System for signatureless transmission and reception of data packets between computer networks

Assignee

• Sun Microsystems Inc. · US

Inventors

• Ashar Aziz · Kendall, US
• Geoffrey Mulligan · Fremont, US
• Martin Patterson · Menlo Park, US
• Glenn C. Scott · Portola Valley, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2212/00
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A system for automatically encrypting and decrypting data packet sent from a source host to a destination host across a public internetwork. A tunnelling bridge is positioned at each network, and intercepts all packets transmitted to or from its associated network. The tunnelling bridge includes tables indicated pairs of hosts or pairs of networks between which packets should be encrypted. When a packet is transmitted from a first host, the tunnelling bridge of that host's network intercepts the packet, and determines from its header information whether packets from that host that are directed to the specified destination host should be encrypted; or, alternatively, whether packets from the source host's network that are directed to the destination host's network should be encrypted. If so, the packet is encrypted, and transmitted to the destination network along with an encapsulation header indicating source and destination information: either source and destination host addresses, or the broadcast addresses of the source and destination networks (in the latter case, concealing by encryption the hosts' respective addresses). An identifier of the source network's tunnelling bridge …