Extending cryptographic-key lifespan in network encryption protocols

Assignee

• AMAZON TECHNOLOGIES, INC. · US

Inventors

• Ron Diamant · Santa Clara, US
• Noa Yehezkel · Kiryat Ono, IL
• Ahmad Erew · Deir al Asad, IL
• Jonathan Cohen · Hod HaSharon, IL
• Michael Baranchik · Netanya, IL

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/0272
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

An apparatus and a corresponding method. The apparatus includes an injection module operable to maintain packet sequence numbers for a group of network devices, receive a first packet and a second packet that is sent from the apparatus after the first packet and destined for a different device in the group than the first packet, and update the packets with different packet sequence numbers. The packet sequence number for the second packet is generated using the packet sequence number for the first packet. The apparatus further includes an encryption module operable to determine an initialization vector for each packet sequence number and apply an encryption algorithm to each packet. Each packet is encrypted using a corresponding initialization vector and an encryption key as inputs to the encryption algorithm.