WO2007106548A2 - Système et procédé de cryptographie de réseau - Google Patents

Système et procédé de cryptographie de réseau Download PDF

Info

Publication number
WO2007106548A2
WO2007106548A2 PCT/US2007/006516 US2007006516W WO2007106548A2 WO 2007106548 A2 WO2007106548 A2 WO 2007106548A2 US 2007006516 W US2007006516 W US 2007006516W WO 2007106548 A2 WO2007106548 A2 WO 2007106548A2
Authority
WO
WIPO (PCT)
Prior art keywords
context
header
frame
signal
field
Prior art date
Application number
PCT/US2007/006516
Other languages
English (en)
Other versions
WO2007106548A3 (fr
Inventor
Anthony C. Fascenda
James Gibbons
Original Assignee
Koolspan, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koolspan, Inc. filed Critical Koolspan, Inc.
Publication of WO2007106548A2 publication Critical patent/WO2007106548A2/fr
Publication of WO2007106548A3 publication Critical patent/WO2007106548A3/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/167Systems rendering the television signal unintelligible and subsequently intelligible
    • H04N7/1675Providing digital key or authorisation information for generation or regeneration of the scrambling sequence
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/234Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs
    • H04N21/2347Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26613Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing keys in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs
    • H04N21/4405Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream decryption

Definitions

  • the present invention relates to a system and method of network cryptography.
  • Embodiments of the present invention may be used to generate encrypted data communication frames that have the same size as the original unencrypted frames. That is, each frame that is to be communicated may be encrypted without increasing its size, yielding exactly one encrypted frame the same size as the original frame.
  • such frames may be 1,514 bytes in size, which is standard for IEEE 802.3 (Ethernet) networks (not including the frame preamble or cyclic redundancy check).
  • encrypting frames will increase the size of the frame due to encryption overhead information. The increased size of the encrypted frame may no longer fit across the desired communications path, thus requiring it to be fragmented into two or more frames.
  • Embodiments of the present invention may be used in the context of Voice Over
  • Internet Protocol regular internet or other network communications, Virtual Private Networks, or any other packetized communication.
  • Header compression of the present invention may reduce the amount of data sent between entities using, by way of non-limiting example, the KoolSpan Encryption Protocol
  • KEP KoolSpan Protocol
  • header compression There are at least two main benefits of header compression. First, it avoids fragmentation of frames for a given communication medium. Second, it reduces bandwidth requirements.
  • additional header information may be added for secure communication over local networks such as KEP, and additionally in remote sessions,
  • IP Internet protocol
  • header compression may result in no expansion of the frame (i.e. zero overhead). It may often avoid the fragmentation that can occur with KEP and other communication protocols.
  • header compression can be relatively small per frame when considering it as a percentage of the overall frame size, if the original frame is large.
  • header compression may have its greatest effect when frames are small. As such, header compression may be particularly effective for systems having slow transmission rates or other severe bandwidth constraints.
  • Header compression may operate within a context. Certain protocol header fields may distinguish contexts within each header compression category. These may be fields such as
  • IP addresses and Transmission Control Protocol (“TCP") or User Datagram Protocol (“UDP”) ports.
  • TCP Transmission Control Protocol
  • UDP User Datagram Protocol
  • An initiator and a collaborator may comprise the two entities that participate in header compression.
  • the initiator may monitor the traffic passing through it to determine which contexts would benefit from header compression. When it finds a candidate, it may assign a unique identifier and attempt to initiate header compression in that context with its collaborator.
  • the collaborator may accept or refuse to initiate header compression.
  • Header compression contexts may comprise only traffic between two cooperating entities. It also may replace the KEP header information with a modified format such as the
  • FIG. 1 is a schematic diagram depicting an original Ethernet frame of the prior art
  • FIG. 2 is a schematic diagram depicting an Ethernet frame without header compression according to an embodiment of the present invention.
  • Fig. 3 is a schematic diagram depicting a first step in restructuring the original
  • Ethernet frame to an Ethernet frame with header compression according to an embodiment of the present invention
  • Fig. 4 is a schematic diagram depicting' a second step in restructuring the original
  • Ethernet frame to an Ethernet frame with header compression according to an embodiment of the present invention
  • Fig. 5 is a schematic diagram depicting a third step in restructuring the original
  • Ethernet frame to an Ethernet frame with header compression according to an embodiment of the present invention
  • Fig. 6 is a schematic diagram depicting a fourth step in restructuring the original
  • FIG. 7 is a schematic diagram depicting a final step in restructuring the original
  • Ethernet frame to an Ethernet frame with header compression according to an embodiment of the present invention
  • Fig. 8 is a schematic diagram depicting a lock functionality according to an embodiment of the present invention. Detailed Description of the Invention
  • Ethernet network communication allows for the transmission of data frames across a network that do not exceed 1,514 bytes in size.
  • encryption generally requires increased overhead in the form of additional headers such that the entire packet exceeds 1,514 bytes, header compression may be used to decrease the encryption overhead of Ethernet frames of the present invention to meet the 1,514 byte size limit.
  • Fig. 1 is a schematic diagram depicting a prior art Ethernet frame 100.
  • Frame 100 consists of several parts.
  • MAC portion 102 contains a Media Access Control ("MAC") header which comprises 14 bytes.
  • the MAC header 102 typically contains two address fields comprising a source address and a destination address, among other information fields. Specifically, the source address may indicate the network adaptor the datagram originated from while the destination address may indicate the network adaptor the datagram is traveling to.
  • MAC Media Access Control
  • EP portion 104 contains an Internet Protocol (“IP”) header which comprises 20 bytes.
  • IP Internet Protocol
  • the IP header 104 contains several information fields, including the source and destination network identifiers (e.g. addresses). Specifically, the D?
  • header 104 may contain a source address that is assigned to the particular network layer interface where the IP datagram originated and a destination address that is assigned to the particular network layer interface where the BP datagram is traveling to.
  • TCP portion 106 contains a Transmission Control Protocol ("TCP") header which comprises 20 bytes.
  • TCP header 106 also contains several information fields, including the source and destination communication end-point identifiers (e.g. port numbers).
  • data portion 108 contains the data payload of the IP datagram. Due to the byte-size limit on frames that may be transmitted over an Ethernet, all the portions of the original Ethernet frame 100 combined can not exceed a fixed limit, by way of non-limiting example 1,514 bytes.
  • protocols of the present invention such as KoolSpan Protocol (“KP"), KoolSpan Encryption Protocol (“KEP”), KoolSpan Authorization Protocol (“KAP”), and the like, encapsulate the data during transmission.
  • KP KoolSpan Protocol
  • KAP KoolSpan Encryption Protocol
  • KAP KoolSpan Authorization Protocol
  • Each protocol of the present invention may contribute additional header information comprising additional bytes to the Ethernet frame.
  • FIGS 2-8 depict an example of the present invention using TCP as the type of transport layer protocol over an Ethernet network. It would be known to one of ordinary skill in the art that other protocols such as User Datagram Protocol (“UDP”), Real-time Transport Protocol (“RTP”) and the like may also be used in conjunction with the present invention for communications.
  • UDP User Datagram Protocol
  • RTP Real-time Transport Protocol
  • Fig. 2 is a schematic diagram depicting an Ethernet frame without header compression 200 according to one embodiment of the present invention.
  • Frame 200 consists of several parts.
  • Portion 202 contains MAC header 202 that may be similar to the MAC header 102 described in Fig. 1. Accordingly, MAC header 202 may also comprise 14 bytes.
  • EP/UDP portion 204 contains the Internet Protocol/User Datagram Protocol ("IP/UDP") header.
  • IP/UDP Internet Protocol/User Datagram Protocol
  • the TPfUDP portion 204 may be used to encapsulate ciphertext of the original frame (e.g., the encrypted plain text) into an UDP datagram.
  • the IP portion of the IP/UDP header 204 may be similar to the IP header 104 described in Fig. 1.
  • the IP portion of IP/UDP 204 may also comprise 20 bytes.
  • the UDP portion of the IP/UDP header 204 may comprise 8 bytes.
  • the UDP portion of the IP/UDP header 204 may contain several information fields, including the source and destination communication end point identifiers (e.g., port numbers), the length of the UDP header and the data encapsulated and a checksum.
  • the KP and KEP protocols may be used to encapsulate data for encryption purposes.
  • KP portion 206 contains the KP header.
  • the KP may encapsulate other KoolSpan protocols.
  • the KP header 206 may comprise 12 bytes.
  • the KP header 206 may not be configured to have header compression enabled.
  • the KP header 206 without header compression enabled may contain a version field comprising 1 byte, a type field comprising 1 byte, a length field comprising 2 bytes, a sequence field comprising 4 bytes, a flags field comprising 1 byte and a reserved for future use (“rfu”) field comprising 3 bytes.
  • the KP header 206 type field may comprise a signal to indicate which KP protocol is being used for encryption.
  • the type signal may comprise a KAP signal, a KEP signal, a KCD signal, or the like.
  • a KAP type signal may indicate that the KAP protocol is being used
  • a KEP type signal may indicate that the KEP protocol is being used
  • a KCD type signal may indicate that the KCD protocol is being used.
  • the KP header 106 flags field may comprise a signal to indicate whether the frame is fragmented or unfragmented.
  • a flags field of a fragmented datagram may contain a fragmented signal
  • a flags field of an unfragmented datagram may contain an unfragmented signal.
  • KEP portion 208 contains the KEP header.
  • the KEP header 208 may comprise 16 bytes.
  • the KEP header 208 may contain an enc Version field comprising 1 byte, a flags field comprising 1 byte, a destination address field comprising 6 bytes, a source address field comprising 6 bytes and an Ethernet type field comprising 2 bytes.
  • the KEP header 208 encVersion field may comprise a signal to indicate which version of the KEP protocol is being used for encryption.
  • the KEP header 208 flags field may comprise a signal to indicate the type of communications that will be taking place over the Ethernet comprising a data signal, a broadcast signal, a keep alive signal, or the like.
  • a data flag signal may indicate that the type of communication to be transmitted is data communication
  • a broadcast flag signal may indicate that the type of communication to be transmitted is broadcast communication
  • a keep alive flag signal may indicate that the type of communication to be transmitted is keep alive communication.
  • the KEP header 208 destination address and source address fields may comprise destination and source address that are equivalent to the destination and source addresses in the MAC header 202.
  • the KEP header 208 Ethernet type field may comprise a signal to indicate the type of traffic that will flow over the Ethernet.
  • the KEP header 208 Ethernet type field may comprise an Ethernet type signal that is equivalent to the Ethernet type signal in the MAC header 202.
  • IP/TCP/Plaintext code portion 210 contains the data payload of a datagram.
  • a 32-bit cyclical redundancy code (“CRC-32”) may comprise 4 bytes and be added to the IP/TCP/Plaintext data portion 210.
  • IP/TCP/Plaintext data with a 32-bit cyclical redundancy code portion 210 may be encrypted using a KEP or the like.
  • another tamper evidence check other than CRC-32 may be added to IP/TCP/Plaintext data.
  • IP/TCP/Plaintext data may not have a tamper evidence check.
  • the portions of the Ethernet frame without header compression 200 may combine to contribute an additional 60 bytes to the portions of the original Ethernet frame of the prior art.
  • the additional 60 bytes may increase the total byte size of a datagram of the present invention to 1,574 bytes.
  • Ethernet communication allows for the transmission of frames across the network that do not exceed 1,514 bytes in size. In this case, the frame may need to be fragmented to decrease the byte size of the resultant frames being transmitted across the Ethernet. Fragmentation, however, increases the overall processing time which may significantly decrease the speed in which data may be transmitted across the Ethernet.
  • a header compression technique of the present invention may be used to decrease the byte size of a datagram frame 200 to be transmitted over the Ethernet to reduce the size of the resultant frame to be less than or equal to the 1,514 byte size limit.
  • the header compression technique may comprise taking data that generally will not change for a given service, creating a service record, and forwarding that data to a corresponding entity such as a Koolspan lock.
  • a service record may comprise any given communication session between cooperating entities across a network path.
  • a lock may comprise at least one network interface and a ciphering engine that is used to decrypt encrypted frames at the receiving end of the communication path.
  • a lock may act as a remote bridge that bridges two Ethernet networks across a communications path. The lock may store this context data against a service number.
  • the lock may reinsert the static, non-changing data back into the decrypted datagram restoring the frame to its original state.
  • An entity may monitor its incoming traffic for every established session. If it fails to receive any valid KEP traffic from another entity for a certain period of time then it may discard its session with that entity.
  • KEP defines a special frame type called a keep-alive that an entity may send periodically if it has no other traffic to send. Doing so may avoid its session partner's KEP timeout.
  • KEP/HC defines another use for keep-alive datagrams. If an entity needs to send a header compression signal, and it has no other traffic to which it can attach that signal, it may send the signal within a keep-alive datagram.
  • keep-alive datagrams are out-of-band communications that may not be in any header compression context. Thus, a keep-alive datagram may not carry the signal(s) needed to convey context data. Most such signals may accompany a communicated frame that is within the context. Such frames may implicitly impart context data.
  • the HSHT-OUT signal may be an exception to the restriction on conveying context data with a keep-alive. Since the context is outgoing, there may be no incoming traffic to implicitly carry the context data. In this situation, the initiator may use a keep-alive datagram. The context data may be in its encrypted content.
  • a header compression setting may be set to zero (0) to disable header compression. It may be set to one (1) to enable header compression. It may be set to two (2) to enable header compression to be negotiated based on the peer's configuration. Note that header compression may occur if both the lock and the other entity have it enabled and if the communication contexts between them are amenable to header compression. Other values of configuration methodologies may also be used.
  • the KEP/HC protocol may consist of three parts.
  • the first part may specify the context data shared between an initiator and a collaborator.
  • the second part may define a group of compressed headers.
  • the third part may describe the procedures for managing context data using header compression signals.
  • a context's category may determine the content of its context data and the type of compressed header it uses.
  • the TCP category may cover TCP connections carried between entities.
  • the headers it compresses may be KP, KEP, IP, and TCP. It may be a bidirectional context, so its context data may comprise both incoming and outgoing headers.
  • the RTP category may cover IP/UDP encapsulated RTP sessions carried between entities.
  • the headers it compresses may be KP, KEP, IP, UDP, and RTP. It may be a unidirectional context that can work in either direction. Its context data may comprise either incoming or outgoing headers.
  • the UDP category may cover IPAJDP datagrams carried between entities that do not contain RTP.
  • the headers it compresses may be KP, KEP, IP, and UDP.
  • This category may not be as effective as the others; it may compress to a small, but non-zero, amount of overhead. It may be a unidirectional context that can work in either direction. Its context data may comprise either incoming or outgoing headers.
  • Each header compression category may use a different context data.
  • the header fields within that data may be of five general types listed below.
  • a header field's compression type may depend on four attributes. The first may be whether its value changes from one frame to the next, within a context, or remains constant. For an unvarying field, the second attribute may its necessity for defining the context. If the field's value does change, however, then the third attribute may be the frequency of changes. The fourth attribute, if a field's value changes frequently, may be the method used to communicate its value.
  • the five general types of context data may comprise defined, implied, derived, encoded and carried. Defined may refer to header fields that define a particular context. Their values may not change because a different value defines a different context. The communicating entities may establish the value of this type of field in their context data when they initiate the context. Implied may refer to header fields that change infrequently, if at all. Such fields may not be necessary for defining a context. The communicating entities may establish the value of this type of field in their context data when they initiate the context. If these values change then the entities may update their context data. Derived may refer to header fields that have values that change frequently, but the receiving entity can compute their values from other known data.
  • Length fields may be an example of this type. Encoded may refer to header fields that have frequently changing values, but the transmitting entity can encode their values in ways that require fewer bits. The encoding methods used may depend on the particular fields and how their values change. Carried may refer to header fields that have values that change frequently, but there is no way to encode their values in fewer bits. The transmitting entity may send their values in their entirety.
  • the defined, implied, and derived header field types may allow the most compression. They may require no space in the compressed header.
  • the encoded type may need compressed header space but still may allow some compression.
  • the carried type may allow no compression.
  • the context data in the TCP header compression category may contain two sets of headers. One set may be for the outgoing part of the connection. The other may be for the incoming part.
  • the outgoing context data for one entity may correspond to the incoming data for the other entity using that context.
  • Each set within the TCP context data may store a copy of the KP, KEP, IP, and
  • TCP headers used for traffic in a particular direction This set of headers appears in the following table. [0048]
  • the following table may characterize the header fields for the TCP header compression category. Note that some header fields may have constraints. If any header field fails to meet its constraint, then the frame may be unsuitable for header compression.
  • Table 2 Header Fields for the TCP Category
  • the context data may contain one set of headers. These may represent either an incoming or an outgoing context.
  • a two-way session such as for Voice Over
  • VoIP Internet Protocol
  • VoIP Internet Protocol
  • the headers comprising the RTP context data may be KP 3 KEP, IP, UDP, and
  • RTP header may have a variable length, as shown in the following table.
  • the following table may characterize the header fields for the RTP header compression category. Note that some header fields may have constraints. If any header field fails to meet its constraint then the datagram may be unsuitable for header compression.
  • the context data for the UDP category may contain one set of headers. These may be for either an incoming or an outgoing context.
  • the headers for KP, KEP, IP, and UDP may make up the UDP context data. These appear in the table below.
  • the following table may characterize the header fields for the UDP header compression category. Note that some header fields may have constraints. If any header field fails to meet its constraint then the datagram may be unsuitable for header compression.
  • a Header Compression bit with a value of one may indicate the presence of a
  • KEP/HC datagram This may be the most significant bit of the first byte in the KEP/KP header portion of a frame in some embodiments of the present invention.
  • a frame according to an embodiment of the present invention may be one that is IP/UDP encapsulated and sent to UDP port.
  • the KEP/HC header may be in two parts. The sender may not encrypt the first part. • This part may indicate its own format, identify a context (or otherwise specify the format of the second part), and may tell the receiving entity how to decrypt the remainder of the frame. The sender may encrypt the second part. Its format may depend on the category of the identified context.
  • the remainder of a KEP/HC datagram may contain portions of the original content of the headers that were compressed.
  • the sender may encrypt this data together with the second part of the KEP/HC header.
  • Most encoded header fields may use the method of least significant bit (“LSB") interval encoding, or a modified form of it.
  • the encoded value may be some number of the least-significant bits from the header field.
  • this method may work for fields with values that increase monotonically. However, to accommodate frames that may arrive out of order, it may limit its operation to an encoding interval.
  • the encoding interval may have two attributes, its width and its offset.
  • the width may depend on the number of bits in the encoded field.
  • Each header field using this encoding method may specify its own offset.
  • the encoder may take the appropriate number of least-significant bits from the header value.
  • the decoder may determine the most-significant bits from its context data. The purpose of using an encoding interval may be to improve the decoder's inference about the most- significant bits in the event that the field's values are not strictly monotonic. For example, this may occur due to reordering of IP or retransmission of TCP datagrams.
  • a entity may encode a field only if the new value lies within the encoding interval of the prior value. If any field in any header fails this test then the entity may send the frame without compressing its headers. For an encoded field with W bits, an offset of O, and a prior value P, the new value may be in the interval [(P - O), (P - O) + (2 W - 1)].
  • An entity may decode this type of field using the same interval. It may base the interval on the most recently received valid value for the field. It may choose the value from that interval that has the same least-significant bits as it received in the compressed header encoding. [0068] With some small frames, compressing headers may reduce the number of bytes of encrypted data below the minimum required by the encryption process. To compensate for this, an entity may append extra bytes before encryption. The least-significant four bits of the last byte may specify the number of extra or padding bytes. It may also set a flag in the compressed header to indicate that this occurred.
  • An entity that receives a frame with compressed headers may expand those headers into their original form. It may derive the length fields in the expanded headers from the length of the received frame. After decryption, if it finds that the length adjustment flag is set, it may adjust those length field derivations. It may examine the last decrypted byte of data to determine by how many bytes it needs to reduce each derived length.
  • Every compressed header may begin with a known prefix.
  • a header is three bits. These bits may include the header compression bit and two format bits, as shown in the table below.
  • the format field may be common to all compressed headers.
  • the hcFmt field may be a 2-bit field specifying the format of the unencrypted part of the header. It may have the values shown in the following table.
  • the two fields in this unencrypted part of the compressed header may encode the
  • the hcKpSeq field may be a 5-bit field that encodes the KP sequence number. It may use a modified LSB interval encoding.
  • the hcCID field may be an 8-bit field containing the context identifier.
  • the encoding for the KP sequence number may be somewhat different from the usual LSB interval method.
  • the least-significant bit in the KP sequence number may always be the same for frames traveling in a particular direction. Therefore, this field may use bits [5..1] rather than bits [4..0] for its 5-bit encoding. Its offset may also take this bit-shift into account.
  • the encoder may not use the encoding interval to test whether to encode the KP sequence number. It may encode the 5-bit value.
  • An entity may maintain an expected KP sequence number for each context.
  • the decoder may use that expected value rather than the most recently received valid value. This may make the encoding interval [(E - 16), (E - 16) + (2 6 - I)] for the KP sequence number, where E may be the expected value for decoding.
  • the compressed headers may be KP, KEP, IP, and TCP.
  • Header compression may not allow options in the IP header. It may work with TCP options but may not attempt to compress them; it may simply carry them as if they were part of the TCP payload.
  • the KEP/HC header for the TCP category may consist of 12 bytes, shown in the following table. Note that the fields in this header may have lengths that do not always align them to byte boundaries. This fixed length header may guarantee that there is zero overhead for remote communications. That means that the size of a frame with compressed headers, carried between two entities, may be the same size as the original frame carried on the network(s) to which those entities are attached to.
  • the TCP category may use KEP/HC format 0O 2 for the first, unencrypted part of the header. The receiving entity may learn the format of the second part by finding that the identified context is associated with the TCP category.
  • the encrypted part of the compressed header for the TCP category may have the following fields.
  • the hcL field may be a bit flag that indicates whether the length of the TCP datagram requires adjustment. A value of zero may mean that the length is correct. A value of one may mean this datagram contains extra bytes, appended to meet the minimum encryption requirement.
  • the hcS field may be a bit flag that indicates whether to swap the bytes in the EP identification field. A value of zero may mean that the field is correct. A value of one may mean the encoder swapped the bytes before encoding.
  • the hclpld field may be a 9-bit field that encodes the IP identification field.
  • the hcP field may be a bit flag that carries the TCP PSH flag.
  • the hcTcpSeq field may be an 18-bit field that encodes the TCP sequence number. It may use an LSB interval encoding with an offset of 65536.
  • the hcTcpAck field may be an 18-bit field that encodes the TCP acknowledgement number. It may use an LSB interval encoding with an offset of 65536.
  • the hcTcpWnd field may be a 16-bit field that carries the TCP window field.
  • the hcTcpSum field may be a 16-bit field that carries the TCP checksum field.
  • the encoder may adjust the value to exclude the TCP pseudo-header and include the KP, KEP, and IP headers. This may allow the receiver to validate the entire reconstructed datagram after decryption and header expansion.
  • certain embodiments of the present invention may compare successive IP identification fields. If the most-significant byte varies while the least-significant does not then it may swap those bytes before encoding. This may support some systems processors that do not correctly encode the IP identification in network byte-order.
  • the compressed headers in the RTP category may be KP, KEP, IP, UDP, and
  • the IP header may not have options and the UDP checksum may be present.
  • the RTP header may specify padding and header extensions. However, header compression may not affect padding and may not operate on RTP header extensions. It may simply carry these bytes as if they were part of the RTP payload.
  • the KEP/HC header may have 8, 10, or 12 bytes, depending on the timestamp encoding. Note that some fields may not align to byte boundaries. There is a separate diagram, below, for each size of compressed header.
  • These compressed headers may achieve no worse than zero overhead for remote communications. Furthermore, in the best case of RTP timestamp encoding, it may reduce the size of the frame by as much as four bytes compared to the original datagram carried on the internal network.
  • the RTP category may use KEP/HC format 0O 2 for the first, unencrypted part of the header.
  • the receiving entity may learn the format of the second part by finding that the identified context is associated with the RTP category, and by examining the timestamp encoding flags.
  • the encrypted part of the compressed header for the TCP category may have the following fields.
  • the hcL field may be a bit flag that indicates whether the length of the frame requires adjustment. A value of zero may mean that the length is correct. A value of one may mean this datagram contains extra bytes, appended to meet the minimum encryption requirement.
  • the hcS field may be a bit flag that indicates whether to swap the bytes in the IP identification field. A value of zero may mean that the field is correct. A value of one may mean the encoder swapped the bytes before encoding.
  • the hclpld field may be a 9-bit field that encodes the IP identification field. It may use an LSB interval encoding with an offset of 128, modified by the he S flag, above.
  • the hcRtpSeq field may be a 5 -bit field that encodes the RTP sequence number. It may use LSB interval encoding with an offset of 8.
  • the hcUdpSum field may be a 16-bit field that carries the UDP checksum field. However, the encoder may adjust the value to exclude the UDP pseudo-header and may include the KP, KEP, and IP headers. This may allow the receiver to validate the entire reconstructed datagram after decryption and header expansion.
  • the hcM field may be a bit that carries the M flag from the RTP header.
  • the hcRtpTS field may be a 13-bit field that encodes the result of dividing the RTP timestamp by the scaling divisor.
  • the hcRtpTsRand field may be a 29-bit field that encodes the RTP timestamp directly. It may use LSB interval encoding with an offset of 134217728.
  • the hcRtpTsDiv field may be a 16-bit field that carries the RTP timestamp scaling divisor.
  • the hcRtpTsRem field may be a 16-bit field that carries the RTP timestamp scaling remainder.
  • An RTP context may begin as a trial context.
  • the entity may monitor the sequence of frames to determine if they are suitable for RTP header compression. If so, it may convert that context to an actual RTP context.
  • header compression may begin in this category. At first, it may use the second form of the RTP compressed header to encode the timestamp field. However, it may also begin monitoring the differences between successive timestamps. It may determine the greatest common divisor ("GCD") of those differences.
  • GCD common divisor
  • an entity finds that the timestamp GCD is greater than one it may divide the next timestamp value by that divisor. This may determine the scaled timestamp value and its remainder. It then may send those three pieces of information in the third form of the RTP compressed header.
  • the RTP context may use the first form of the compressed header.
  • the entity may calculate and encode the scaled timestamp value using the timestamp divisor previously sent to the other entity. However, when the actual timestamp value wraps around its 32-bit field, the entity may calculate a new divisor and remainder. It may send these again in the third form of the compressed header.
  • An entity may also compare successive IP identification fields for the need to swap bytes. This may be the same procedure described for the TCP category.
  • the UDP category may compress KP 5 KEP, IP, and IJDP headers. This category may not be as efficient as the others in that its compressed header may not reduce the overhead to zero. It may not allow options in the IP header but may require a valid UDP checksum.
  • the KEP/HC header in the UDP category may consist of 6 bytes, as shown in the following table. Although not optimal, in remote communications, it may leave the frame 6 bytes larger than the original frame. Still, this is better than the 60 byte increase without compressed headers.
  • the UDP category may use KEP/HC format 0O 2 for the first, unencrypted part of the header.
  • the receiving entity may learn ' the format of the second part by finding that the identified context is associated with the UDP category.
  • the encrypted part of the compressed header for the UDP category may have the following fields.
  • the hcL field may be a bit flag that indicates whether the length of the datagram requires adjustment. A value of zero may mean that the length is correct. A value of one may mean this datagram contains extra bytes, appended to meet the minimum encryption requirement.
  • the hcS field may be a bit flag that indicates whether to swap the bytes in the IP identification field. A value of zero may mean that the field is correct. A value of one may mean the encoder swapped the bytes before encoding.
  • the hclpld field may be a 14-bit field ' that encodes the IP identification field. It may use an LSB interval encoding with an offset of 128, modified by the he S flag, above.
  • the hcUdpSum field may be a 16-bit field that carries the UDP checksum field.
  • the encoder may adjust the value to exclude the UDP pseudo- header and include the KP, KEP, and IP headers. This may allow the receiver to validate the entire reconstructed datagram after decryption and header expansion.
  • a UDP context may begin as a trial RTP context. If this does not meet the requirements for RTP header compression then it may convert to UDP. An entity may compare successive IP iden t ification fields for the need to swap bytes. This may be the same procedure described for the TCP category.
  • the two entities in a KEP session may discover and establish a suitable context. Establishing a shared header compression context, however, may require the entities to signal each other according to the procedures described below.
  • the two entities may each maintain context data within an established context. This data may remain sufficiently equivalent for header compression to operate correctly. However, problems can arise that may cause the context data in the two entities to lose their equivalence. An entity may detect such problems while sending or receiving compressed headers. It may then send a signal to reestablish context data equivalence.
  • One type of problem may occur when an entity cannot properly encode a field into a compressed header. For example, if a substantial amount of time passes between sending frames in a particular context, but during that time several frames are sent in other contexts, it may not be possible to encode the change to the IP identification field. When this occurs, the entity may send the frame without compressing headers. It also may attach a signal to tell the receiving entity to update its context data. That signal may also request a response.
  • Another problem may occur when an incoming frame with compressed headers fails its validation check. Although this could be due to a transmission error, the receiving entity may assume that the failure is due to bad context data. It then may send a signal to the other entity to request an update. In a bidirectional context, it may attach that signal to the next outgoing frame in the context. In a unidirectional context, it may attach the signal to a special keep-alive frame.
  • Either entity may determine that a header compression context is no longer useful.
  • That entity may respond with an agreement to discard the context.
  • signals may be lost, an entity may need to repeat some signals. It may also be capable of recovering context allocations that remain unused for a significant period of time.
  • Signals may travel in the KP header, so the frames carrying signals never have compressed headers.
  • Some signals may communicate context data from one entity to the other. For the most part, an entity may attach such a signal to a frame within the context in question. The receiving entity may extract context data from the frames uncompressed headers.
  • Some signals may not require any association with context data. For example, when discarding a context, the sending entity may have no knowledge of the context data, or even the context category. Moreover, in a unidirectional context, there may be no frames traveling in the necessary direction to which an entity can attach the signal. In these circumstances an entity may use a special keep-alive frame to carry the signal. [0114] Finally, in a special case, an entity may send an INIT_OUT signal in a keep-alive frame whose encrypted contents also carry context data. This signal may initiate a unidirectional context where the signal must travel in the opposite direction from the context's normal frame, so there may be no frames with context data to which to attach the signal.
  • a receiving entity may normally ignore the encrypted content of a keep-alive frame. For an INIT_0UT signal, however, it may carry the necessary data for initiating the context. This data may be a copy of the most recently received set of uncompressed headers within the context. For example, in the RTP category, they may be the KP, KEP, IP, UDP, and RTP headers.
  • both entities may maintain two sets of context data, for outgoing and incoming frames.
  • the outgoing part of the context for one entity may correspond to the incoming part of the context for the other entity.
  • An initiator may monitor both incoming and outgoing frames to find a suitable bidirectional context. Initiation of a bidirectional context uses the following signals.
  • Upon receiving an INIT_IN signal for a bidirectional context either accept or refuse it. If accepting, record incoming context data from the frame.
  • an entity may begin compressing headers.
  • each entity may compress headers in every outgoing frame within the context.
  • the entities may also record outgoing context data from each such frame.
  • the entities may attempt to reconstruct the original frame. If it passes the validity check, they may record incoming context data from the reconstructed frame.
  • an entity may occasionally have reason to doubt the correctness or efficacy of its context data. In these circumstances it may signal the other entity, using a frame with uncompressed headers.
  • Another problem may be a failed validation check on a reconstructed frame.
  • the receiving entity may assume that its context data are incorrect and request an exchange of context data.
  • a context data exchange in a bidirectional context may use the following signals.
  • Table 17 Bidirectional Context Data Exchange [0126] Either entity may determine that a header compression context is no longer useful.
  • the initiator may maintain outgoing context data and the collaborator may maintain incoming context data for this unidirectional communication.
  • An initiator may monitor outgoing frames to discover a suitable unidirectional context.
  • the following signals may initiate an incoming unidirectional context in the collaborator. Initiation of a Collaborator's Incoming Unidirectional Context
  • the initiator may begin compressing headers once it establishes the context. In normal operation, the initiator may compress headers in every outgoing frame within the context. It may also record outgoing context data from each such frame. Upon receiving a frame with compressed headers, the collaborator may attempt to reconstruct the original frame. If it passes the validity check then the collaborator may record incoming context data from the reconstructed frame.
  • either entity may occasionally have reason to doubt the correctness or efficacy of its context data. In these circumstances it may signal the other entity to reestablish their context data.
  • An initiator may do the following to reestablish context data correctness. Initiator Reestablishes Collaborator's Incoming Context Data
  • Table 20 Initiator Reestablishes Collaborator's Incoming Context Data
  • a collaborator may reestablish context correctness with the following Collaborator Reestablishes Its Own Incoming Context Data
  • An initiator may begin the termination operation as follows Initiator Termination of an Outgoing Context
  • Unidirectional contexts from collaborator to initiator may suppose incoming context data for the initiator and outgoing context data for the collaborator.
  • An initiator may monitor incoming frames to discover a suitable unidirectional context. It speculatively may record incoming context data until it determines the status of the context. The following signals may initiate an outgoing unidirectional context in the collaborator. Initiation of a Collaborator's Outgoing Unidirectional Context
  • the collaborator may begin compressing headers once it establishes the context.
  • the collaborator may compress headers in every outgoing frame within the context. It may also record outgoing context data from each such frame.
  • the initiator may attempt to reconstruct the original frame. If it passes the validity check then the initiator may record incoming context data from the reconstructed datagram.
  • either entity may occasionally have reason to doubt the correctness or efficacy of its context data. In these circumstances it may signal the other entity to reestablish their context data.
  • An initiator may do the following to reestablish context data correctness. Initiator Reestablishes Its Own Incoming Context Data
  • Upon receiving a QUERY signal update the initiator's context data.
  • Table 25 Initiator Reestablishes Its Own Incoming Context Data
  • a collaborator may reestablish context correctness with the following. Collaborator Reestablishes Initiator's Incoming Context Data
  • Table 26 Collaborator Reestablishes Initiators Incoming Context Data
  • a collaborator may begin the termination operation as follows. It may also cease sending datagrams with compressed headers. Collaborator Termination of an Outgoing Context
  • Table 28 Collaborator Termination of an Outgoing Context
  • Many types of errors may occur to complicate context management.
  • the link may lose frames with signals, TCP connections and RTP sessions may cease abruptly due to endpoint system problems, and so on. Every entity that performs header compression may be ready to recover the ensuing idle context data.
  • the entity that recovers idle context data may send a DISCARD signal to the other entity. This may allow the other entity to likewise eliminate the context, in case it has not completed its context data recovery.
  • an entity may send a frame involving a context that the other entity no longer has. This may occur if the other entity recovered the context but its DISCARD signal was lost. If an entity receives a frame with compressed headers for a nonexistent context then it may discard that frame. If it receives a signal for a nonexistent context then it may not process the signal, but it may forward the encapsulated frame as normal. In both cases it may also respond with a DISCARD signal for that context, except that it may not respond if it received a DISCARD signal for a missing context.
  • an entity may receive a signal for an existing context with the wrong category, or some other inconsistency. This may be another indication of a context recovered in one entity but persisting in the other due to a lost DISCARD signal. When this occurs, the receiving entity may eliminate the context and send a DISCARD signal for that context.
  • Figures 3-7 depict a method of the present invention of using header compression for decreasing the overall byte size of frames to be transmitted a network.
  • Fig. 3 is a schematic diagram depicting the first step in restructuring the original
  • the header compression method of the present inventions may begin with the original frame 300 of the prior art.
  • the first step may determine that the IP header/TCP header 302 of the original frame 300 may comprise data that does not change for a given service. Therefore, the sending entity may take the first instance of the IP header/TCP header 302 and create a service (context) record mapping.
  • Fig. 4 is a schematic diagram depicting the second step in restructuring the original Ethernet frame of the prior to an Ethernet frame that uses encryption techniques with header compression according to an embodiment of the present invention.
  • the second step may add a CRC-32 402 to the plain text data 400 of the original Ethernet frame.
  • the second step may further encrypt the plaintext data and the CRC-32 404.
  • Suitable encryption algorithms include, by way of non-limiting example, AES, 3DES and IDEA.
  • the second step may not encrypt the IP/TCP with the plaintext data.
  • the first step of Fig. 3 may store the IP/TCP in a service record mapping.
  • the encrypted plaintext data and CRC-32 404 of the second step may comprise 4 bytes.
  • Fig. 5 is a schematic diagram depicting the third step in restructuring the original
  • the KP header 502 may be configured to have header compression enabled. There may be two major changes in the KP header 502 from the header compression unenabled KP header 502 to the header compression enabled KP header 502. One change may allow a receiving entity to distinguish between a KP header 502 and a KEP/HC header. The other change may provide for signals to manage header compression context data.
  • the following diagram shows the modified KP header.
  • the most-significant bit of the first byte in KP portion of the frame may now be the compressed header bit. As shown above, this bit may be zero in a KP header 502. The other fields, may remain unchanged, except as noted below. The bits marked 'x * may be reserved. A transmitter may set them to zero and a receiver may ignore them. [0160]
  • the Version field may be a 7-bit field indicating the version of the protocol header. These are followed by the length, sequence and flag fields.
  • the header compression signal (“kpHcSignal”) field may be a 16-bit header compression signal field. If the kpHcSignal field has a value of zero there may be no header compression signal. The following diagram shows the subfields present when this field is non-zero.
  • bit marked 'x' may be reserved. It may be zero on transmission and may be ignored on reception.
  • the field marked hcCat may be a 3-bit subfield stating the header compression category of the identified context. The following table may describe possible values of hcCat.
  • the field marked hcSig may be a 4-bit subfield containing the signal for the identified context.
  • the following table may describe possible values of hcSig. Note that the terms outgoing and incoming may be from the perspective of the entity receiving the signal.
  • the field marked hcCID may be an 8-bit subfield that identifies the header compression context to which the signal applies. All contexts in a session may have unique identifiers. The context identifier may be in the range [0,255].
  • the third step may combine and remove all unchanging fields in the KP header 502 and the KEP header 504 and add that combination to the service record previously established in the first step of Fig. 3. Unchanging fields from the KP header 502 may comprise the version field, the type field, the flags field. The changing field from the KP header 502 may comprise the sequence field. The sequence field of the KP header 502 may comprise 4 bytes.
  • Unchanging fields from the KEP header 504 may comprise the encVersion field, the flags field, the destination address field, the source address field and the Ethernet type field. With the exception of the sequence field, all KP header 502 fields may be added to the service (context) record. All KEP header 504 fields may be added to the service (context) record.
  • Fig. 6 is a schematic diagram depicting the fourth step in restructuring the original
  • the service (context) record 602 may comprise a new format.
  • the fourth step may register a service record 602 with a cooperating peer such as by way of non-limiting example, Koolspan lock technology. Registering a service record 602 with a lock may comprise sending a service record 602 to a lock that has been recorded in the source port field of the IP/UDP header 600.
  • a service record 602 may be registered with a lock during initialization of the communication across the communications path.
  • a service record 602 may be registered with a lock anytime prior to the termination of the communication across the communications path.
  • the lock may hold the service record 602- containing all removed unchanging fields from the frame of Fig. 5 of the third step.
  • the lock may reassemble future frames that contain a matching source port field in the IPAJDP header 600 by reinserting the appropriate fields into the frame from the service record 602 to reproduce the frame of Fig. 5.
  • Fig. 7 is a schematic diagram depicting the fifth step in restructuring the original
  • the fifth step may begin to transmit the restructured frame comprising the restructured Ethernet frame 700.
  • the restructured frame may contain a KoolSpan Service Record ("KSR") header 702 comprising a sequence field of the KP header discussed above and a service record identifier.
  • KSR header 702 may comprise 6 bytes.
  • the original frame of Fig. 3 may be restructured to comprise only 10 bytes of overhead, 6 bytes from the KSR header and 4 bytes from the encrypted data, while still using encryption techniques.
  • header compression the overhead has been reduced from 60 bytes to 10 bytes.
  • a frame may be transmitted with the entire Ethernet frame within standard IP/UDP encapsulation without fragmentation.
  • Fig. 8 is a schematic diagram depicting Koolspan lock functionality according to an embodiment of the present invention.
  • the restructured frame may be transmitted comprising the restructured Ethernet frame 800 discussed above.
  • the original plaintext data 810 may be reassembled by the lock.
  • the lock may capture the service record identifier from the KSR header 808.
  • the lock may then reference the table of service records 806 comprising service records that were previously registered.
  • the lock may then attempt to match the service record identifier with a registered service record.
  • the lock may capture the parameter list associated with that service record identifier.
  • the parameter list may comprise the previously removed unchanging fields of the KP header and KEP header.
  • Service records represent communicated context data. Such context data is used to reconstitute headers from compressed headers on either side of the communications link.
  • the context field in headers altered according to certain embodiments of the present invention are used to identify communication flows. That is, such context fields are used to distinguish different communication flows so as to allow receivers to identify the correct context data, i.e., service records, to use for that particular information flow.
  • packet means data that includes a header and associated data payload.
  • header does not necessarily require that the header appears first in any particular order.
  • a packet may include a header that is included within or that follows the data payload.
  • Examples of packets include frames, fragments, datagrams, and other data units consistent with the OSI seven-layer model. Note, however, that "packets" as contemplated herein are not required to be conform to the OSI seven-layer model. In particular, although certain embodiments disclosed herein are described in reference to frames, the invention is not limited to Ethernet communication.

Landscapes

  • Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Databases & Information Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention concerne un système et un procédé de communications par réseau crypté. A cet effet, on crée des trames cryptées utilisées pour des communications sécurisées entre pairs coopérants, les trames cryptées ayant les mêmes dimensions que les trames originales non cryptées. Le système et le procédé permettent ainsi des communications sécurisée avec essentiellement les mêmes caractéristiques de transmission que pour les communications non cryptées.
PCT/US2007/006516 2006-03-15 2007-03-15 Système et procédé de cryptographie de réseau WO2007106548A2 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US78227306P 2006-03-15 2006-03-15
US60/782,273 2006-03-15

Publications (2)

Publication Number Publication Date
WO2007106548A2 true WO2007106548A2 (fr) 2007-09-20
WO2007106548A3 WO2007106548A3 (fr) 2009-04-02

Family

ID=38510087

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2007/006516 WO2007106548A2 (fr) 2006-03-15 2007-03-15 Système et procédé de cryptographie de réseau

Country Status (1)

Country Link
WO (1) WO2007106548A2 (fr)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6249582B1 (en) * 1997-12-31 2001-06-19 Transcrypt International, Inc. Apparatus for and method of overhead reduction in a block cipher
US7055039B2 (en) * 2003-04-14 2006-05-30 Sony Corporation Protection of digital content using block cipher crytography

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6249582B1 (en) * 1997-12-31 2001-06-19 Transcrypt International, Inc. Apparatus for and method of overhead reduction in a block cipher
US7055039B2 (en) * 2003-04-14 2006-05-30 Sony Corporation Protection of digital content using block cipher crytography

Also Published As

Publication number Publication date
WO2007106548A3 (fr) 2009-04-02

Similar Documents

Publication Publication Date Title
JP4877979B2 (ja) 複数の局が共有媒体を介して通信するネットワークにおける動作方法
US7215667B1 (en) System and method for communicating IPSec tunnel packets with compressed inner headers
JP4608000B2 (ja) セキュアで帯域効率の良い暗号化同期方法
US20070242703A1 (en) Binding/combining of plural telecommunications functions
US8189586B2 (en) Plural telecommunications functions having sharing transaction(s)
US20160366103A1 (en) Method and apparatus for encoding security status information
WO2010121410A1 (fr) Procédé et appareil de communication pour une compression d'en-tête adoptant un mécanisme à demande de répétition automatique
US7886146B2 (en) Network cryptography system and method
US7426636B1 (en) Compact secure data communication method
Ertekin et al. Internet protocol header compression, robust header compression, and their applicability in the global information grid
Zanaty et al. RTP payload format for flexible forward error correction (FEC)
US20040034826A1 (en) Transport protocol checksum recalculation
CN114826748B (zh) 基于rtp、udp及ip协议的音视频流数据加密方法和装置
WO2007106548A2 (fr) Système et procédé de cryptographie de réseau
WO2012057703A1 (fr) En-tête de protocole en temps réel de taille réduite
JP2007201973A (ja) データ送受信システム、暗号化情報共有方法、データ送信装置、及びデータ受信装置
EP2005641B1 (fr) Liaison/combinaison de fonctions de télécommunication multiples
Zanaty et al. RFC 8627: RTP Payload Format for Flexible Forward Error Correction (FEC)
CN115225331A (zh) 一种数据加密通信的方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07753165

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07753165

Country of ref document: EP

Kind code of ref document: A2