GB2419785A - Ensuring the integrity of data by transmitting over at least two separate paths and comparing each reception to determine reliability - Google Patents
Ensuring the integrity of data by transmitting over at least two separate paths and comparing each reception to determine reliability Download PDFInfo
- Publication number
- GB2419785A GB2419785A GB0423848A GB0423848A GB2419785A GB 2419785 A GB2419785 A GB 2419785A GB 0423848 A GB0423848 A GB 0423848A GB 0423848 A GB0423848 A GB 0423848A GB 2419785 A GB2419785 A GB 2419785A
- Authority
- GB
- United Kingdom
- Prior art keywords
- data
- terminal
- route
- hash
- packet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 claims description 28
- 238000004891 communication Methods 0.000 claims description 10
- 240000008042 Zea mays Species 0.000 claims 1
- 235000005824 Zea mays ssp. parviglumis Nutrition 0.000 claims 1
- 235000002017 Zea mays subsp mays Nutrition 0.000 claims 1
- 235000005822 corn Nutrition 0.000 claims 1
- 230000005540 biological transmission Effects 0.000 abstract 1
- 230000009471 action Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 230000001010 compromised effect Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 238000005215 recombination Methods 0.000 description 1
- 230000006798 recombination Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3215—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a plurality of channels
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H04L29/06863—
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/18—Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
A system for ensuring that data has not been tampered with or adulterated involves using at least two transmission routes through a network and then comparing the data received over each path. If the data corresponds it is deemed to be reliable, otherwise it is suspect. At the most basic level two copies of the raw data can be sent over two different paths. Alternatively the data can be sent over one path, while a hash of the data is sent over a second. Thirdly an encrypted copy of the data could be sent over on path, and the key required to decrypt the data sent over the second path. Each of the above systems can be further enhanced by introducing more paths and more copies. For example four paths (18-21) over which two copies of each data packet (22, 23) and two separate packets each containing half a hash (24', 24'', 25', 25'') are transmitted.
Description
1 2419785 A METHOD OF DETERMFN[NG RELiABILITY OF DA1'A This invention
relates to a method of determimng reliability of data received at a terminal of a communication network There are various situations in which it is desirable to determine whether data which has been received is the same as the data which was originally sent. There may be occasions when the consequences of using data which has been tampered with in some way are signifIcant. Examples in the context of banking, include an instruction to transfer a particular amount of money to a specific bank account which would cause problems if the wrong amount of money was transferred, or if the correct amount was transferred, it went to the wrong account. In merchant banking where the sums involved may run to millions, then the consequences could impact on matters outside the bank itself Another example is for businesses sending data relating to potential breaches of security in their IT systems. In some cases, the response to a perceived virus attack is to shut down the system links to the outside world, but in this day and age, the outcome can he that the business of the company is brought to a standstill, therefore such an:s action should only be taken if there is a high degree of confidence in the accuracy of S..
the apparent breach. SS*S*
In accordance with a first aspect of the present invention, a method of determining reliability of data received at a terminal of a communication network *..
comprises sending first data down a first route; sending second data down a second.:: route; comparing the data received via the first and second routes; and determining the reliability of the data from the result of the comparison.
In accordance with a second aspect of the present invention, communication apparatus comprises a first terminal, including a splitter; and a second terminal, including a recombiner and a processor; at least two routes for sending data between the first and second terminal; wherein first data is sent down a first route from the first terminal to the second terminal; wherein second data is sent down a second route from the first terminal to the second terminal; wherein data received via the first and second routes at the second terminal is compared; and wherein the processor determines the reliability of the data from the result of the comparison.
Preferably, the first and second data are identical.
Preferably, the second route is substantially independent of the first route.
Preferably, the data is sent in packets.
Preferably, the second data is a hash of the first data.
Preferably, the first data and its related hash are sent randomly on their respective routes.
Preferably, the first data comprises data which has been encrypted using a key and the second data comprises the key.
Preferably, the method further comprises sending third data down a third route.
Preferably, the third data is identical to the first data.
An example of a method of determining reliability of data received at a terminal of a communication network according to the present invention will now be described with reference to the accompanying drawings in which: Figure 1 illustrates a conventional method of achieving resilience in packet * *.....
flows; Figure 2 illustrates a first example of a method of determining reliability of data:: received at a terminal of a communication network according to the present invention; S.. and,
S. S. S Figure 3 shows a modified example of the method described with respect to Fig. S...
2; and, Figure 4 illustrates another example of the method of the present invention. .: Fig.l illustrates an example of a method of improving resilience of data packet flows. A message 1 is passed through a first node 2 where the message packets are replicated. Packets 3, 4 are sent via two independent routes 5, 6 to a second node 7 where they are recombined to produce a reformed message 8. Where both packets get through successfully, one is dropped, hut if one packet is lost, then that packet is used to recreate the message, irrespective of the route which it took. This system, although improving resilience, does not address the possibility that a packet ()fl one route has been intercepted and replaced with another packet, which is then assumed to be colTect, provided that no conflicting packet gets through on the other route.
Fig. 2 illustrates a first example of a method of determining reliability of data received at a terminal of a communication network according to the present invention.
A message 10 at a node 11 is split into packets for sending. The same packets 12, 1 3 are sent via two independent routes 14, 15. This embodiment of the invention duplicates packets down multiple, disparate routes and re-combines them at the other efl(1, using a splitter and recombiner 16. 11 there is only one packet received, or the two received packets are not the same when the reach the recombiner, they are assumed to he suspect and an indication to this effect is provided with an output message 17.
This method takes advantage of existing infrastructure, so no other devices or security- specific configuration are required.
For packets arriving at the combiner, only certain fields will he expected to have changed in the packet headers (e.g. time-to-live/hop- count) and nothing in the packet payload. Thus, rather than simply performing the recombination and attempting to recreate the input packet flow without loss, the packets arriving at the recombiner are compared. If matched pairs of packets do not match, then the integrity of those packets cannot be guaranteed. In this case, there is no additional resilience, since both packets ** are required to arrive in order to verify the integrity and double the capacity is required:: in the transit network. S.
The present invention aims to improve the security of a flow of packets between, *SS*** two points in a network, without requiring a complex support infrastructure or modification of the existing infrastructure. Conventional ways of making packet flows *:: harder to intercept or modify, such as IP security protocol (IPsec), tend to he concerned.
with absolute' security and require some form of infrastructure in order to operate. In other words, existing security mechanisms require some form of negotiation or out-of- band exchange (e.g. pre-sharing' of keys) as well as some degree of bandwidth overhead. This invention requires only a comparable degree of bandwidth overhead, but no other configuration or setting Lip, SO it provides a relatively low cost, easily implemented solution. In many cases, the security will be extremely good - the only overhead is additional bandwidth, and this is minimised by the invention. Also, since there is no negotiation required between the sender and receiver, the method of the present invention is able to operate over a network containing a number of one-way links.
The basic method described above can he further modified to increase the security and reduce the load on the network as shown in Fig.3. Instead of the packets 12 and 13 of the message 10 being replicated and sent down two separate paths 14, 15, a hash of the packet is computed arid packets and hashes are randomly split across n paths (n > 2). Fig. 3 illustrates an example with four paths. Another advantage of making the number ofpaths> 2, is that packets can he replicated as a way of adding resilience as well. For example, in the situation shown where four paths 18, 19, 20, 2 1 are available, and two packets 22, 23 are being sent, for each of which a 20- byte SIIA-1 hash 24, 25 had been computed: the first packet is sent down paths 1 8 and 2 1, whilst 10 bytes 24' of the hash 24 are sent down path 19 and 10 bytes 24" of the hash 24 are sent down path 20. The second packet might be sent down paths 19 and 21, whilst 10 bytes 25' of the hash 25 are sent down path 18 and 10 bytes 25" of the hash 25 are sent down path 20. Other arrangements are possible.
The recombiner 16 considers a packet to have assured integrity if at least one copy of the packet 22, 23 and a valid hash 24, 25 for that packet arrives. The recombiner can monitor the different latencies of the paths and have a time window **" within which it accepts the packet/hash combination. Data arriving outside of this window is assumed to have been modified without authorisation. S..
Fig. 4 illustrates another example of the method of' the present invention where * *.**S* the message 10 is split in the splitter 11 into packets 12, 13 and a hash 26, 27 of each packet is calculated. The packets 12, 13 and the hashes 26, 27 are passed through *::* nodes M and M' 28, 29 which are assumed to be compromised. The example of Fig. 2 made it hard to damage the Integrity of the packet flow because the same change had to he made to both copies of' the packet in the network in order to change the output. The example of Fig. 4 goes further in that an attacker must modify both packets and the hash in transit. [his presumes that information about the content of the packet can be conveyed near- instantaneously between the two, or more, compromised nodes 28, 29.
This implies that it is also hard for an eavesdropper to reconstruct whole sessions, other than by using multiple points within the network. This security, which offers integrity protection only, is achieved without the need for any key distribution. The security is inherent in the path diversity and the difficulty of modifying the packet and the packet hash within a suitable time-frame.
The method of the present invention uses a device that is able to split a packet flow and send it down multiple, non-overlapping routes 14, 15, then recombine and check the data. A splitter 11 and combmer 16 are used, where the splitter modifies the packet flow in some way, such as by computing some form of strong checksum over the packet; or encrypting a packet with a random key, then makes a random choice to send each packet over one of n routes and re-combines the packets into a single flow at the combiner. The combiner 16 computes or verifies some form of strong checksum over the packet; or decrypts the packet according to the action applied at the input.
Apart from any necessary modifications to the splitter and combiner to enable the checksum or encryption to be applied or decoded, no additional devices are required to provide security. This device makes it very hard to intercept or modify packets, despite it relying on existing infrastructure and the device can also provide some or all of the resilience features of an active-active resilient system. The device can also control the bandwidth utilised by the system and provides a form of keyless' security.
An alternative embodiment of this invention involves encrypting each packet with a different random key and sending encrypted packets by one path and the key via' the diverse path. The key, in this case, is chosen via a suitably cryptographically strong':: pseudo-random number generator. The overhead is similar to the hash/checksum one: assuming that the packet is sent down one path and the key down another. Some form S **aSS of integrity check can be included. The effect of combining key encryption with multiple paths is that an eavesdropper cannot possibly interpret the packet without access to both paths; so listening Ofl a single path reveals no information. Likewise, to.
modify a packet requires the eavesdropper to get both packet and key.
An alternative to strict pseudo-random generation of the key sequence for this method is to use a weak security mechanism known as a reverse hash chain. In this, the sender picks a random number N and then computes a secure hash (e.g. SHA-l) of N (giving NI). This repeats, computing the hash of each hash. So, Ni is hashed to get N2, etc. The hashes are then used as the keys in reverse order. It is impractical for an adversary to predict the key sequence, since the hash is cryptographically strong.
1-lowever, it is trivial to verify that each hash is the next one in the expected sequence, when revealed. This provides additional verification that packets have been received from the same, perhaps anonymous, sender as the previous packets.
All of the methods described are able to work across networks containing uni- directional links. They are able to combine security and resilience; provide authentication or privacy at low overhead without infrastructure; arid do not require a keying infrastructure or configuration. * I
I I. I * I * I
I
I
I * III. * a... * *** * a
WI
Claims (20)
1. A method of determining reliability of data received at a terminal of a communication network; the method comprising sending first data down a first route; sending second data clown a second route; comparing the data received via the first and second routes; and determining the reliability of the data from the result of the comparison.
2. A method according to claim I, wherein the first and second data are identical.
3. A method according to claim I or claim 2, wherein the second route is substantially independent of the first route.
4. A method according to any of claims 1 to 3, wherein the data is sent in packets.
5. A method according to any preceding claim, wherein the second data is a hash " I. of the first data. * *.1 a'
6. A method according to any preceding claim, wherein the first data and its * ,.J e 4 related hash are sent randomly on their respective routes. _, 4 * a p aIm
7. A method according to any preceding claim, wherein the first data comprises * data which has been encrypted using a key and the second data comprises the key.
25. A method according to any preceding claim, further comprising sending third data doWn a third route.
9. A method according to claim 8, wherein the third data is identical to the first data.
10. A method of determining reliability of data received at a terminal of a communication network as hereinhefore described with reference to the accompanying drawings.
II. Communication apparatus comprising a first terminal, including a splitter; and a SeCond terminal, including a recombiner and a processor; at least two routes for sending data between the first and second terminal; wherein first data is sent down a first route from the first terminal to the second terminal; wherein second data is sent down a second route from the first terminal to the second terminal; wherein data received via the first and second routes at the second terminal is compared; and wherein the processor determines the reliability of the data from the result of the corn pan son.
12. Apparatus according to claim ii, wherein the first and second data are identical.
13. Apparatus according to claim 11 or claim 12, wherein the second route is substantially independent of the first route.
14. Apparatus according to any of claims 11 to 13, wherein the data is sent in
U
p.....
packets. Is * Is * S
15. Apparatus according to any preceding claim, comprising means for generating a hash of the first data; and sending the hash as the second data. I5SIS
S
16. Apparatus according to any preceding claim, wherein the first data and its * *5 related hash are sent randomly on their respective routes. . *.
1 7. Apparatus according to any preceding claim, further comprising means for encrypting the first data using a key and sending the key as the second data.
18. Apparatus according to any preceding claim, further comprising sending third data clown a third route.
19. Apparatus according to claim 18, wherein the third data is identical to the first data.
20. Apparatus for determining reliability of data received at a terminal of a communication network as hereinbefore described with reference to the accompanying drawings. * *
S..... * 3 * S S * S
S * S e...S *S.. * . 5.5. * S.. * . S *, *
Priority Applications (4)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GB0423848A GB2419785B (en) | 2004-10-27 | 2004-10-27 | A method of determining reliability of data |
| EP05801423A EP1805930A1 (en) | 2004-10-27 | 2005-10-19 | A method of determining reliability of information |
| PCT/GB2005/004017 WO2006046006A1 (en) | 2004-10-27 | 2005-10-19 | A method of determining reliability of information |
| US11/666,341 US20080310427A1 (en) | 2004-10-27 | 2005-10-19 | Method of Determining Reliability of Information |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GB0423848A GB2419785B (en) | 2004-10-27 | 2004-10-27 | A method of determining reliability of data |
Publications (3)
| Publication Number | Publication Date |
|---|---|
| GB0423848D0 GB0423848D0 (en) | 2004-12-01 |
| GB2419785A true GB2419785A (en) | 2006-05-03 |
| GB2419785B GB2419785B (en) | 2007-10-17 |
Family
ID=33515633
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| GB0423848A Expired - Fee Related GB2419785B (en) | 2004-10-27 | 2004-10-27 | A method of determining reliability of data |
Country Status (4)
| Country | Link |
|---|---|
| US (1) | US20080310427A1 (en) |
| EP (1) | EP1805930A1 (en) |
| GB (1) | GB2419785B (en) |
| WO (1) | WO2006046006A1 (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1881441A3 (en) * | 2006-07-19 | 2009-10-28 | Secunet Security Networks Aktiengesellschaft | Method for graphical display of digital data and device for performing the method |
| WO2009153585A3 (en) * | 2008-06-18 | 2010-04-22 | Isis Innovation Ltd | Improvements related to the authentication of messages |
| WO2014138647A1 (en) * | 2013-03-08 | 2014-09-12 | Itron, Inc. | Utilizing routing for secure transactions |
| GB2551808A (en) * | 2016-06-30 | 2018-01-03 | Razorsecure Ltd | Data validation |
Families Citing this family (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1892913A1 (en) | 2006-08-24 | 2008-02-27 | Siemens Aktiengesellschaft | Method and arrangement for providing a wireless mesh network |
| GB2507250A (en) * | 2012-08-22 | 2014-04-30 | Anthony James Higgins | Sending acknowledgments on a unidirectional channel |
| US11218446B2 (en) * | 2018-06-15 | 2022-01-04 | Orock Technologies, Inc. | Secure on-premise to cloud communication |
| US11360920B2 (en) | 2020-08-31 | 2022-06-14 | Micron Technology, Inc. | Mapping high-speed, point-to-point interface channels to packet virtual channels |
| US11412075B2 (en) | 2020-08-31 | 2022-08-09 | Micron Technology, Inc. | Multiple protocol header processing |
| US11296995B2 (en) | 2020-08-31 | 2022-04-05 | Micron Technology, Inc. | Reduced sized encoding of packet length field |
| US11418455B2 (en) * | 2020-08-31 | 2022-08-16 | Micron Technology, Inc. | Transparent packet splitting and recombining |
| US11539623B2 (en) | 2020-08-31 | 2022-12-27 | Micron Technology, Inc. | Single field for encoding multiple elements |
| US12346359B2 (en) * | 2022-11-08 | 2025-07-01 | Accenture Global Solutions Limited | Data integrity validation using diversified queries across multiple sources, interfaces, and networks |
| GB2625817A (en) * | 2022-12-28 | 2024-07-03 | British Telecomm | System and method for management of constrained IoT devices |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| DE10040644A1 (en) * | 2000-08-14 | 2002-02-28 | Arndt Jablonowski | Data transmitting method for Internet-based payment system, involves sending divided frames of payment data, to processor through two channels using different protocols |
| WO2002037745A1 (en) * | 2000-11-06 | 2002-05-10 | Siemens Aktiengesellschaft | Method for securely transmitting data between two terminals and a corresponding device for carrying out this method |
| US20030120924A1 (en) * | 2000-02-01 | 2003-06-26 | Olli Immonen | Method for checking the integrity of data, system and mobile terminal |
| JP2004015309A (en) * | 2002-06-05 | 2004-01-15 | Nippon Hoso Kyokai <Nhk> | Transmission method, reception method, transmission device, reception device, transmission program, and reception program |
| US20040153648A1 (en) * | 2003-01-31 | 2004-08-05 | Rotholtz Ben Aaron | Method and process for transmitting video content |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5734977A (en) * | 1994-11-10 | 1998-03-31 | Telefonaktiebolaget Lm Ericsson | Fraud detection in radio communications network |
| US6209096B1 (en) * | 1996-07-02 | 2001-03-27 | Yamaha Corporation | Method and device for storing main information with associated additional information incorporated therein |
| US6502135B1 (en) * | 1998-10-30 | 2002-12-31 | Science Applications International Corporation | Agile network protocol for secure communications with assured system availability |
-
2004
- 2004-10-27 GB GB0423848A patent/GB2419785B/en not_active Expired - Fee Related
-
2005
- 2005-10-19 EP EP05801423A patent/EP1805930A1/en not_active Withdrawn
- 2005-10-19 US US11/666,341 patent/US20080310427A1/en not_active Abandoned
- 2005-10-19 WO PCT/GB2005/004017 patent/WO2006046006A1/en not_active Ceased
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030120924A1 (en) * | 2000-02-01 | 2003-06-26 | Olli Immonen | Method for checking the integrity of data, system and mobile terminal |
| DE10040644A1 (en) * | 2000-08-14 | 2002-02-28 | Arndt Jablonowski | Data transmitting method for Internet-based payment system, involves sending divided frames of payment data, to processor through two channels using different protocols |
| WO2002037745A1 (en) * | 2000-11-06 | 2002-05-10 | Siemens Aktiengesellschaft | Method for securely transmitting data between two terminals and a corresponding device for carrying out this method |
| JP2004015309A (en) * | 2002-06-05 | 2004-01-15 | Nippon Hoso Kyokai <Nhk> | Transmission method, reception method, transmission device, reception device, transmission program, and reception program |
| US20040153648A1 (en) * | 2003-01-31 | 2004-08-05 | Rotholtz Ben Aaron | Method and process for transmitting video content |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1881441A3 (en) * | 2006-07-19 | 2009-10-28 | Secunet Security Networks Aktiengesellschaft | Method for graphical display of digital data and device for performing the method |
| WO2009153585A3 (en) * | 2008-06-18 | 2010-04-22 | Isis Innovation Ltd | Improvements related to the authentication of messages |
| WO2014138647A1 (en) * | 2013-03-08 | 2014-09-12 | Itron, Inc. | Utilizing routing for secure transactions |
| US9288215B2 (en) | 2013-03-08 | 2016-03-15 | Itron, Inc. | Utilizing routing for secure transactions |
| EP3447668A1 (en) * | 2013-03-08 | 2019-02-27 | Iltron, Inc. | Utilizing routing for secure transactions |
| GB2551808A (en) * | 2016-06-30 | 2018-01-03 | Razorsecure Ltd | Data validation |
Also Published As
| Publication number | Publication date |
|---|---|
| GB0423848D0 (en) | 2004-12-01 |
| WO2006046006A1 (en) | 2006-05-04 |
| EP1805930A1 (en) | 2007-07-11 |
| US20080310427A1 (en) | 2008-12-18 |
| GB2419785B (en) | 2007-10-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7171493B2 (en) | Camouflage of network traffic to resist attack | |
| Lazar et al. | Yodel: strong metadata security for voice calls | |
| US8249255B2 (en) | System and method for securing communications between devices | |
| US10601793B2 (en) | Systems and methods for securing electronic data with embedded security engines | |
| GB2419785A (en) | Ensuring the integrity of data by transmitting over at least two separate paths and comparing each reception to determine reliability | |
| Liu et al. | A lightweight authentication scheme based on self‐updating strategy for space information network | |
| Annessi et al. | It's about time: Securing broadcast time synchronization with data origin authentication | |
| Yuan et al. | Secure data transportation with software-defined networking and kn secret sharing for high-confidence IoT services | |
| CN107666491A (en) | The data transmission method of air-ground integrated network based on symmetric cryptography | |
| CN101867473A (en) | Anti-blocking attack shared media terminal connection establishment method and access authentication system | |
| Haase et al. | Secure communication protocol for network-on-chip with authenticated encryption and recovery mechanism | |
| Kent | Encryption-based protection for interactive user/computer communication | |
| CN103401876B (en) | VoIP service security assurance method and system based on scale variable window mechanism | |
| KR20220130494A (en) | Blockchain-based IoT security method and apparatus | |
| Al Dhaheri et al. | New two-level µTESLA protocol for IoT environments | |
| Hayden et al. | Multi-channel security through data fragmentation | |
| Franz et al. | Efficiency of secure network coding schemes | |
| Ando et al. | Bruisable Onions: Anonymous Communication in the Asynchronous Model | |
| Ch et al. | Ensuring reliability & freshness in wireless sensor networks | |
| US20240356904A1 (en) | Signature-less self-authenticating encrypted messages via asymmetric key pairs | |
| Ma et al. | Protecting satellite systems from disassociation DoS attacks | |
| Jin et al. | Quantum-Resistant Networks Using Post-Quantum Cryptography | |
| Gupta | A Secure Communication Schema Using Hashed Addresses | |
| Zhang et al. | Adaptive link layer security architecture for telecommand communications in space networks | |
| Dakannagari et al. | SAFE NETWORK TRANSMISSION OF A MESSAGE TO A DISTANT LOCATION |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PCNP | Patent ceased through non-payment of renewal fee |
Effective date: 20141027 |