WO1999059293A1 - Data transfer method with varying packet transmission time interval security protocol - Google Patents

Data transfer method with varying packet transmission time interval security protocol Download PDF

Info

Publication number
WO1999059293A1
WO1999059293A1 PCT/SE1999/000686 SE9900686W WO9959293A1 WO 1999059293 A1 WO1999059293 A1 WO 1999059293A1 SE 9900686 W SE9900686 W SE 9900686W WO 9959293 A1 WO9959293 A1 WO 9959293A1
Authority
WO
WIPO (PCT)
Prior art keywords
message
packets
message packets
communications
time interval
Prior art date
Application number
PCT/SE1999/000686
Other languages
English (en)
French (fr)
Inventor
Louis Malette
Jacques Bugnon
Original Assignee
Telefonaktiebolaget Lm Ericsson (Publ)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonaktiebolaget Lm Ericsson (Publ) filed Critical Telefonaktiebolaget Lm Ericsson (Publ)
Priority to AU44019/99A priority Critical patent/AU4401999A/en
Priority to BR9910423-7A priority patent/BR9910423A/pt
Priority to GB0026379A priority patent/GB2353683A/en
Priority to CA002331612A priority patent/CA2331612A1/en
Publication of WO1999059293A1 publication Critical patent/WO1999059293A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0457Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply dynamic encryption, e.g. stream encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/121Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
    • H04W12/122Counter-measures against attacks; Protection against rogue devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/20Manipulation of established connections
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/14Multichannel or multilink protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/324Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the data link layer [OSI layer 2], e.g. HDLC

Definitions

  • the present invention relates to a method and system for providing secure communications and, in particular, to a method and system for splitting a sensitive message to be communicated into plural packets (perhaps having variable lengths) and then transmitting the individual packets from a source to a destination with a selected varying time interval between successive packets.
  • a message to be communicated over an unsecure communications link is fragmented into a plurality of packets. These individual packets may, if desired, have varying lengths.
  • a transmitter module then individually transmits the packets over the unsecure communications link. The transmissions of the individual packets are made by the module in such a fashion as to introduce a varying (perhaps, randomly or pseudo-randomly) selected inter-packet time interval (delay) between successive packets.
  • the transmitted packets are received and reassembled to regenerate the original message.
  • This protocol for non-timely transmission of the individual message packets serves to make it more difficult for an eavesdropper to capture all of the message packets and reconstruct the transmitted message.
  • Enhanced security is provided by not only transmitting the packets in a non-timely manner, but also by either sending the packets over different transmission paths supported by the communications link or disordering the packets in a random or pseudo random manner prior to transmission.
  • FIGURE 1 is a block diagram of a communications system implementing a security protocol in accordance with the present invention
  • FIGURE 2 is a flow diagram illustrating a method of operation concerning the security protocol of the present invention.
  • FIGURE 1 a block diagram of a communications system 10 implementing a security protocol in accordance with the present invention.
  • the communications system 10 includes an origination node
  • the origination node 12 includes a source 18 for generating message traffic.
  • the source 18 generated messages are then handled by a transmitter module 20 for transmission over the communications link 16 towards the destination node 14.
  • a receiver module 22 in the destination node 14 receives the transmitted messages, and outputs the messages to a message sink 24.
  • the transmitter module 20 includes a first functionality 26 for taking a message received from the source 18 and fragmenting the message into a plurality of individual packets. The fragmenting process may, if desired, generate individual packets of varying, rather than consistent, lengths. The transmitter module 20 then utilizes a second functionality 28 for transmitting the generated individual packets in a non-timely fashion.
  • non-timely it is meant that the individual packets are transmitted by the transmitter module 20 over the communications link 16 with a varying inter-packet time interval (delay) between successive packets in the source originated message. This introduced delay between packets may be of either a randomly or pseudo randomly selected duration.
  • the introduced varying inter-packet time delay serves to enhance the security of packet transmission over the communications link 16 as a potential eavesdropper does not know when each of the successive packets comprising the complete message are to be transmitted. Delays may be selectively chosen (from packet to packet) in a variable range from as short as - 3 -
  • the third functionality 30 further introduces a random or pseudo random disordering of the message packets prior to non-timely transmission over the communications link 16.
  • the fourth functionality 32 further introduces the transmission of the individual packets over different ones of a plurality of communications paths 34 supported by the communications link 16.
  • the paths 34 may comprise different logical or physical channels within the communications link 16.
  • the receiver module 22 includes a message reassembly functionality 36 for receiving the non-timely transmitted packets (perhaps in either or both a disordered manner and/or from different paths 34), and then coordinating the reconstruction of the original message as generated by the source 18. The reconstructed message is then output by the functionality 36 to the sink 24 for further processing and handling.
  • the functionality 36 includes appropriate memory (not shown) for temporarily caching received message packets prior to processing and completion of the message reconstruction action.
  • the system 10 comprises a telecommunications system
  • the origination node 12 sends a message on behalf of a user (such as a user mobile station)
  • the destination node 14 comprises a network communications node (such as a mobile switching center or home location register)
  • the communications link 16 comprises a signaling network of the telecommunications system.
  • the message being communicated in a fragmented, non-timely manner may comprises sensitive telecommunications information such as authentication data.
  • the secure transmission protocol of the present invention accordingly provides a level of defense against the interception of this sensitive mobile station information and possible cloning of the mobile station.
  • step 100 a message is originated for transmission.
  • step 102 that originated message is fragmenting into a plurality of individual packets.
  • the fragmenting process of step 102 may, if desired, generate individual packets of - 4 -
  • step 104 the generated individual packets are optionally disordered in either a random or a pseudo random manner.
  • the generated individual packets are then transmitted in step 106 in a non-timely fashion such that there is introduced between the transmission of individual packets a randomly or pseudo randomly varying inter-packet time interval (delay).
  • the non- timely transmission of step 106 may further involve selectively transmitting the individual packets over different ones of a plurality of communications paths (such as plural physical or logical channels).
  • step 108 the non- timely transmitted packets are received. Reassembly of the packets back into the original message occurs in step 110. This step of reassembly in step 110 accounts not only for the introduced inter- packet time delay, but also for any optionally introduced variance in packet size, packet disordering or differences in transmission path.
  • the regenerated message is then output in step 112.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Mobile Radio Communication Systems (AREA)
PCT/SE1999/000686 1998-05-13 1999-04-27 Data transfer method with varying packet transmission time interval security protocol WO1999059293A1 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
AU44019/99A AU4401999A (en) 1998-05-13 1999-04-27 Data transfer method with varying packet transmission time interval security protocol
BR9910423-7A BR9910423A (pt) 1998-05-13 1999-04-27 Processo e sistema de comunicações
GB0026379A GB2353683A (en) 1998-05-13 1999-04-27 Data transfer method with varying packet transmission time interval security protocol
CA002331612A CA2331612A1 (en) 1998-05-13 1999-04-27 Data transfer method with varying packet transmission time interval security protocol

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US7844798A 1998-05-13 1998-05-13
US09/078,447 1998-05-13

Publications (1)

Publication Number Publication Date
WO1999059293A1 true WO1999059293A1 (en) 1999-11-18

Family

ID=22144090

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SE1999/000686 WO1999059293A1 (en) 1998-05-13 1999-04-27 Data transfer method with varying packet transmission time interval security protocol

Country Status (7)

Country Link
CN (1) CN1300489A (pt)
AR (1) AR015289A1 (pt)
AU (1) AU4401999A (pt)
BR (1) BR9910423A (pt)
CA (1) CA2331612A1 (pt)
GB (1) GB2353683A (pt)
WO (1) WO1999059293A1 (pt)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2362547A (en) * 2000-01-07 2001-11-21 Motorola Inc Method for receiving smscb messages during grps/edge data transfer mode
EP1161040A2 (en) * 2000-05-08 2001-12-05 Mitsubishi Heavy Industries, Ltd. Data transmission over a plurality of lines
DE10214118A1 (de) * 2002-03-28 2003-10-23 Infineon Technologies Ag Schaltungsanordnung mit einem Sender und einem Empfänger
WO2003107562A2 (en) * 2002-06-18 2003-12-24 Reveo, Inc. Burst communications system and method
WO2005011195A2 (en) * 2003-07-24 2005-02-03 Koninklijke Philips Electronics N.V. Wireless network security
KR100557699B1 (ko) * 2001-07-21 2006-03-07 (주)와이즈인터네셔날코리아 로컬 네트워크를 이용한 화상 전송장치
US20060106753A1 (en) * 2004-11-17 2006-05-18 Samsung Electro-Mechanics Co., Ltd. Method for discovery reply packet transmission in communication network
WO2009034106A1 (fr) * 2007-09-13 2009-03-19 Viaccess Procede de securisation d'un flux de donnees
AU2005290963B2 (en) * 2004-08-13 2009-04-23 Nokia Technologies Oy WCDMA uplink HARQ operation during the reconfiguration of the TTI length
US7653393B2 (en) 2004-08-17 2010-01-26 Samsung Electronics Co., Ltd Method and system for forming and transmitting/receiving neighbor base station information in a BWA communication system
KR100943568B1 (ko) * 2006-06-16 2010-02-23 엔비디아 코포레이션 다수의 타입의 데이터 접속을 이용하여 데이터를 통신하는시스템 및 방법

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100334581C (zh) * 2004-04-02 2007-08-29 明基电通股份有限公司 在多个微处理器间传输数据的嵌入式计算机系统及方法
CN103596168A (zh) * 2013-11-18 2014-02-19 无锡赛思汇智科技有限公司 一种无线通讯中自适应抗干扰的消息发送与接收方法及装置
DE102018213898B4 (de) * 2018-08-17 2020-03-19 Continental Automotive Gmbh Überwachung einer Netzwerkverbindung auf Abhören
CN111698208B (zh) * 2020-05-07 2022-08-02 北京华云安信息技术有限公司 多隧道自适应数据流的编码方法、设备和存储介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4761778A (en) * 1985-04-11 1988-08-02 Massachusetts Institute Of Technology Coder-packetizer for random accessing in digital communication with multiple accessing
US5680400A (en) * 1995-05-31 1997-10-21 Unisys Corporation System for high-speed transfer of a continuous data stream between hosts using multiple parallel communication links
WO1998010561A1 (en) * 1996-09-09 1998-03-12 Telefonaktiebolaget Lm Ericsson (Publ) Method and apparatus for encrypting radio traffic in a telecommunications network
EP0830017A2 (en) * 1996-09-17 1998-03-18 Nextlevel Systems, Inc. Delivery and acquisition of data segments with optimized inter-arrival time

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4761778A (en) * 1985-04-11 1988-08-02 Massachusetts Institute Of Technology Coder-packetizer for random accessing in digital communication with multiple accessing
US5680400A (en) * 1995-05-31 1997-10-21 Unisys Corporation System for high-speed transfer of a continuous data stream between hosts using multiple parallel communication links
WO1998010561A1 (en) * 1996-09-09 1998-03-12 Telefonaktiebolaget Lm Ericsson (Publ) Method and apparatus for encrypting radio traffic in a telecommunications network
EP0830017A2 (en) * 1996-09-17 1998-03-18 Nextlevel Systems, Inc. Delivery and acquisition of data segments with optimized inter-arrival time

Cited By (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1315305C (zh) * 2000-01-07 2007-05-09 摩托罗拉公司 接收短消息业务蜂窝广播消息的方法
GB2362547A (en) * 2000-01-07 2001-11-21 Motorola Inc Method for receiving smscb messages during grps/edge data transfer mode
EP1161040A2 (en) * 2000-05-08 2001-12-05 Mitsubishi Heavy Industries, Ltd. Data transmission over a plurality of lines
EP1161040A3 (en) * 2000-05-08 2004-05-26 Mitsubishi Heavy Industries, Ltd. Data transmission over a plurality of lines
US6912252B2 (en) 2000-05-08 2005-06-28 Mitsubishi Heavy Industries, Ltd. Distributed communicating system, distributed communication data, distributed transmitting means and distributed receiving means
KR100557699B1 (ko) * 2001-07-21 2006-03-07 (주)와이즈인터네셔날코리아 로컬 네트워크를 이용한 화상 전송장치
DE10214118A1 (de) * 2002-03-28 2003-10-23 Infineon Technologies Ag Schaltungsanordnung mit einem Sender und einem Empfänger
US7457365B2 (en) 2002-03-28 2008-11-25 Infineon Technologies Ag Circuit arrangement having a transmitter and a receiver
DE10214118B4 (de) * 2002-03-28 2007-02-22 Infineon Technologies Ag Schaltungsanordnung mit einem Sender und einem Empfänger
WO2003107562A2 (en) * 2002-06-18 2003-12-24 Reveo, Inc. Burst communications system and method
WO2003107562A3 (en) * 2002-06-18 2004-07-29 Reveo Inc BURST COMMUNICATION SYSTEM AND METHOD
WO2005011195A3 (en) * 2003-07-24 2005-05-19 Koninkl Philips Electronics Nv Wireless network security
WO2005011195A2 (en) * 2003-07-24 2005-02-03 Koninklijke Philips Electronics N.V. Wireless network security
AU2005290963B2 (en) * 2004-08-13 2009-04-23 Nokia Technologies Oy WCDMA uplink HARQ operation during the reconfiguration of the TTI length
US7653393B2 (en) 2004-08-17 2010-01-26 Samsung Electronics Co., Ltd Method and system for forming and transmitting/receiving neighbor base station information in a BWA communication system
US20060106753A1 (en) * 2004-11-17 2006-05-18 Samsung Electro-Mechanics Co., Ltd. Method for discovery reply packet transmission in communication network
EP1659759A1 (en) 2004-11-17 2006-05-24 Samsung Electro-Mechanics Co., Ltd. Method for packet transmission in a sensor network
US7660860B2 (en) 2004-11-17 2010-02-09 Samsung Electro-Mechanics Co., Ltd Method for discovery reply packet transmission in communication network
CN1777111B (zh) * 2004-11-17 2010-11-24 三星电机株式会社 在通信网络中发现应答包发送的方法
KR100943568B1 (ko) * 2006-06-16 2010-02-23 엔비디아 코포레이션 다수의 타입의 데이터 접속을 이용하여 데이터를 통신하는시스템 및 방법
US8279893B2 (en) 2006-06-16 2012-10-02 Nvidia Corporation System and method for communicating data utilizing multiple types of data connections
FR2921173A1 (fr) * 2007-09-13 2009-03-20 Viaccess Sa Procede de securisation d'un flux de donnees
WO2009034106A1 (fr) * 2007-09-13 2009-03-19 Viaccess Procede de securisation d'un flux de donnees

Also Published As

Publication number Publication date
GB2353683A (en) 2001-02-28
CA2331612A1 (en) 1999-11-18
AU4401999A (en) 1999-11-29
BR9910423A (pt) 2001-01-09
CN1300489A (zh) 2001-06-20
AR015289A1 (es) 2001-04-18
GB0026379D0 (en) 2000-12-13

Similar Documents

Publication Publication Date Title
WO1999059293A1 (en) Data transfer method with varying packet transmission time interval security protocol
US5592555A (en) Wireless communications privacy method and system
Jakobsson et al. Security weaknesses in Bluetooth
US10924462B2 (en) Cryptanalysis method and system
US20020120874A1 (en) Method and system for secure exchange of messages
JPH05227152A (ja) 機密通信リンクを確立する方法および装置
CA2360781A1 (en) Key management for telephone calls to protect signaling and call packets between cta's
EP1190526A1 (en) Methods and arrangements for secure linking of entity authentication and ciphering key generation
TW201004263A (en) Method and apparatus for data privacy in passive optical networks
NL1005523C2 (nl) Werkwijze en communicatiesysteem voor het in gedeeltelijk gecodeerde vorm overdragen van informatiesignalen.
CN100459620C (zh) 用于加密电话通话的安全模块
Hajduczenia et al. On EPON security issues
CN114025346A (zh) 一种移动自设网络间数据安全有效的数据传输方法
GB2379588A (en) Encrypting/decrypting information in a wireless communication system
Meng et al. Analysis and solutions of security issues in Ethernet PON
Mahmood et al. Analysis and Evaluation of Secure Solutions for Terrestrial Networks
Kim et al. The implementation of the link security module in an EPON access network
EP1634406B1 (en) Processor, method, transmitter and terminal for use in communications
CN104796397B (zh) 一种数据加密发送的方法
Inácio et al. Preamble encryption mechanism for enhanced privacy in Ethernet passive optical networks
Heister et al. Privacy and Authenticity in PONs
Lee et al. Lightweight packet authentication in IEEE 802.11
EP1627490A1 (en) Processor and method for end-to-end encryption synchronisation
Locasto et al. WAR: wireless anonymous routing

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 99806123.9

Country of ref document: CN

AK Designated states

Kind code of ref document: A1

Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW SD SL SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
ENP Entry into the national phase

Ref document number: 200026379

Country of ref document: GB

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: PA/a/2000/011002

Country of ref document: MX

ENP Entry into the national phase

Ref document number: 2331612

Country of ref document: CA

NENP Non-entry into the national phase

Ref country code: KR

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase