The present invention relates to data encryption, and more specifically, the present invention relates to a system and method for encrypting communications between a wireless device and a wireline network server.
In the past, wireless devices have communicated with network servers by transmitting data that traverses a wireless link from a wireless device to a base station, through a gateway, and over a wireline Wide Area Network (WAN) to a network server coupled to the WAN. Client computers on the WAN may then access the data from the network server over the WAN.
Conventionally, a wireless device packetizes the data to be transmitted and then encrypts the data packet before transmitting the data packet over a wireless link. The data packet encryption may be performed by using conventional wireless transmission systems including Cellular Digital Packet Data (CDPD). The CDPD wireless transmission system may employ RC4 (a well-known encryption method from RSA Data Security, Inc. of Redwood City, Calif.).
Encryption of the data packet before the data packet traverses the wireless link reduces the ability of unauthorized third parties to tamper, listen, or interfere with the transmission of the data packet over the wireless link. Indeed, encryption provides improved privacy in such wireless communications by reducing the ability of unauthorized third parties to intercept and read wireless transmissions. In particular, such encryption generally limits the ability of third-parties to intercept and listen to the transmitted data, intercept and modify the transmitted data, or to engage in a practice known in the art as “spoofing,” whereby a third party gains unauthorized access to a network.
The network server also typically encrypts the data from the received data packet before transmitting the data over the WAN to the client computer to reduce the ability of third parties to gain unauthorized access to or to spoof the data. This encryption between the network server and the client computer may include the conventional security protocol SSL (Secure Sockets Layer).
The data is not, however, conventionally encrypted as the data traverses the WAN segment between the gateway and the network server. One reason the data is not typically encrypted between the gateway and the network server is due to the high overhead associated with use of protocols such as Wireless Transport Layer Security (WTLS). Thus, conventionally, data packets traversing the WAN between the gateway and the network server are either not encrypted or use a high-overhead encryption method, which may require considerable bandwidth.
Accordingly, a need exists to provide an efficient system and method for improved privacy, authentication, and encryption of data transmitted from a wireless device to a network server that spans wireless and wireline networks.
A method for transmitting data is provided that includes encrypting a payload, adding a header to the payload to form a data packet, encrypting the payload and the header of the data packet so that the payload is at least twice-encrypted and the header is at least once-encrypted. The packet is then transmitted only after at least twice encrypting the payload.
In one embodiment, a wireless device generates a temporary session key, encrypts the temporary session key using a public key, and transmits the encrypted temporary session key to a wireline device, which receives and decrypts the encrypted temporary session key using a private key associated with the public key. The wireless device then encrypts a payload using the temporary session key, adds a header to form a data packet, and then encrypts the entire data packet using another key. The wireless device then transmits the encrypted data packet over a wireless link to a gateway device that decrypts the data packet to produce a data packet having a decrypted header and a payload encrypted by the temporary session key. The gateway device then forwards the data packet over a wireline network, such as a WAN, to the wireline device, which removes the header and decrypts the encrypted payload using the temporary session key.
Accordingly, the present system and method provide for fast, secure wireless device to wireline device communication. By providing encryption of the payload independent of other protocol layers, standard protocols may be employed to perform typical Internet Protocol functions such as data routing, segmentation, and the like. Moreover, since the encryption of the payload is limited to the payload, the encrypted payload can be used with a wide variety of underlying wireless network protocols. Further, encryption of the payload in accordance with the present system and method does not require significant extra overhead in the payload size, thus optimizing or efficiently using the wireless bandwidth. These and other aspects, features, and capabilities of the present invention will be apparent from a reading of the following detailed description and the accompanying drawings.
In the various drawings of the exemplary embodiments, similar features of the various embodiments typically have the same reference numbers.
In this configuration, the wireless device 102 transmits a data packet over a wireless link 116 to the base station 104. The wireless device 102 may transmit the data packet using any of a variety of conventional protocols, including, for example, CDPD (Cellular Digital Packet Data), GSM (Global System for Mobile Communications), CDMA (Code Division Multiple Access), TDMA (Time Division Multiple Access), iDEN (Integrated Digital Enhanced Network), and the like.
The data packet transmitted may include location information regarding the geographical location of the wireless device 102 and may comprise data derived from information received from the satellites 114 in accordance with conventional Global Positioning System (GPS) techniques. The location information may alternatively comprise location information from techniques other than GPS, such as time difference of arrival (TOA), angle of arrival (AOA), ray tracing/pattern recognition, hybrid methods thereof, and the like.
As discussed in more detail below, the wireless device 102 encrypts a payload in accordance with a first encryption algorithm, using a first key, and adds a header to the payload to form a data packet. The wireless device 102 then encrypts the entire data packet, including the header and the payload, using a second key, in accordance with a second encryption algorithm before transmitting the encrypted data packet over the link 116. Additional details regarding the wireless device 102 are described below with reference to
The base station 104 receives the encrypted data packet from the wireless device 102 over the wireless link 116 and passes the received data packet to the gateway 106 over link 118, which may comprise any of a variety of conventional base station/gateway interface links. The link 118 may, therefore, comprise, for example, an Ethernet link, a frame relay link, or the like. In addition, those skilled in the art will appreciate that the base station 104 and the gateway 106 may alternatively comprise a single device having the functionality of the base station 104 and the gateway 106.
The gateway 106 is disposed between the base station 104 and the WAN 108 and is coupled to the WAN 108 by a link 120, which may comprise a TCP/IP or UDP/IP link, for example. The gateway 106 generally provides protocol conversion for data transmissions between the base station 104 and the WAN 108. The gateway 106 receives the encrypted data packet transmitted from the wireless device 102 via the link 116 and the base station 104. The gateway 106 then performs a first decryption of the header and payload of the data packet and forwards the data packet over the WAN 108 in accordance with the header information. In one embodiment, the gateway 106 may comprise a SPARC computer running the SOLARIS operating system from Sun Microsystems, Inc. of Palo Alto, Calif.
As discussed in more detail below, the data packet forwarded by the gateway 106 includes a payload encrypted by the wireless device 102. Therefore, the payload of the data packet transmitted by the gateway 106 traverses the WAN 108 from the gateway 106 to the server 110 in an encrypted form. Additional details of the gateway 106 are described below with reference to
The server 110 is coupled to the WAN 108 and receives the data packet forwarded by the gateway 106, removes the header, and decrypts the payload of the data packet. The server 110 may also authenticate the received data packet, perform cyclical redundancy checking (CRC), and process the received payload. In one embodiment, the server 110 checks the received payload to determine whether the payload matches at least one entry in a database. If the server 110 identifies at least one match, the server 110 forwards at least a portion of the payload information over the WAN 108 to the client 112, which may comprise one or more client computers. In one embodiment, the server 110 transmits the payload information to the client 112 using a conventional internet security protocol such as SSL (Secure Sockets Layer) or TSL (Transport Layer Security), for example. Additional details regarding the server 110 are discussed below with reference to
The client 112 is coupled to the WAN 108 by conventional means and may access payload information from the server 110. The client 112 may comprise one or more conventional personal computers. The client 112 may include a web browser, such as Internet Explorer® by Microsoft, Inc., to request and receive the payload information from the server 110. Thus, a user (not shown) at the client 112 may obtain information from the wireless device 102 in an efficient and secure manner.
The receiver 208 may comprise a conventional GPS receiver for receiving GPS location information from the satellite 114 (
Those skilled in the art will appreciate that the receiver 208 may be replaced with other types of data sources to permit the wireless device 102 to transmit information other than location information.
The processor 204 may comprise a microprocessor and, in a specific embodiment, the processor 204 may comprise the microprocessor sold under the part number M68000 by Motorola, Inc. of Schaumburg, Ill. The processor 204 is configured to process instructions from the memory 206 and data from the receiver 208 and the wireless transceiver 202.
The memory 206 may comprise a combination of volatile and non-volatile memory. In one embodiment, the memory 206 includes flash memory and RAM. The memory 206 includes a temporary session key 220, a payload encryption engine 222, a packet encryption engine 224, and a public key 226.
The temporary session key 220 may be stored in flash memory and may have a length of twenty-two bytes. The temporary session key 220 may be a symmetric session key that comprises numeric code that is used by the payload encryption engine 222 to encrypt payload information for security purposes. The payload encryption engine 222 uses the temporary session key 222 to encrypt a payload of data packets transmitted by the wireless device 102 during a session.
In one embodiment, the payload encryption engine 222 generates the temporary session key 220 using a random number on power-up. The server 110 (
The payload encryption engine 222 encrypts the temporary session key 220 using the public key 226, which corresponds with a private key of the server 110 (
Encrypting the temporary session key 220 with the public key 226 permits the wireless device 102 to send the temporary session key 220 to the server 110 over the link 116 (
The public key 226 is permanently stored in the memory 206, which eliminates the need to obtain the public key 226. Conventionally, to reliably obtain a public key, a user must interact with a third party, such as a Certificate Authority, to obtain a public key in a certified or reliable manner. In one embodiment, the wireless devices 102 are the only devices transmitting data packets to the server 110 using the public key 226 and, therefore, the public key 226 need only be known by the wireless devices 102. Permanently storing the public key 226 in the memory 206 provides the device 102 with the public key 226 without the delay or inefficiency due to obtaining a public key via a Certificate Authority. One example of a Certificate Authority is Verisign, Inc. of Mountain View, Calif.
The packet encryption engine 224 adds header information to the payload after the payload encryption engine 222 has encrypted the payload with the temporary session key 220 to form a data packet. In one embodiment, the header includes an identifier to indicate that the associated payload is encrypted. The packet encryption engine 224 then encrypts the entire data packet, such as by using conventional CDPD/iDEN protocols. In one embodiment, the packet encryption engine 224 may employ conventional encryption algorithms, such as RC4 or RC5 in encrypting the data packet, and may use another key.
Thus, the encryption engines 222 and 224 effectively encrypt the payload twice. The payload is first encrypted by the payload encryption engine 222 using the temporary session key 220 and is encrypted a second time by the packet encryption engine 224, which encrypts the entire data packet, including the payload, using another key. The header may only be encrypted one time, by the packet encryption engine 224. The operation of the wireless device 102 is described in more detail below with reference to
The memory 304 includes a payload decryption engine 312, a private key 314, a database 316, and a temporary session key 318. The payload decryption engine 312 generally decrypts payloads received from the wireless device 102 using the temporary session key 318 and may pass the decrypted payload to the database 316 for further processing. The private key 314 is a private part of a two-part key comprising the public key 226 (
The database 316 may include a list of all wireless devices, such as the wireless device 102 (
Moreover, the server 110 may request that the wireless device 102 commence a new session upon receipt of a transmission from an unauthorized device. Alternatively, the server 110 may request a new session based on other reasons, such as the expiration of a predetermined time period or the receipt of a predetermined number of packets.
The temporary session key 318 is identical to the temporary session key 222 shown in
The data processor 406 comprises a conventional data processor of the kind typically employed in gateway devices and is configured to process instructions from the wireless network transceiver 402, the WAN interface 404, and the memory 408. The wireless network transceiver 402 comprises a conventional wireless network transceiver and is configured to permit data to be exchanged between the bus 410 and the link 118 with the base station 104 (
The memory 408 includes a packet decryption engine 412 and a packet forwarding engine 414. The packet decryption engine 412 decrypts packets received from the wireless device 102 over the wireless network transceiver 402. In particular, the packet decryption engine 412 receives and decrypts data packets that have been encrypted by the packet encryption engine 224 (
The packet decryption engine 412 does not, however, decrypt the payload using a private session key. Rather, the packet decryption engine 412 decrypts the entire received packet, including header and payload portions, according to conventional packet decryption techniques, and may use a key other than the temporary session keys 220 and 318, to undo the encryption performed by the packet encryption engine 224.
After the decryption engine 412 decrypts the received data packet, the packet forwarding engine 414 forwards the decrypted data packet over the WAN 108. The packet forwarding engine 414 forwards the decrypted data packet in accordance with the data packet forwarding information found in a header of the decrypted data packet and packet forwarding data (not shown), such as a routing table, included in the packet forwarding engine 414 over the WAN interface 404.
With reference to
With reference to
With reference to
With reference to
With reference to
In block 606, the payload encryption engine 222 (
In block 608, the payload encryption engine 222 (
The server 110, in turn, receives the encrypted new temporary session key and inspects the session sequence number to verify that the session sequence number is one increment higher than the session sequence number of the previous session. If the server 110 is unable to verify the session sequence number, the server 110 may disregard the session establishment packet in its entirety. Verifying the session sequence number as described may be helpful in limiting replays and replay attacks by ensuring that the session establishment packet is, indeed, a new session establishment packet and not a replay of a previously-used session establishment packet.
After verifying the session sequence number, the server 110 (
The temporary session keys 220 (
In block 610, the payload encryption engine 222 encrypts a payload with the temporary session key 220 using a conventional encryption algorithm, such as the DESX encryption algorithm. Pursuant to one embodiment, the payload encryption engine 222 also includes a packet sequence number within each payload before encrypting the payload with the temporary session key 220. The packet sequence number may reset to zero at the beginning of each new session and increments for each new payload or data packet during the session.
Next, pursuant to block 612, the packet encryption engine 224 adds a header 504 (
In block 614, the packet encryption engine 224 encrypts the entire packet 506 using an encryption algorithm, such as RC4 or the like, to form the encrypted packet 506′ of
In block 616, the wireless device 102 (
In block 618, the payload encryption engine 222 determines whether to terminate the current session. The payload encryption engine 222 may determine to terminate the current session based on, for example: the expiration of a predetermined time period, the transmission of a predetermined number of data packets, receipt of a predetermined number of errors, receipt of a request for a new session from the server 110.
If the payload encryption engine 222 determines not to terminate the current session at block 618, execution proceeds to block 610, otherwise execution proceeds to block 606.
In block 704, the packet decryption engine 412 (
In block 706, the packet forwarding engine 414 (
In block 708, the server 110 (
Pursuant to one embodiment, the payload decryption engine 312 (
In block 712, the database 316 (
In another embodiment, the server 110 (
The above detailed description and accompanying drawings are provided to illustrate the specific embodiments of the present invention and are not intended to be limiting. Numerous modifications and variations within the scope of the present invention are possible. The present invention is particularly pointed out and distinctly claimed in the following claims.
Number | Name | Date | Kind |
---|---|---|---|
5081678 | Kaufman et al. | Jan 1992 | A |
5351296 | Sullivan | Sep 1994 | A |
5455865 | Perlman | Oct 1995 | A |
5548646 | Aziz et al. | Aug 1996 | A |
5870474 | Wasilewski et al. | Feb 1999 | A |
5970143 | Schneier et al. | Oct 1999 | A |
6035039 | Tisdale et al. | Mar 2000 | A |
6055314 | Spies et al. | Apr 2000 | A |
6330671 | Aziz | Dec 2001 | B1 |
6501767 | Inoue et al. | Dec 2002 | B1 |
6766361 | Venigalla | Jul 2004 | B1 |
6806814 | Iverson et al. | Oct 2004 | B1 |
6970564 | Kubota et al. | Nov 2005 | B1 |
6996722 | Fairman et al. | Feb 2006 | B1 |
7590741 | Sumino et al. | Sep 2009 | B2 |
7720603 | Park et al. | May 2010 | B2 |
20020004898 | Droge | Jan 2002 | A1 |
20020019223 | Lee et al. | Feb 2002 | A1 |
20020186693 | Inoue et al. | Dec 2002 | A1 |
20030076782 | Fortin et al. | Apr 2003 | A1 |
20030126455 | Sako et al. | Jul 2003 | A1 |
20030167394 | Suzuki et al. | Sep 2003 | A1 |
20060168451 | Ishibashi et al. | Jul 2006 | A1 |
20070259655 | Minborg et al. | Nov 2007 | A1 |
Number | Date | Country |
---|---|---|
WO-03060712 | Jul 2003 | WO |
WO-2004114144 | Dec 2004 | WO |
Number | Date | Country | |
---|---|---|---|
20030031320 A1 | Feb 2003 | US |