专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

11. 发明授权

US07962743B2 System and method for protected spoke to spoke communication using an unprotected computer network 有权
标题翻译：使用未受保护的计算机网络的受保护的辐条与辐条通信的系统和方法
公开(公告)号：US07962743B2
公开(公告)日：2011-06-14
申请号：US11419583
申请日：2006-05-22
申请人： Scott Fluhrer
发明人： Scott Fluhrer
IPC分类号： H04L29/06 , G06F15/173 , G06F17/30
CPC分类号： H04L63/0442 , H04L9/0841 , H04L9/0891
摘要： Various embodiments of the disclosed subject matter provide methods and systems for improved efficiency and security in spoke-to-spoke network communication. Embodiments provide systems and methods for registering a spoke with a hub, updating a hub registration table with spoke registration information, sending the updated hub registration table to a plurality of registered spokes, using the updated hub registration table at a sending spoke to encrypt traffic to be sent to another spoke, and using the updated hub registration table at a receiving spoke to decrypt traffic received from another spoke.
摘要翻译：所公开的主题的各种实施例提供了用于提高辐射到辐射网络通信的效率和安全性的方法和系统。实施例提供了用于将轮辐与集线器进行注册的系统和方法，使用分支注册信息来更新集线器注册表，使用发送分组处的更新的集线器注册表将更新的集线器注册表发送到多个注册的轮辐，以将流量加密被发送到另一个辐条，并且在接收到的辐条处使用更新的集线器注册表来解密从另一个辐条接收到的流量。

12. 发明授权

US07418100B2 Enciphering method 有权
标题翻译：加密方法
公开(公告)号：US07418100B2
公开(公告)日：2008-08-26
申请号：US11201626
申请日：2005-08-10
申请人： David A. McGrew , Scott Fluhrer
发明人： David A. McGrew , Scott Fluhrer
IPC分类号： H04K1/06 , H04L9/28
CPC分类号： H04L9/0637 , H04L9/002 , H04L2209/12 , H04L2209/20
摘要： A block cipher mode of operation implements a block cipher with an arbitrary block length and provides output ciphertext that is always the same size as the input plaintext. The mode can provide the best possible security in systems that cannot allow data expansion, such as disk-block encryption and some network protocols. The mode accepts an additional input, which can be used to protect against attacks that manipulate the ciphertext by rearranging the ciphertext blocks. The universal hash function from Galois/Counter Mode of operation for block ciphers may be used in an embodiment for hardware and software efficiency.
摘要翻译：块密码操作模式实现具有任意块长度的块密码，并提供与输入明文总是相同大小的输出密文。该模式可以在不能允许数据扩展的系统中提供最佳的安全性，例如磁盘块加密和一些网络协议。该模式接受一个额外的输入，可以用来防止通过重新排列密文块来处理密文的攻击。用于块密码的Galois / Counter操作模式的通用散列函数可以用于硬件和软件效率的实施例中。

13. 发明申请

US20070248225A1 SYSTEM AND METHOD FOR ENCRYPTED GROUP NETWORK COMMUNICATION WITH POINT-TO-POINT PRIVACY 有权
标题翻译：加密组网络通信与点对点隐私的系统和方法
公开(公告)号：US20070248225A1
公开(公告)日：2007-10-25
申请号：US11379920
申请日：2006-04-24
申请人： Scott Fluhrer
发明人： Scott Fluhrer
IPC分类号： H04L9/30
CPC分类号： H04L9/0833 , H04L63/0428 , H04L63/065
摘要： Various embodiments of the disclosed subject matter provide methods and systems for improved efficiency and security in secure gateway-to-secure gateway network communication. Embodiments provide systems and methods for generating a sender secure gateway private identity, obtaining a receiver secure gateway public identity, generating an encryption key using the sender secure gateway private identity and the receiver secure gateway public identity, encrypting a data packet using the encryption key, and sending the encrypted data packet to a receiver secure gateway. Embodiments also provide systems and methods for generating a receiver secure gateway private identity, obtaining a sender secure gateway public identity, generating a decryption key using the receiver secure gateway private identity and the sender secure gateway public identity, receiving an encrypted data packet from a sender secure gateway, and decrypting the data packet using the decryption key.
摘要翻译：所公开的主题的各种实施例提供了用于提高安全网关到安全网关网络通信中的效率和安全性的方法和系统。实施例提供了用于生成发送方安全网关私有身份的系统和方法，获得接收方安全网关公共标识，使用发送方安全网关私有身份和接收方安全网关公共标识生成加密密钥，使用加密密钥加密数据包，并将加密的数据分组发送到接收机安全网关。实施例还提供用于生成接收机安全网关私有身份的系统和方法，获得发送方安全网关公共标识，使用接收方安全网关私有身份和发送方安全网关公共标识生成解密密钥，从发送方接收加密数据包安全网关，并使用解密密钥解密数据包。

14. 发明申请

US20140044262A1 Low Latency Encryption and Authentication in Optical Transport Networks 审中-公开
标题翻译：光传输网络中的低延迟加密和认证
公开(公告)号：US20140044262A1
公开(公告)日：2014-02-13
申请号：US13570579
申请日：2012-08-09
申请人： Gilberto Loprieno , David McGrew , Fabio Maino , Scott Fluhrer
发明人： Gilberto Loprieno , David McGrew , Fabio Maino , Scott Fluhrer
IPC分类号： H04L9/28
CPC分类号： H04L9/0637 , H04L9/3242 , H04L63/123
摘要： Data to be transmitted across an Optical Transport Network (OTN) is encrypted with a non-malleable encryption algorithm. An authentication code configured to allow authentication of the data with a low latency encryption algorithm is generated. A packet is generated which is configured to be transferred across the OTN and contains the encrypted data and the authentication code. The packet is transmitted across the OTN. Non-malleable encryption, origin authentication, data integrity and anti-replay protection are provided for OTNs over Dense Wavelength Division Multiplexed (DWDM) links. In one example, XTS-AES encryption and GMAC authentication techniques are combined to secure OTN frames.
摘要翻译：要通过光传输网络（OTN）传输的数据用非可延展的加密算法进行加密。生成用于允许用低延迟加密算法认证数据的认证码。生成分组，其被配置为跨越OTN传送并包含加密数据和认证码。数据包通过OTN传输。通过密集波分复用（DWDM）链路为OTN提供不可延展的加密，源认证，数据完整性和反重放保护。在一个示例中，XTS-AES加密和GMAC认证技术被组合以保护OTN帧。

15. 发明申请

US20070127457A1 Method and apparatus to minimize database exchange in OSPF by using a SHA-1 digest value 有权
标题翻译：通过使用SHA-1摘要值来最小化OSPF中的数据库交换的方法和设备
公开(公告)号：US20070127457A1
公开(公告)日：2007-06-07
申请号：US11292534
申请日：2005-12-02
申请人： Sina Mirtorabi , Abhay Roy , Brian Weis , Scott Fluhrer
发明人： Sina Mirtorabi , Abhay Roy , Brian Weis , Scott Fluhrer
IPC分类号： H04L12/56
CPC分类号： H04L45/02
摘要： The present invention provides a method of determining whether database located on a first router is synchronized with the database located on a second router by performing a hash function on the values contained in a link state database to derive a SHA-1 digest value. In an embodiment, the digest value is based on LSA type. The digest value is exchanged initially during a database description packet swap between the first router and second router. If the digest values are the same, the databases are already synchronized. The routers thus skip the database description packet exchange of LSAs in the database and go directly to FULL state, indicating full synchronization between databases on the first and second router and announcing adjacency to each other. If the digest differs, normal database description packet exchange is performed as specified in OSPF.
摘要翻译：本发明提供一种通过对包含在链路状态数据库中的值执行散列函数来确定位于第一路由器上的数据库是否与位于第二路由器上的数据库同步的方法，以导出SHA-1摘要值。在一个实施例中，摘要值基于LSA类型。最初在第一路由器和第二路由器之间的数据库描述包交换期间交换摘要值。如果摘要值相同，则数据库已经同步。因此，路由器跳过数据库中的LSA的数据库描述数据包交换，并直接进入FULL状态，表示第一和第二路由器上的数据库之间的完全同步，并宣布彼此相邻。如果摘要不同，则按照OSPF中的规定执行正常的数据库描述数据包交换。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式