701622 B2 AU 701622B2
Authority
AU
Australia
Prior art keywords
key
data packet
satellite
data
packet
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
AU63764/96A
Other versions
AU6376496A (en
Inventor
Douglas M. Dillon
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
DirecTV Group Inc
Original Assignee
DirecTV Group Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by DirecTV Group Inc filed Critical DirecTV Group Inc
Priority to PCT/US1996/000558 priority Critical patent/WO1997026730A1/en
Publication of AU6376496A publication Critical patent/AU6376496A/en
Assigned to HUGHES ELECTRONICS CORPORATION reassignment HUGHES ELECTRONICS CORPORATION Alteration of Name(s) of Applicant(s) under S113 Assignors: HUGHES AIRCRAFT COMPANY
Application granted granted Critical
Publication of AU701622B2 publication Critical patent/AU701622B2/en
Anticipated expiration legal-status Critical
Application status is Ceased legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B7/00Radio transmission systems, i.e. using radiation field
    • H04B7/14Relay systems
    • H04B7/15Active relay systems
    • H04B7/185Space-based or airborne stations; Stations for satellite systems
    • H04B7/18578Satellite systems for providing broadband data service to individual earth stations
    • H04B7/18593Arrangements for preventing unauthorised access or for providing user protection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/54Store-and-forward switching systems
    • H04L12/56Packet switching systems
    • H04L12/5691Access to open networks; Ingress point selection, e.g. ISP selection
    • H04L12/5692Selection among different networks

Description

-lA- Description SECURE SATELLITE RECEIVE-ONLY LOCAL AREA NETWORK WITH ADDRESS FILTER Background of the Invention 0 5 This application relates to a computer network and, more specifically, to a method and apparatus that allows .oo0 a satellite network to connect to a conventional local area network (LAN).

In a conventional satellite communication networks a hub station sends signals to a satellite and then to a :::receiver on the ground. The receiver is usually specially adapted to receive the satellite signal and the signal is formatted using proprietary packet formats.

00:0 15 The satellite si~gnal is designed to be received by a plurality of receivers. In some conventional systems, :the data is encrypted using a key known to all of the 0 30 a a o plurality of receivers.

00 0. A disadvantage of such conventional systems lies in 0 0, 0 00 00 :the fact that the receiver is specialised and it is difficult to connect the receiver to a conventional LAN.

00 0 It would be desirable for the receiver to include a conventional computer that can be connected to a standard LAN. Moreover, it is desirable for the hub station to be able to send data to either an individual receiver or to all receivers. In addition it would be desirable to encrypt the data so that only of the plurality of *:Goo:receivers could decrypt it.

Suma~ of the Invention 0 According to a preferred embodiment the present 30 invention overcomes the problems and disadvantages of the prior art by sending data in a format used by conventional LAN systems to a personal computer connected to the LAN. The data can be addressed to all of a plurality of receivers or to a single receiver. In addition, the data can be encrypted in a manner that P enables only certain receivers to decrypt it.

According to one aspect of the present inv,,ention $there is provided a receiver connected to a satellite 1 WO 97/26730 PCTIUS96/00558 -2communication network comprising: a satellite receiver card for receiving a data packet from the satellite communication network, each data packet com-orising at least a destination address field for identifying the destination of the data packet; a destination service access point field for identifying the transmitted data packet to the satellite receiver card; and key update bit; 04 a key distribution unit for providing the satellite receiver card with keys for decrypting the data in the 0 0000 packet when the data is encrypted, said keys being selected as a function of the key update bits such that the satellite receiver card is provided with a decrypting age: key only if the satellite receiver card is authorised to 15 receive a data packet identified by a particular ova4 :destination service access point; and Ile 000a satellite receive device driver, associated with 0 4 the satellite receiver card, for outputting the data 0 ::100:packet in a format using a predetermined standard local 4 4 0 0l area network interface format.

According to another aspect of the present invention there is provided a method of receiving information in a 0 0 satellite communication network including the steps of: receiving at least one data packet cw. information transmitted from a satellite, each data packet comprising at least a destination address field for identifying 0:4004 the destination of the data packet, a destination *service access point field for identifyig the 044 transmitted data packet, and key update bits; 00: 30 providing keys f or decrypting the data in the packet when the data is encrypted, said keys being selected as a function of the key update bits such that a decrypting key is provided only if there is authorisation to receive a data packet identified by a particular destination service acce-s po int; and outputting the data packet in a format using a/ predetermined standard local area network interface format.

1111~ an~' 2a- Brief Description of the Drawings The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate several embodiments of the invention and, together with 0 5 the description service to explain the principles of the o000 o invention.

o*o Figure 1 is a hardware block diagram of a preferred 0 o0. embodiment of the invention; Figure 2 shows a format of a data packet used in a preferred embodiment of the invention; Figure 3 shows a format of a destination address field of the data packet of Figure 2; and 00o 0 ee00 oo 0 0 0 000 oo 0 o o 9a 0900 0 Soo 00 o0 0 1 0000 e0 4 0000 0 0* 0 0 0 00 0 0 0 0 0 9 9 o @0 00 0 WO 97/26730 PCT1US96/00558 -3- Fig. 4 shows another format of a destinatic. address field of the data packet of Fig. 2.

Detailed Descrintion of th' e Preferred Embodiments Reference will now be made in detail to the preferred embodiments of the invention, examples of which are illustrated in the accompanying drawings. Wherever possible, the same reference numbers will be used throughout the drawings to refer to the same or like parts.

Fig. 1 is a hardware block diagram of a preferred embodiment of the invention connected to a satellite communications network. Fig. 1 illustrates a personal computer 102, an interfacility link (IFL) 108, preferably a coaxial cable, an antenna 110, having an outdoor satellite receiver (OSR) 112, a satellite 114, a hub 116, a conditional access center (CAC) 118, and a local area network CLAN) 150.

Personal computer 102 includes a CPU 120, a memory 122, an inside satellite receiver CISR) 124, a replacable security engine (RSE) 126, a LAN interface 128, and a bus 135 interconnecting the components of the computer 102. CAC 118 also includes a CPU and a memory (not shown) IFL 108, antenna 110, OSR 112, satellite 114, and hub 116 are all of known types. Hub 116 preferably sends a signal in a Ku-band having apprcximately a 500 MHz frequency range to satellite 114. The signal preferably is encoded using Binary Phase Shift Keying (BPSK) but could be encoded using other methods. Satellite 114 transmits the signals to the OSR 112 on antenna 110. OSR 112 amplifies and down modulates an entire received transmission preferably to Lband (typically 950 MHz to 1450 MHz) and passes the resulting signal to the ISR 124 via IFL 108. Computer 102 is connected to a conventional keyboard and display screen (not shown) through a known peripheral bus.

The ISR 124 is preferably an adaptor card for receiving a transmission from the OSR 112, processing it, and sending the processed signal tc the rest of the computer 102 via the interface 129 and bus 135. The ISR 124 may be implemented as WO 97/26730 PCT/US96/00558 -4described in copending application "APPARATUS AND METHOD FOR SATELLITE RECEIVER COMPUTER ADAPTOR CARD" by Douglas M.

Dillon and Robert D. Cassagnol, filed November 14, 1994, or in any other manner that will meet the requirements of processing and decrypting signals from the OSR 112. The disclosure of this copending application is incorporated herein by reference.

The memory 122 of computer 102 includes data and software programs. The software programs include an indoor satellite receiver driver 130 aod a LAN interface driver 140.

The CPU 120 executes the software programs stored in the memory 122, including the satellite receiver device driver 130 and the LAN interface device driver 140. The CPU preferably is a 33 MHz or faster Intel 486 microprocessor belonging to the X86 family of microprocessors, manufactured by Intel Corp., although any microprocessor capable of performing the functions described herein can be used.

The RSE 126 is, a smart card or a DS2252T Secure Microstik manufactured by Dallas Semiconductor. LAN interface 128 can be implemented using any standard LAN interface software or hardware known to those skilled in the art, Microsoft's NDIS, Novell's ODI, AT&T's LLI, or other conventional network interface formats.

A standard network driver interface 129 is used to pass information between ISR 124 and the rest of computer 102.

Network driver interface 129 also uses one of, e.g., Microsoft's NDIS, Novell's ODI, AT&T's LLI, or other conventional network interface formats. Interface 134 passes information between the ISR device driver 130 and ISR 124.

The ISR 124 acts to accept data from the hub 116, through the satellite 114 and OSR 112, decrypt the data if necessary, and repacketize that data into a standard LAN packet format. Because interface 129 uses standard packet formats, ISR device driver 130 operates with any application program designed to connect to a standard LAN. The invention's use of a standard LAN packet format and a standard device driver ri~as~i~ "---19911111~9~81~1~"4---sq1~1~9~81~ Pll ~Pil6"a~- i~.

U,

WO 97/26730 PCT/US96/00558 interface allows off-the-shelf LAN based application programs to be used for receive-only satellite communications. It also allows custom software to be more easily developed because programmers may write software to work with familiar interfaces. Although in this embodiment the LAN interface 128 is shown as separate from the ISR 124, it is understood that the two could both be placed on a single adaptor card.

Fig. 2 shows a format of a data packet 200 used in a preferred embodiment of the invention for transmission from the hub 116 to the ISR 124 via the satellite 114, and OSR 110. Data packet 200 conforms to the IEEE 802.2 LAN packet standard. Data packet 200 is transmitted over IFL 108 and received by the ISR 124 in the personal computer 102. Data packet 200 includes a destination address (DA) field 202, a source address (SA) field 204, a length (LEN) field 206, a destination service access point (DSAP) field 208, a source service access point (SSAP) field 210, an information field 212 and a frame check sequence (FCS) field 214. The DSAP field 208 serves to identify the transmitted data packet to the receiver. The FCS field 214 is a 32 bit CRC value to aid in identifying erroneous packets. The IEEE 802.2 standard is well known by those skilled in the art.

Fig. 3 shows a format of a destination address field 300 of the data packet of Fig. 2 when the packet is encrypted.

Field 300 includes an individual/group flag field 302 indicating whether the address is an address of multiple receivers or an individual address, key update bits 304 which tell the RSE 126 what key seed to use in decrypting the packet, and a destination address field 306. Field 300 also includes a DSAP value field 308 that duplicates the value in the DSAP field 208.

Fig. 4 shows another format of a destination address field 400 of the data packet of Fig. 2 when the packet is not encrypted. Field 400 also includes an individual/group (I/G) flag field 402 indicating whether the address is a multicast address or an individual address, and a destination address

I

IP _l___lllssJl~s*UIJIII~ ta t WO 97/26730 PCT/US96/00558 -6field 406. Field 400 also includes a DSAP value field 408 thaz duplicates the value in the DSAP field 208.

The ISR 124 includes hardware that checks the duplicate DSAP bit 308/408 and determines whether the personal computer 102 is to receive an incoming packet. Thus, only the destination address field 300/400 need be checked and the checking can be done in hardware when making a determination as to whether to receive or discard a packet.

The packets sent by the hub 116 are encrypted using a symmetric encryption standard, such as the Data Encryption Standard (DES), as set forth in Federal Standard 10-26, as shown in Telecommunications: Compatibility Requirements for Use of Data Encryvtion Standards, published December 11, 1978 by the General Services Administration. Other embodiments may send some or all packets using a private key encryption standard. Hub 116 encrypts information field 212 of each packet using a key that is unique to that packet's destination address. Each possible destination has a memory storing a corresponding encryption key.

The decryption of the incoming packets performed by the computer 102 is preferably performed as follows. The ISR 124 receives and decrypts the packets. RSE 126 provides the ISR 124 only those keys corresponding to addresses that the hardware is authorized to receive. The ISR 124 discards a packet when it does not have the key required to decrypt that packet.

An application program stored in memory 122 indicates which DSAPs and which multicast addresses the application wishes to receive using the convention established by interface 129. ISR device driver 130 combines the set of DSAPs of interest to all the application programs with the ISR hardware's individual address to produce a set of individual addresses of interest to the software. The ISR device driver 130 also combines each application program's set of multicast addresses to produce the set of multicast addresses of interest to the software. The combination of i WO 9726730PCT1US96100558 -7the list of individual addresses of interest and the list z multicasc addresses of interest constitutes the entire list: of addresses of interest to software. The TSR device driver 4 130 informs the TSR 124 which addresses it is interested in by loading this entire list of addresses of interest into the receive hardware.

The TSR 124 examines the destination address of each packet and discards a packet unless the receive hardware has both been notified that the packet's destination is of interest to the software and has received the key for the packet's destination address from RSE 126. The RSE 126 only provides the TSR 124 with a tulticast address's key if the receiver is authorized to receive that multicast address.

The RSE 126 only provides the receive hardware with the key for an individual address with embedded DSAP if the address is the receiver's individual address and if the receiver is authorized to receive the DSAP.

The RSE 2.26 encapsulates all of the information and processing critical to the security of the system into a single, inexpensive, but physically secure unit. The RSE 126 is designed so that, should the security of the system be attacked and breached, security can be restored by providing each receiver with a new RSE 126 using a revised key distribution algorithm that is resistant to earlier attacks.

The RSE 126 receives information from the ISR device driver 130, the list of addresses of interest, and provi.des keys to the TSR 124.

The RSE 126 contains a physically secure, nonvolatile, random access memory (NYRAM) 160. The NYRAM 160 contains the individual address of its associated satellite receiver, a private key, a null key, and a key update address. The individual address has the DSAP that is used to carry key distribution packets embedded in it. The private key is used to decrypt key distribution packets sent individually to the RSE 126. The null key is a key upon which no security depends, which is used to encrypt key distribution packets.

__I__L2_~4BaUll~e~U_4UB_1 WO 97/26730 PCTIUS96/00558 No security may depend on this key because the resul:ing data is passed in the clear from the ISR device driver 130 into the RSE 126. The key update address is a multicast address which is used to periodically send key update messages to RSEs.

The CAC 118 periodically transmits to each RSE 126, at their individual address, key distribution packets containing secure data for the RSE 126. This secure data is double encrypted using both the RSE's private key and the null key.

The secure data contains two seed sets, identified by sequence number, where each seed set has an entry for each of the addresses the replacable security engine's ISR 124 is authorized to receive. The existence of two seed sets facilitates the frequent changing of keys. The address in a seed set can be either a multicast address or an individual address with embedded DSAP. I Each seed set entry contains an address the ISR 124 is authorized to receive and a key seed. The key seed is used as the key to a keyed one-way hashing function that is used together with the contents of key update packets to generate keys for the address. Keyed one-way hashing functions are well known in the computer art.

Key update packets are periodically broadcast by the CAC 118 to the RSE 126 to allow the keys to be changed frequently. Each key packet contains a current key sequence number, a next key sequence number, a current seed set sequence number, a next seed set sequence number, a current key vector and a next key vector. The hub indicates that it is beginning a key update by sending out a key update packet in which the next key sequence number is one greater than the current key sequence number. This warns the RSE 126 to create and load the keys based on the pieces of data in the key update packet and the previously transmitted seed sets.

The key update message is very short, which allows the hub to send frequent key updates without significantly increasing the overhead of the system.

I

II____CPq~ ~YIIC____II~LI~BC Y- _C_ WO 97/26730 PCTIUS96/00558 -9- The combination of the key update packet with the secure database allows the RSE to c,..erate keys for any of the addresses the computer 102 is authorized to receive and only for those addresses that the computer 102 is authorized to receive. The set of authorized addresses can be modified by sending a revised database to the receiver whose next seed set incorporates the changes. When the hub 116 switches to that seed set, the computer 102 loses access to any addressee that it is no longer authorized to receive and obtains access to any addresses that it has newly been authorized to receive.

At system startup RSE 126 loads the null key for the individual address into the satellite receive hardware and the null key for the key update address. This allows the ISR device driver 130 to receive and decrypt key distribution packets and key update packets, using the null key. The ISR device driver 130 relays these packets to the RSE 126. The key distribution packets received by the RSE 126 are encrypted using the RSE's privA.t key. Thus, the key seeds contained in the key distribution packets do not appear "in the clear," unencrypted, outside of the RSE 126. The key update messages appear "in the clear" but are not sufficient by themselves or with the keys from a keyed oneway function to allow the key seeds to be obtained.

In order to change the keys quickly, individual packets are tagged to contain the sequence number of the key under which they are encrypted. Fig. 3 shows the preferred format of the destination address 300 with an N-bit key update field 304. The destination address also includes an I/G bit 302 indicating whether the following address is an individual address or a group multicast, address, and either a 39 bit individual address or a 47 bit multicast address 306, depending upon the value of the I/G bit 302. If the address 306 is an individual address, an 8 bit DSAP 308 is added to the end of the individual address. By repeating the DSAP within the destination address, the ISR 124 need WO 97/26730 PCT[US96/00558 only look at the destination address to determine whether tc receive or discard a packet.

Every time the hub changes keys it increments the key update field modulo For each requested address the application wishes to receive, the RSE 126 passes to the ISR 124 two addresses and two keys, as a pair of address/key combinations. One of the address/key combinations corresponds to the current key and the other combination either corresponds to the previous key (current sequence number or the next key (current sequence number One of these two key/address combinations will provide the current key for the received address. Prior to the change of keys by the hub 116, one key/address combination will contain the current key and the other will contain the next key, the key corresponding to the current sequence number plus 1. After the change of keys by the hub 116, one key/address combination will conta'.n the current key and the other will contain the previous key, the key corresponding to the current 'sequence number minus 1.

The hub 116 broadcasts a key update packet to the RSE 126 shortly before the hub 116 switches keys. This allows the RSE 126 to create and load the next keys shortly before the hub switches to using those new keys. By sending the update message to the RSE 126 prior to the switching of the keys, the hub 116 ensures that the ISR 124 is ready when the hub switches. By sending the update message only shortly before it is needed, the hub 116 ensures that the update message cannot be easily intercepted and relayed for use by unauthorized receivers. This allows the system to change the keys frequently and allow only an authorized receiver access to the keys.

Other embodiments will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. It is intended that the specification and examples be considered as exemplary only, with a true scope of the invention being indicated by the following claims.

Claims (2)

1. A receiver connected to a satellite communication network comprising: a satellite receiver card for receiving a data 5 packet from the satellite communication network, each data packet comprising at least a destination address o field for identifying the destination of the data packet; a destination service access point field for identifying the transmitted data packet to the satellite a 10 receiver card; and key update bit; a key distribution unit for providing the satellite receiver card with keys for decrypting the data in the packet when the data is encrypted, said keys being selected as a function of the key update bits such that the satellite receiver card is provided with a decrypting key only if the satellite receiver card is authorised to receive a data packet identified by a particular destination service access point; and a stliereceive deiedriver, associated with *ea 20 the satellite receiver card, for outputting the data packet in a format using a predetermined standard local area network interface format. a A method of receiving information in a satellite a..communication network including the steps of: receiving at least one data packet of information transmitted from a satellite, each data packet comprising at least a destination address field for identifying *the destination of the data packet, a destination a.aservice access point field for identifying the 30 transmitted data packet, and key update bits; providing keys for decrypting the data in the packet when the data is encrypted, said keys being selected as a function of the key update bits such that a decrypting key is provided only if there is authorisation to receive a data packet identified by a particular destination service access point; and outputting the data packet in a format using a 2 predetermined standard local area network interface -12- format.
3. A receiver substantially as hereinbefore described with reference to the accompanying drawings. Dated this 17th day of November 1998 HUGHES AIRCRAFT COMPANY By their Patent Attorney GRIFFITH HACK o A o a CC A C CC 96V CC L C C Ao C C C CA C o 44Co CA C C C C .34
AU63764/96A 1996-01-16 1996-01-16 Secure satellite receive-only local area network with address filter Ceased AU701622B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/US1996/000558 WO1997026730A1 (en) 1996-01-16 1996-01-16 Secure satellite receive-only local area network with address filter

Publications (2)

Publication Number Publication Date
AU6376496A AU6376496A (en) 1997-08-11
AU701622B2 true AU701622B2 (en) 1999-02-04

Family

ID=22254624

Family Applications (1)

Application Number Title Priority Date Filing Date
AU63764/96A Ceased AU701622B2 (en) 1996-01-16 1996-01-16 Secure satellite receive-only local area network with address filter

Country Status (7)

Country Link
EP (1) EP0815669A4 (en)
JP (1) JP3388756B2 (en)
AU (1) AU701622B2 (en)
BR (1) BR9610882A (en)
CA (1) CA2213313C (en)
MX (1) MX9706285A (en)
WO (1) WO1997026730A1 (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE19737855A1 (en) * 1997-08-29 1999-03-04 Internet Skyway Ges Fuer Satel A data transmission system and method for transferring real-time data and / or store data in data communications networks
US6240074B1 (en) * 1998-02-19 2001-05-29 Motorola, Inc. Secure communication hub and method of secure data communication
CN1348649A (en) * 1998-10-23 2002-05-08 斯塔盖德数字网络有限公司 Ethernet digital storage (EDS) card and satellite transmission system
US6295361B1 (en) 1998-06-30 2001-09-25 Sun Microsystems, Inc. Method and apparatus for multicast indication of group key change
AU4161599A (en) * 1999-05-25 2000-12-12 Comgates Communications, Ltd. Packet based telephony over satellite links
FR2796790B1 (en) * 1999-07-23 2002-11-29 Sagem Processes of transmitting and broadcasting data packets receivers for the implementation of processes
EP1085727A1 (en) * 1999-09-16 2001-03-21 BRITISH TELECOMMUNICATIONS public limited company Packet authentication
JP2001127757A (en) * 1999-10-28 2001-05-11 Sony Corp Data reception method and data receiver

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4706081A (en) * 1984-12-14 1987-11-10 Vitalink Communications Corporation Method and apparatus for bridging local area networks
US5109384A (en) * 1988-11-02 1992-04-28 Tseung Lawrence C N Guaranteed reliable broadcast network
US5247575A (en) * 1988-08-16 1993-09-21 Sprague Peter J Information distribution system

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5117458A (en) * 1989-11-01 1992-05-26 Hitachi, Ltd. Secret information service system and method
JP2928331B2 (en) * 1990-05-14 1999-08-03 東京エレクトロン株式会社 Prober of the alignment apparatus and method
US5404505A (en) * 1991-11-01 1995-04-04 Finisar Corporation System for scheduling transmission of indexed and requested database tiers on demand at varying repetition rates
US5280625A (en) * 1992-06-26 1994-01-18 Hughes Aircraft Company Communication system and method for linking data terminals and their host computers through a satellite or other wide area network

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4706081A (en) * 1984-12-14 1987-11-10 Vitalink Communications Corporation Method and apparatus for bridging local area networks
US5247575A (en) * 1988-08-16 1993-09-21 Sprague Peter J Information distribution system
US5109384A (en) * 1988-11-02 1992-04-28 Tseung Lawrence C N Guaranteed reliable broadcast network

Also Published As

Publication number Publication date
JP3388756B2 (en) 2003-03-24
CA2213313A1 (en) 1997-07-24
EP0815669A4 (en) 2000-11-29
AU6376496A (en) 1997-08-11
EP0815669A1 (en) 1998-01-07
JPH10505478A (en) 1998-05-26
BR9610882A (en) 1999-07-13
CA2213313C (en) 2002-03-26
WO1997026730A1 (en) 1997-07-24
MX9706285A (en) 1997-10-31

Similar Documents

Publication Publication Date Title
US4924513A (en) Apparatus and method for secure transmission of data over an unsecure transmission channel
US5161193A (en) Pipelined cryptography processor and method for its use in communication networks
EP1153519B1 (en) A method for secure handover
US4881263A (en) Apparatus and method for secure transmission of data over an unsecure transmission channel
US4944006A (en) Secure data packet transmission system and method
JP5182967B2 (en) Packetized transport stream processing unit
EP0582395B1 (en) Computer network packet receiver and computer network with modified host-to-host encryption keys as well as respective methods
US4531020A (en) Multi-layer encryption system for the broadcast of encrypted information
CN1147147C (en) Method and apparatus for controlling operation of signal decoder in broadcasting system
US6044468A (en) Secure transmission using an ordinarily insecure network communication protocol such as SNMP
CA1214865A (en) Catv communications system
DE69833594T2 (en) Secure processor with an external memory using block chaining and restore the block order
US7565698B2 (en) Information-processing device
EP0464563B1 (en) Encryption with selective disclosure of protocol identifiers
US6195366B1 (en) Network communication system
CN100499799C (en) Transmission system of supplying conditional access for transmitted data
KR100388606B1 (en) System for signatureless transmission and reception of data packets between computer networks
US6295361B1 (en) Method and apparatus for multicast indication of group key change
CN1098581C (en) Use of an encryption server for encrypting messages
EP0464564B1 (en) Generic encryption technique for communication networks
US5402490A (en) Process for improving public key authentication
US7376625B2 (en) System and method for activating individualized software modules in a digital broadcast environment
US5583940A (en) Method, apparatus and device for enciphering messages transmitted between interconnected networks
US6289451B1 (en) System and method for efficiently implementing an authenticated communications channel that facilitates tamper detection
US5838668A (en) Satellite broadcast communications system

Legal Events

Date Code Title Description
MK14 Patent ceased section 143(a) (annual fees not paid) or expired