Multiplex communications – Pathfinding or routing – Switching a message which includes an address header
Reexamination Certificate
2005-02-15
2008-12-23
Vo, Nguyen (Department: 2618)
Multiplex communications
Pathfinding or routing
Switching a message which includes an address header
C370S394000
Reexamination Certificate
active
07468981
ABSTRACT:
Nodes in a network include a pseudo-timestamp in messages or packets, derived from local pseudo-time clocks. When a packet is received, a first time is determined representing when the packet was sent and a second time is determined representing when the packet was received. If the difference between the second time and the first time is greater than a predetermined amount, the packet is considered to be stale and is rejected, thereby deterring replay. Because each node maintains its own clock and time, to keep the clocks relatively synchronized, if a time associated with a timestamp of a received packet is later than a certain amount with respect to the time at the receiver, the receiver's clock is set ahead by an amount that expected to synchronize the receiver's and the sender's clocks. However, a receiver never sets its clock back, to deter attacks.
REFERENCES:
patent: 6055236 (2000-04-01), Nessett et al.
patent: 6449291 (2002-09-01), Burns et al.
patent: 6816510 (2004-11-01), Banerjee
patent: 6975652 (2005-12-01), Mannette et al.
patent: 7000031 (2006-02-01), Fischer et al.
patent: 2002/0080779 (2002-06-01), LeBlanc
patent: 2003/0005284 (2003-01-01), Euchner
patent: 2003/0007507 (2003-01-01), Rajwan et al.
patent: 2003/0065917 (2003-04-01), Medvinsky et al.
patent: 2004/0117623 (2004-06-01), Kalogridis et al.
patent: 2004/0264485 (2004-12-01), Okamura
patent: 2005/0083947 (2005-04-01), Vaarala et al.
patent: 2006/0056403 (2006-03-01), Pleasant et al.
patent: 2006/0077902 (2006-04-01), Kannan et al.
Baugher, M. et al., “The Group Domain of Interpretation,” RFC 3547, Dec. 2002, pp. 1-43.
Cisco Systems, “Cisco Hoot and Holler Over IP,” Cisco Release 12.1(5)T, http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121t/121t5/dthoot4t.htm, pp. 1-32.
Fluhrer, S., “Antireplay Windows and Crypto Engines,” Newsgroup posting #3022, cisco.eng.crypto-hw/:3022, http://rtp-news.cisco.com/group/cisco.eng.crypto-hw/articel.tpt/@thread@3022@F@1@D-,D@ALL/@articel@3022.
Hardjono, T. et al., “The Multicast Group Security Architecture,” RFC 3740, Mar. 2004, pp. 1-24.
Housley, R. et al., “Counter With CBS-MAC,” http://csrc.nist.goc/CryptoToolkit/modes/proposedmodes/ccm.pdf, Jun. 2002.
Housley, R., “Using AES Counter Mode With IPsec ESP,” draft-ietf-ipsec-ciph-aes-ctr-05.txt, Jul. 2003, pp. 1-17.
Kent, S. et al., “IP Encapsulating Security Payload (ESP),” RFC 2406, Nov. 1998, pp. 1-22.
Kent, S. et al., “Security Architecture for the Internet Protocol,” RFC 2401, Nov. 1998, pp. 1-66.
Kent, S. et al., “IP Authentication Header,” RFC 2402, Nov. 1998, pp. 1-22.
Madson, C. et al., “The Use of HMAC-SHA-1-96 Within ESP and AH,” RFC 2404, Nov. 1998, pp. 1-7.
Madson, C. et al., “The ESP DES-CBC Cipher Algorithm With Explicit IV,” RFC 2405, Nov. 1998, pp. 1-9.
International Searching Authority, “Notification of Transmittal of the International Search Report and the Written Opinion of the International Searching Authority, or the Declaration,” PCT/US06/04262, dated Aug. 18, 2006, 8 pages.
Claims, PCT/US06/04262, 5 pages.
Claims, PCT/US06/04262, 5 pages, with date of Feb. 6, 2006.
McGrew, D. et al., “The Galois/Counter Mode of Operation (GCM),” http://csrc.nist.gov/CryptoToolkit/modes/proposedmodes/gcm-spec.pdf, Jan. 2004, pp. 1-41.
Viega, J. et al., “The Use of Galois/Counter Mode (GCM) in IPsec ESP,” draft-ietf-ipsec-ciph-aes-gcm-00.txt, Apr. 2004, pp. 1-4.
http://www.iana.org/assignments/ipsec-registry, RCF 2409, last updated Jan. 1, 2004, pp. 1-4.
McGrew David A.
Weis Brian E.
Cisco Technology Inc.
Hickman Palermo & Truong & Becker LLP
Le Nhan T.
Vo Nguyen
LandOfFree
Clock-based replay protection does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Clock-based replay protection, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Clock-based replay protection will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4043011