18188909. KEY DISTRIBUTION OVER IP/UDP simplified abstract (Nokia Solutions and Networks Oy)

From WikiPatents
Jump to navigation Jump to search

KEY DISTRIBUTION OVER IP/UDP

Organization Name

Nokia Solutions and Networks Oy

Inventor(s)

Hooman Bidgoli of Ottawa (CA)

KEY DISTRIBUTION OVER IP/UDP - A simplified explanation of the abstract

This abstract first appeared for US patent application 18188909 titled 'KEY DISTRIBUTION OVER IP/UDP

Simplified Explanation

This patent application describes a technique for distributing encryption keys for Layer 2.5/3 transport using MKA (MACsec Key Agreement). The transmitting node generates an MKA packet containing the encryption key, which is used to encrypt packet flows transmitted to a receiving node. The receiving node obtains the encryption key from the MKA packet to decrypt the encrypted transport.

  • Transmitting node generates an MKA packet with encryption key
  • MKA packet includes Layer 2, IP, UDP, IEEE 802.1x headers
  • IEEE 802.1x header contains Security Channel Identification (SCI)
  • SCI uniquely identifies packet flow and encrypting node
  • MKA packet transmitted via Layer 3 transport
  • Receiving node obtains encryption key from MKA packet
  • Encryption key used to encrypt and decrypt Layer 2.5/3 transport

Key Features and Innovation

  • Use of MKA for distributing encryption keys in Layer 2.5/3 transport
  • Inclusion of SCI in IEEE 802.1x header for unique identification
  • Secure transmission of encryption keys for packet flows

Potential Applications

  • Secure communication in network environments
  • Data protection in transit between nodes
  • Enhanced security for Layer 2.5/3 transport protocols

Problems Solved

  • Secure distribution of encryption keys in Layer 2.5/3 transport
  • Unique identification of packet flows and encrypting nodes
  • Protection against unauthorized access to encrypted data

Benefits

  • Improved security for data transmission
  • Efficient encryption key distribution
  • Enhanced network protection against cyber threats

Commercial Applications

Secure communication solutions for enterprises, data centers, and cloud service providers. This technology can be applied in industries where data privacy and security are paramount, such as finance, healthcare, and government sectors.

Questions about the Technology

1. How does the inclusion of SCI in the IEEE 802.1x header enhance security in the encryption key distribution process? 2. What are the advantages of using MKA for distributing encryption keys in Layer 2.5/3 transport?


Original Abstract Submitted

Technique for distributing encryption keys for Layer 2.5/3 transport using MKA (MACsec (Media Access Control Security) Key Agreement). A transmitting (TX) node generates an MKA packet having a Layer 2 header, an IP header, a UDP header, an IEEE 802.1x header, and an MKA payload containing the encryption key for encrypting a packet flow transmitted from the TX node to a receiving (RX) node. The IEEE 802.1x header includes a Security Channel Identification (SCI) that uniquely identifies the packet flow and the encrypting TX node. The TX node transmits the MKA packet to the RX node via a Layer 3 transport. The RX node receives the MKA packet and obtains the encryption key from the MKA packet. The TX node uses the encryption key to encrypt Layer 2.5/3 transport to the RX node, which uses the encryption key to decrypt the encrypted Layer 2.5/3 transport received from the TX node.