Electrical computers and digital processing systems: multicomput – Computer-to-computer data routing
Reexamination Certificate
1998-05-29
2001-07-24
Burgess, Glenton B. (Department: 2766)
Electrical computers and digital processing systems: multicomput
Computer-to-computer data routing
C709S243000, C713S153000, C713S160000, C713S152000
Reexamination Certificate
active
06266704
ABSTRACT:
BACKGROUND OF THE INVENTION
1.0 Field of the Invention
The present invention relates to the field of moving user real-time data within a communication network and, more particularly, to a system which moves data within a communication network, such as the Internet, without revealing the identity of the initiator of the data, nor the identity of the receiver of the data, nor the content of the data.
2.0 Description of the Prior Art
The present invention is concerned with the right to privacy involved in electronic communication which may be better described by first discussing other forms of more commonly known communications.
For example, letters sent through the Post Office are usually in an envelope marked with the sender's and recipient's addresses. The general public trusts that the Post Office does not peek inside the envelope, because the contents are private. The general public also trusts that the Post Office does not monitor who sends mail to whom, because that information is also considered private.
These two types of sensitive information, the contents of an envelope and its addresses, apply equally well to electronic communication over the Internet. As the Internet becomes an increasing important part of modern day communication and electronic commerce, protecting the privacy of electronic messages also becomes increasingly important. Just like mail, electronic messages travel in envelopes, that is, electronic envelopes. Protecting the privacy of electronic messages requires both safeguarding the contents of their envelopes and hiding the addresses on their envelopes. Although communicating parties usually identify themselves to one another, there is no reason that the use of a public network, such as the Internet, ought to reveal to others who is talking to whom and what they are talking about. The first concern is traffic analysis, the latter is eavesdropping.
By making both eavesdropping and traffic analysis hard, the privacy of communication is protected. However, anonymity need not be completely maintained because two parties communicating with each other may need to identify each other. For example, if a Web surfer wants to buy something using the electronic equivalent of cash, the purchaser may need to be identified to properly establish the debt being incurred; however, the network need not know any of this information.
If an electronic envelope keeps its contents private, and the address on the envelope is also hidden, then any identifying information can only be inside the envelope. So for anonymous communication, we also should remove identifying information from the contents of an envelope. This may be called anonymizing a private envelope.
An anonymous connection is a communications channel for which it is infeasible to determine both endpoints, that is, which principal initiated the communication and whom receives the communication. The principal initiating the connection is the initiator, and the principal to whom the initiator connects is the responder. The present invention implements a mechanism for anonymous connections that operates below the application layer and supports a variety of Internet applications, wherein the application layer is the highest layer within the hierarchy of the protocols being used to perform the data transfer.
The usage of anonymous communication is known and generally referred to by the use of various terms in the art. For example, anonymous “Mixes” were introduced in 1985 as a store and forward mechanism for anonymously moving data through a network. These Mixes are not suitable for bidirectional real-time communication which is of importance to the present invention.
Anonymous remailers, also known in the art, have been used to store and forward mail from a sender to a recipient without revealing the identity of the sender to observers of the network. Different versions of these remailers use Mixes in a highly application specific way which limits their applicability for other uses.
Anonymous bidirectional real-time communication for Integrated Service Digital Network (ISDN) has also been explored, especially as in related phone switching means. Mixes are incorporated into an ISDN phone switch to permit anonymous connections between callers within the same ISDN switch. The usage of these anonymous connection means is dependent upon the characteristics of the ISDN phone switches which, in turn, has inherent limitations which, in turn, limit their usage.
The first mention of near real-time Mixes for the Internet appears in the Pipe-Net techniques also known in the art. Pipe-Net's design provides fixed bandwidth, low-capacity communications channels strongly protected against both active and passive traffic analysis attacks. However, the fixed bandwidth and low-capacity communication limit their usage. Further, to our knowledge this Pipe-Net's design has never been built, fully described, nor formally published.
The anonymizer, known in the art, provides weak protection against traffic analysis of World Wide Web (WEB) communications, by providing a centralized service that removes identifying information from the data stream. So called “Crowds” extends this approach to decentralize the proxy. However, the Anonymizer does not protect against passive attacks at the centralized proxy; whereas Crowds does not protect against global passive attacks. It is desired to provide a general purpose system that allows anonymous connections to move data through a communication network and that does not suffer the drawbacks of the prior art.
OBJECTS OF THE INVENTION
It is a primary object of the present invention to provide a system for electronic communications that protect the identity of the initiator and the intended receiver of the data, as well as the content of the data, from traffic analysis and eavesdropping. The system has variable bandwidth, high capacity, near real-time, bidirectional, and application independent communication characteristics.
It is another object of the present invention to provide a subcomponent for the system that separates anonymity of the connection from anonymity of the data passing over the connection.
It is still another object of the present invention to provide a distributed routing network, comprised of systems of the present invention, that can be configured in many ways to shift trust between network elements, thereby shifting the responsibility for the protection of private information to the cognizant parties. For example, a large company may install a system of the present invention on the firewall separating its protected site from the open Internet and, therefore, take the responsibility to protect its own information. This system, once instituted, would be integrated into the distribution routing network.
Further still, it is an object of the present invention to provide a system that operates below the application layer. The system of the present invention supports many unmodified applications by means of proxies. The system of the present invention includes proxies that may be used for Web browsing, remote login, electronic mail and raw data connections.
SUMMARY OF THE INVENTION
The present invention is directed to a method for establishing and utilizing a virtual circuit for moving data for electronic communication within a communication network that provides application independent, real-time, and bi-directional anonymous connections throughout the communication network that are resistant to both eavesdropping and traffic analysis.
The present invention provides a virtual circuit that is a pathway between two devices, one defined as an initiator and the other defined as a responder, communicating with each other in a packet switching system, such as the Internet. The virtual circuit comprising a plurality of onion routers arranged adjacent to each other and where adjacent onion routers maintain longstanding connections to each other and where each onion router has a protocol to provide communications therebetween.
Each of the onion routers is responsive to an oni
Goldschlag David M.
Reed Michael G.
Syverson Paul F.
Burgess Glenton B.
Edelman Bradley
Karasek John J.
Stockstill Charles J.
The United States of America as represented by the Secretary of
LandOfFree
Onion routing network for securely moving data through... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Onion routing network for securely moving data through..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Onion routing network for securely moving data through... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2441281