Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Packet header designating cryptographically protected data
Reexamination Certificate
2005-11-29
2005-11-29
Song, Hosuk (Department: 2135)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Packet header designating cryptographically protected data
C713S181000, C713S189000
Reexamination Certificate
active
06971006
ABSTRACT:
An architecture and a method for a cryptography acceleration is disclosed that allows significant performance improvements without the use of external memory. Specifically, the chip architecture enables “cell-based” processing of random-length IP packets. The IP packets, which may be of variable and unknown size, are split into fixed-size “cells.” The fixed-sized cells are then processed and reassembled into packets. The cell-based packet processing architecture of the present invention allows the implementation of a processing pipeline that has known processing throughput and timing characteristics, thus making it possible to fetch and process the cells in a predictable time frame. The architecture is scalable and is also independent of the type of cryptography performed. The cells may be fetched ahead of time (pre-fetched) and the pipeline may be staged in such a manner that attached (local) memory is not required to store packet data or control parameters.
REFERENCES:
patent: 5185796 (1993-02-01), Wilson
patent: 5297206 (1994-03-01), Orton
patent: 5691997 (1997-11-01), Lackey, Jr.
patent: 5737334 (1998-04-01), Prince et al.
patent: 5796836 (1998-08-01), Markham
patent: 5870474 (1999-02-01), Wasilewski et al.
patent: 5936967 (1999-08-01), Baldwin et al.
patent: 5943338 (1999-08-01), Duclos et al.
patent: 6111858 (2000-08-01), Greaves et al.
patent: 6134246 (2000-10-01), Cai et al.
patent: 6216167 (2001-04-01), Momirov
patent: 6295604 (2001-09-01), Callum
patent: 6667984 (2003-12-01), Chao et al.
patent: WO 01/80483 (2001-10-01), None
“Applied Cryptography, Second Edition”, Schneider, B., 1996, John Wiley & Sons, New York, XP002184521, cited in the application, p. 442, paragraph 18.7—p. 445.
“SHA: The Secure Hash Algorithm Putting Message Digests to Work”, Stallings, W., Dr. Dobbs Journal, Redwood City, CA, Apr. 1, 1994, p. 32-34, XP000570561.
R. Sedgewick, “Algorithms in C—Third Edition,” 1998, Addison Wesley, pp. 573-608.
“Secure Products VMS115”, VLSI Technology, Inc., Printed in USA, Document Control: VMS115, VI, 0, Jan. 1999, pp. 1-2.
“VMS115 Data Sheet”, VLSI Technology, Inc., a subsidiary of Philips Semiconductors, Revision 2:3, Aug. 10, 1999, pp. 1-64.
“Data Sheet 7751 Encryption Processor”, Network Security Processors, Jun. 1999, pp. 1-84. Senie, D., “NAT Friendly Application Design Guidelines”, Amaranth Networks, Inc., NAT Working Group, Internet-Draft, Sep. 1999, pp. 1-7.
Floyd, Sally, et al., “Random Early Detection Gateways for Congestion Avoidance”, Lawrence Berkeley Laboratory, University of California, IEEE/ACM Transactions on Networking, Aug. 1993, pp. 1-32.
Egevang, K., et al., “The IP Network Address Translator (NAT)”, Network Working Group, May 1994, pp. 1-10.
Pall, G. S., et al., “Microsoft Point-To-Point Encryption (MPPE) Protocol”, Microsoft Corporation, Network Working Group, Internet Draft, Oct. 1999, pp. 1-12.
Deutsch, P., “DEFLATE Compressed Data Format Specification Version 1.3”, Aladdin Enterprises, Network Working Group, May 1996, pp. 1-17.
Kent, S., “IP Authentication Header”, Network Working Group, Nov. 1998, pp. 1-22.
Kent, S., et al., “IP Encapsulating Security Payload (ESP)”, Network Working Group, Nov. 1998, pp. 1-22.
Maughan, D, et al., “Internet Security Association and Key Management Protocol (ISAKMP)”, Network Working Group, Nov. 1998, pp. 1-20.
Harkins, D., et al., “The Internet Key Exchange (IKE)”, Cisco Systems, Network Working Group, Nov. 1998, pp. 1-12.
Srisuresh, P., “Security Model with Tunnel-mode Ipsec for NAT Domains”, Lucent Technologies, Network Working Group, Oct. 1999, pp. 1-11.
Shenker, S., “Specification of Guaranteed Quality of Service”, Network Working Group, Sep. 1997, pp. 1-20.
Srisuresh, P., et al., “IP Network Address Translator (NAT) Terminology and Considerations”, Lucent Technologies, Network Working Group, Aug. 1999, pp. 1-30.
Kent, S., et al., “Security Architecture for the Internet Protocol”, Network Working Group, Nov. 1998, pp. 1-66.
“Compression for Broadband Data Communications”, BlueSteel Networks, Inc., Sep. 8, 1999, pp. 1-9.
“Securing and Accelerating e-Commerce Transactions”, BlueSteel Networks, Inc., Revision 2.0, Oct. 20, 1999, pp. 1-7.
“Securing Broadband Communications”, BlueSteel Networks, Inc., Sep. 8, 1999, pp. 1-10.
Analog Devices: “ADSP2141 SafeNetDPS User's Manual, Revision 6”, Analog Devices Technical Specifications, Mar. 2000, XP002163401, 87 Pages.
C. Madson, R. Glenn: “RFC 2403- The Use of HMAC-MD5-96 within ESP and AH”, IETF Request for Comments, Nov. 1998, XP002163402, Retrieved from Internet on Mar. 20, 2001, http://www.faqs.org/rfcs/frc2403.html, 87 Pages.
S. Kent, R. Atkinson: “RFC 2406-IP Encapsulating Security Payload (ESP)” IETF Request for Comments, Nov. 1998, XP002163400, Retrieved from the Internet on Mar. 20, 2001, http://www.faqs.org/rfcs/frc2406.html, 5 Pages.
Keromytis, et al., “Implementing IPsec”, Global Telecommunications Conference (Globecom), IEEE, Nov. 3, 1997, pp. 1948-1952.
Pierson, et al., “Context-Agile Encryption for High Speed Communication Networks”, Computer Communications Review, Association for Computing Machinery, vol. 29, No. 1, Jan. 1999, pp. 35-49.
Sholander, et al., “The Effect of Algorithm-Agile Encryption on ATM Quality of Service”, Global Telecommunications Conference (Globecom), IEEE, Nov. 3, 1997, pp. 470-474.
Smirni, et al., “Evaluation of Multiprocessor Allocation Policies”, Technical Report, Vanderbilt University, Online, 1993, pp. 1-21.
Tarman, et al., “Algorithm-Agile Encryption in ATM Networks”, IEEE Computer, Sep. 1998, vol. 31, No. 1, pp. 57-64.
Wassal, et al., “A VLSI Architecture for ATM Algorithm-Agile Encryption”, Proceedings Ninth Great Lakes Symposium on VLSI, Mar. 4-6, 1999, pp. 325-328.
Analog Devices: “Analog Devices and IRE Announce First DSP-Based Internet Security System-On-A-Chip”, Analog Devices Press Release, Online, Jan. 19, 1999, pp. 1-3. http://content.analog.com/pressrelease/prdisplay/0,1622,16,00.html.
3Com: “3Com Launces New Era of Network Connectivity”, 3Com Press Release, Jun. 14, 1999, pp. 1-3.
Krishna Suresh
Owen Christopher
Broadcom Corporation
Christie Parker & Hale LLP
Song Hosuk
LandOfFree
Security chip architecture and implementations for... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Security chip architecture and implementations for..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Security chip architecture and implementations for... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3466982