Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
2005-09-20
2005-09-20
Morse, Gregory (Department: 2134)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S168000
Reexamination Certificate
active
06948074
ABSTRACT:
A method and system for distributed generation of unique random numbers. The unique random number can be used to create digital cookies or digital tokens. A first network device (e.g., a computer) on a computer network receives an x-bit bit mask template from a second network device on the computer network (e.g., a gateway). The first network device generates a first portion of an x-bit digital cookie. The first network device requests a second portion of the x-bit digital cookie from the second network device. The request includes the first portion of the x-bit digital cookie. The first network device generates a complete x-bit digital cookie using the first portion of the x-bit digital cookie generated by the first network device and the second portion of the x-bit digital cookie generated by the second network device. The generated complete x-bit digital cookie is not in use on the computer network because the second network device has selected the second portion of the bit mask so the complete x-bit digital cookie including the first portion generated on the first network device and the second portion generated on the second network device is not use on the computer network. The method and system can be used on a Distributed Network Address Translation (“DNAT”) or a Realm Specific Internet Protocol (“RSIP”) subnet to allow a network device (e.g., a computer) to create a complete x-bit digital cookie with help from a DNAT/RSIP gateway. The complete x-bit digital cookie can be used as a 64-bit anti-clogging cookie for security protocols such as Internet Key Exchange (“IKE”) protocol exchanges used with Internet Protocol security (“IPsec”).
REFERENCES:
patent: 4633037 (1986-12-01), Serpell
patent: 4953198 (1990-08-01), Daly et al.
patent: 5029208 (1991-07-01), Tanaka
patent: 5159592 (1992-10-01), Perkins
patent: 5227778 (1993-07-01), Vacon et al.
patent: 5327365 (1994-07-01), Fujisaki et al.
patent: 5497339 (1996-03-01), Bernard
patent: 5526353 (1996-06-01), Henley et al.
patent: 5526489 (1996-06-01), Nilakantan et al.
patent: 5535276 (1996-07-01), Ganesan
patent: 5550984 (1996-08-01), Gelb
patent: 5604737 (1997-02-01), Iwami et al.
patent: 5606594 (1997-02-01), Register et al.
patent: 5636216 (1997-06-01), Fox et al.
patent: 5654957 (1997-08-01), Koyama
patent: 5708655 (1998-01-01), Toth et al.
patent: 5717756 (1998-02-01), Coleman
patent: 5737333 (1998-04-01), Civanlar et al.
patent: 5737419 (1998-04-01), Ganesan
patent: 5742596 (1998-04-01), Baratz et al.
patent: 5754547 (1998-05-01), Nakazawa
patent: 5793657 (1998-08-01), Nemoto
patent: 5793763 (1998-08-01), Mayes et al.
patent: 5812819 (1998-09-01), Rodwin et al.
patent: 5835723 (1998-11-01), Andrews et al.
patent: 5862331 (1999-01-01), Herriot
patent: 5867495 (1999-02-01), Elliott et al.
patent: 5867660 (1999-02-01), Schmidt et al.
patent: 5872847 (1999-02-01), Boyle et al.
patent: 5889774 (1999-03-01), Mirashrafi et al.
patent: 5892924 (1999-04-01), Lyon et al.
patent: 5915008 (1999-06-01), Dulman
patent: 5933778 (1999-08-01), Buhrmann et al.
patent: 5950195 (1999-09-01), Stockwell et al.
patent: 6011782 (2000-01-01), DeSimone et al.
patent: 6055236 (2000-04-01), Nessett et al.
patent: 6055561 (2000-04-01), Feldman et al.
patent: 6058421 (2000-05-01), Fijolek et al.
patent: 6079021 (2000-06-01), Abadi et al.
patent: 6101189 (2000-08-01), Tsuruoka
patent: 6101543 (2000-08-01), Alden et al.
patent: 6104711 (2000-08-01), Voit
patent: 6115751 (2000-09-01), Tam et al.
patent: 6134591 (2000-10-01), Nickles
patent: 6137791 (2000-10-01), Frid et al.
patent: 6157950 (2000-12-01), Krishnan
patent: 6172986 (2001-01-01), Watanuki et al.
patent: 6185184 (2001-02-01), Mattaway et al.
patent: 6195705 (2001-02-01), Leung
patent: 6212183 (2001-04-01), Wilford
patent: 6212563 (2001-04-01), Beser
patent: 6249820 (2001-06-01), Dobbins et al.
patent: 6266707 (2001-07-01), Boden et al.
patent: 6269099 (2001-07-01), Borella et al.
patent: 6353614 (2002-03-01), Borella et al.
patent: 6353891 (2002-03-01), Borella et al.
patent: WO 01/31888 (2001-05-01), None
Menezes, Alfred J.; Oorschot, Paul C van; Vanstone, Scott A.; Handbook of Applied Cryptography, 1997, CRC Press LLC, pp. 524-525.
Huitema, Christian; IPv6: The New Internet Protocol, 1996, Prentice Hall PTR, pp. 97-122.
Simpson, W. A.; Photuris: Secret Exchange, May 1998.
Karn, P.; Simpson, W.; Photuris: Session-Key Management Protocol, Network Working Group RFC2522.
Harkins, D.; Carrel, D.; “The Internet Key Exchange (IKE)”, Nov. 1998, Network Working Group, RFC: 2409.
Montenegro, G, Borella, M., RSIP Support for End-to-end IPSEC, Oct. 29, 1999, Internet Engineering Task Force, http://www.ietf.org/proceedings/99nov/l-D/draft-ietf-nat-rsip-ipsec-01.txt.
G. Montene, Internet Engineering Task Force, Internet Draft, “Negotiated Address Reuse” (NAR), <draft-montenegro-aatn-nar-00.txt>, May 1998, pp. 1 to 22.
George Tsirtsis, Alan O'Neill, Internet Engineering Task Force, Internet Draft, “NAT Bypass for End 2 End ‘Sensitive’ Applications,” <draft-tsirtsis-nat-bypass-00.txt>, Jan. 1998, pp. 1 to 5.
George Tsirtsis, Pyda Srishuresh, Internet Engineering Task Force, Internet Draft, “Network Address Translation—Protocol Translation” (NAT-PT), <draft-ietf-ngtrans-natpt-04.txt>, Jan. 1999, pp. 1 to 13.
Jeffrey Lo, K. Taniguchi, Internet Engineering Task Force, Internet Draft, “IP Host Network Address (and port) Translation,” <draft-ietf-nat-hnat-00.txt>, Nov. 1998, pp. 1 to 13.
Michael Borella, David Grabelsky, Ikhlaq Sidhu, Brian Petry, Internet Engineering Task Force, Internet Draft, “Distributed Network Address Translation,” <draft-borella-aatn-dnat-01.txt>, Oct. 1998, pp. 1 to 21.
P. Srisuresh, G. Tsirtsis, P. Akkiraju, A. Heffernan, Internet Engineering Task Force, Internet Draft, “DNS Extensions to Network Address Translators”(DNS—ALG), <draft-ietf-nat-dns-alg-01.txt>, Oct. 1998, pp. 1 to 24.
P. Srisuresh, Internet Engineering Task Force, Internet Draft “Security for IP Network Address Translator (NAT) Domains,” <draft-ietf-nat-security-00.txt.>, Nov. 1998, pp. 1 to 11.
P. Srisuresh, K. Eg, Internet Engineering Task Force, Internet Draft, “The IP Network Address Translator” (NAT), <draft-rfced-info-srisuresh-05.txt>, Feb. 1998, pp. 1 to 24.
P. Srisuresh, K. Egev, Internet Engineering Task Force, Internet Draft, “Traditional IP Network Address Translator (Traditional NAT),” <draft-ietf-nat-traditional-01.txt>, Oct. 1998, pp. 1 to 17.
P. Srisuresh, Matt Holdrege, Internet Engineering Task Force, Internet Draft, “IP Network Address Translator (NAT) Terminology and Considerations,” <draft-ietf-nat-terminology-01.txt>, Oct. 1998, pp. 1 to 28.
Praveen Akkiraju, Yakov Rekhter, Internet Engineering Task Force, Internet Draft, “A Multihoming Solution Using NATs” <draft-akkiraju-nat-multihoming-00.txt>, Nov. 1998, pp. 1 to 32.
R. G. Moskowitz, Internet Engineering Task Force, Internet Draft, “Network Address Translation Issues with IPsec,” <draft-moskowitz-net66-vpn-00.txt>, Feb. 6, 1998, p. 1 to 8.
R. Thay, N. Doraswa and R. Gle, Internet Engineering Task Force, Internet Draft “IP Security,” <draft-ietf-ipsec-doc-roadmap-02.txt.>, Nov. 1997, pp. 1 to 12.
T. Hain, Internet Engineering Task Force, Internet Draft, “Architectural Implications of NAT,” <draft-iab-nat-implications-02.txt>, Oct. 1998, pp. 1 to 14.
W.T. Teo, S.W. Yeow, R. Singh, Internet Engineering Task Force, Internet Draft, “IP Relocation Through Twice Network Address Translators,” <draft-ietf-nat-rnat-00.txt>, Feb. 1999, pp. 1 to 20.
W.T. Teo, S.W. Yeow, R. Singh, Internet Engineering Task Force, Internet Draft, “Reverse Twice Network Address Translators” (RAT), <draft-t
Borella Michael S.
Grabelsky David
3Com Corporation
McDonnell Boehnen & Hulbert & Berghoff LLP
Morse Gregory
Tran Ellen
LandOfFree
Method and system for distributed generation of unique... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for distributed generation of unique..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for distributed generation of unique... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3404468