`
`(12) United States Patent
`(10) Patent No.:
`US 7,490,151 B2
`
`Munger et al.
`(45) Date of Patent:
`Feb. 10, 2009
`
`(54) ESTABLISHMENT OF A SECURE
`COMMUNICATION LINK BASED ON A
`DOMAIN NAME SERVICE (DNS) REQUEST
`
`(75)
`
`Inventors: Edward Colby Munger, Crownsville,
`MD (US); Robert Dunham Short, III,
`Leesburg, VA (US); Victor Larson,
`Fairfax VA (US) Michael Williamson
`3.
`.
`i
`South R1d1ng, VA (US)
`
`’
`
`(73) Assignee: Virnetx Inc., Scotts Valley Drive, CA
`(US)
`
`( * ) Notice:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 818 days.
`
`(21) Appl. N05 10/259’494
`
`(56)
`
`References Cited
`
`U'S' PATENT DOCUMENTS
`4,933,846 A
`6/1990 Humphrey et a1.
`(Continued)
`FOREIGN PATENT DOCUMENTS
`199 24 575
`12/1999
`
`DE
`
`(Continued)
`
`OTHER PUBLICATIONS
`Search Report (dated Aug. 23, 2002), International Application No.
`PcTflJSO 1/ 13260.
`
`(Continued)
`Primary ExamineriKrisna Lim
`(74) Attorney, Agent, or FirmiMcDermott Will & Emery
`
`(22)
`
`Filed:
`
`Sep. 30, 2002
`
`(57)
`
`ABSTRACT
`
`(65)
`
`Prior Publication Data
`US 2003/0037142 A1
`Feb. 205 2003
`
`Related US. Application Data
`
`(60) Division of application No. 09/504,783, filed on Feb.
`15, 2000, now Pat. No. 6,502,135, which is a continu-
`.
`.
`.
`.
`31011;;11333901“ application 171%.1896/342195643, filed on
`Ct’
`’
`’ now at.
`0’
`’
`’
`‘
`(60) Provisional application No. 60/137,704, filed on Jun.
`7, 1999, provisional application No. 60/106,261, filed
`on Oct. 305 1998.
`
`(51)
`
`Int. Cl.
`(2006.01)
`G06F 15/1 73
`(52) US. Cl.
`....................................... 709/225; 709/229
`(58) Field of Classification Search ......... 709/2177225,
`709/229; 713/201
`See application file for complete search history.
`
`A plurality of computer nodes communicate using seemingly
`random Internet Protocol source and destination addresses.
`Data packets matching criteria defined by a moving window
`of valid addresses are accepted for further processing, while
`those that do not meet the criteria are quickly rejected.
`Improvements to the basic design include (1) a load balancer
`that distributes packets across different transmission paths
`according to transmission path quality; (2) a DNS proxy
`server that transparently creates a virtual private network in
`response to a domain name inquiry; (3) a large-to-small link
`bandwidth management feature that prevents denial-of—ser-
`vice attacks at system chokepoints; (4) a trafiic limiter that
`regulates incoming packets by limiting the rate at which a
`transmitter can be synchronized with a receiver; and (5) a
`signaling synchronizer that allows a large number of nodes to
`communicate with a central node by partitioning the commu-
`nication function between tWO separate entities
`
`16 Claims, 35 Drawing Sheets
`
`100
`ORIGINATING
`TERMINAL
`
` IP
`ROUTER
`
`IP
`ROUTER
`
`A 4°
`
`
`
`
`
`29
`
`25
`IP
`ROUTER
`
`IP
`ROUTER
`
`INTERNET
`
`
`o.“ENCRYPTION KEY
`
`
`110
`DESTINATION
`TERMINAL
`
`
`
`1
`
`MICROSOFT 1001
`
`1
`
`MICROSOFT 1001
`
`
`
`US 7,490,151 B2
`
`Page 2
`
`US. PATENT DOCUMENTS
`
`.............. 709/225
`
`....... 370/401
`
`.............. 726/15
`
`6,502,135 B1* 12/2002 Munger et a1.
`6,505,232 B1
`1/2003 Mighdolletal.
`6,510,154 B1
`1/2003 Mayesetal.
`6,549,516 B1
`4/2003 Albert et 31.
`6,557,037 B1
`4/2003 Provino
`6,571,296 B1
`5/2003 Dillon
`6,571,338 131
`5/2003 Shaio etal.
`6,581,166 B1
`6/2003 Hirstetal.
`6,606,708 B1*
`8/2003 DeVine et a1.
`6,618,761 B2
`9/2003 Munger et a1.
`6,671,702 B2
`12/2003 Kruglikov etal.
`6,687,551 B2
`2/2004 Steindl
`6,714,970 B1
`3/2004 Fiveash et a1.
`6,717,949 B1
`4/2004 Boden et 31.
`6,751,738 B2*
`6/2004 Wesingeretal.
`6,760,766 B1
`7/2004 Sahquist
`6,826,616 B2
`11/2004 Larson et a1.
`6,839,759 B2
`1/2005 Larson et 31.
`7,010,604 B1
`3/2006 Munger et a1.
`7,133,930 B2
`11/2006 Munger et 31.
`7,188,180 B2
`3/2007 Larson et a1.
`7,197,563 B2
`3/2007 Sheymov etal.
`2002/0004898 A1
`1/2002 Droge
`2003/0196122 A1* 10/2003 Wesingeretal.
`2005/0055306 A1
`3/2005 Milleret a1.
`2006/0059337 A1*
`3/2006 Poyhonen etal.
`
`............... 713/201
`
`............ 713/201
`
`............ 713/201
`
`........... 713/165
`
`FOREIGN PATENT DOCUMENTS
`
`EP
`EP
`EP
`EP
`EP
`EP
`GB
`GB
`GB
`GB
`W0
`W0
`W0
`W0
`W0
`W0
`W0
`W0
`W0
`W0
`
`0 814 589
`0814 589 A
`0 838 930
`0 838 930 A
`836306 A1
`0858189
`2 317 792
`2317 792 A
`2334181 A
`2334181 A
`9827783 A
`WO 98/27783
`W0 9827783 A
`W0 98 55930
`W0 98 59470
`W0 99 38081
`W0 99 48303
`WO 00/17775
`WO 00/70458
`W00150688
`
`””997
`”/1997
`“998
`“998
`“998
`8/1998
`“998
`“998
`8/1999
`8/1999
`“998
`“998
`“998
`”/1998
`””998
`7/1999
`9/1999
`”000
`“/2000
`7/2001
`
`OTHER PUBLICATIONS
`Donald E. Eastlake, 3rd, “Domain Name System Security Exten-
`sions”, Internet Draft, Apr. 1998, pp. 1-51.
`D. B. Chapman et a1., “Building Internet Firewalls”, Nov. 1995, pp.
`278-375.
`P. Srisuresh eta1., “DNA extensions to Network address Translators
`(DNS,ALG)”, Internet Draft, Jul. 1998, pp. 127.
`James E. Bellaire, “New Statement of RulesiNaming Internet
`Domains”, Internet Newsgroup, Jul. 30, 1995, 1 page.
`D. Clark, “US Calls for Private Domain-Name System”, Computer
`Society, Aug. 1, 1998, pp. 22.25.
`AugustBequai,“BalancingLegal ConcernsOverCrimeandSecurity
`in Cyberspace”, Computer & Security, V01. 17, No. 4, 1998, pp.
`293.298.
`Rich Winkel, “CAQ: Networking With Spooks: The NET & The
`Control Of Information”, Internet Newsgroup, Jun. 21, 1997, 4
`pages,
`Search Report (dated Jun. 18, 2002), International Application No.
`chmsm/igzoo.
`Search Report (dated Jun. 28, 2002), International Application No.
`PCTflJSOl/13261.
`Donald E. Eastlake, “Domain Name System Security Extensions”,
`DNS Security Working Group, Apr. 1998, 51 pages.
`
`1/1991 Warrior
`4,988,990 A
`........................ 380/273
`5,164,986 A * 11/1992 Bright
`5,276,735 A
`1/1994 Boebert et a1.
`5,311,593 A
`5/1994 Carmi
`5,329,521 A
`7/1994 Walsh etal.
`5.341426 A
`8/1994 Barneyetal
`5,367,643 A
`11/1994 Chang 6181
`5559883 A
`9/1996 Williams
`5,561,669 A
`10/1996 Lenneyetal
`5,588,060 A
`12/1996 Aziz _
`5,625,626 A
`4/1997 Umeklta
`5,654,695 A
`8/1997 Olnowich et a1.
`5,682,480 A
`10/1997 Nakagawa
`5689566 A
`11/1997 Nguyen
`5,740,375 A
`4/1998 Dunne etal.
`5,774,660 A
`6/1998 Brendelet a1.
`5,787,172 A
`7/1998 Arnold
`5,790,548 A *
`8/1998 Sistanizadeh et a1.
`5,796,942 A
`8/1998 Esbensen
`5,805,801 A
`9/1998 Hollowayetal
`5,842,040 A
`11/1998 Hughes etal.
`5,845,091 A
`12/1998 Dunne etal
`5,867,650 A
`2/1999 Osterman
`5,870,610 A
`2/1999 Beydaetal
`5,878,231 A
`3/1999 Baehr etal.
`5,892,903 A
`4/1999 Klaus
`5,898,830 A *
`4/1999 Wesingeretal.
`5,905,859 A
`5/1999 Holloway et a1.
`5,918,019 A
`6/1999 Valencia
`5,996,016 A
`11/1999 Thalheimer et a1.
`6,006,259 A
`12/1999 Adelman etal.
`6,006,272 A
`12/1999 Aravamudan et a1.
`6,016,318 A
`1/2000 Tomoike
`6,016,512 A
`1/2000 Huitema
`6,041,342 A
`3/2000 Yamaguchi
`6,052,788 A
`4/2000 Wesinger, Jr. et a1.
`6,055,574 A
`4/2000 Smorodinsky etal.
`6,061,736 A
`5/2000 Rochberger et a1.
`6,079,020 A *
`6/2000 Liu ............................ 713/201
`6,092,200 A
`7/2000 Muniyappa et a1.
`6,101,182 A *
`8/2000 Sistanizadeh et a1.
`6,119,171 A
`9/2000 Alkhatib
`6,119,234 A *
`9/2000 Aziz etal.
`6,147,976 A
`11/2000 Shand et a1.
`6,157,957 A
`12/2000 Berthaud
`6,158,011 A
`12/2000 Chen et a1.
`6,168,409 B1
`1/2001 Fare
`6,175,867 B1
`1/2001 Taghadoss
`6,178,409 B1
`1/2001 Weber etal.
`6,178,505 Bl
`1/2001 50111161113161 31~
`651795102 Bl
`“2001 Weber et 31
`6122342 B1
`4/2001 Sasyan et a1.
`6,226,751 B1
`5/2001 Arrowet a1.
`6,233,618 Bl
`5/2001 51131111011
`6,243,360 B1
`6/2001 Basilico
`6,243,749 Bl
`6/2001 5113121111311 et 31
`6,243,754 Bl
`6/2001 Guerin et a1.
`6,256,671 B1 *
`7/2001 Strentzsch et a1.
`6,263,445 B1
`7/2001 Blumenau
`6,286,047 Bl
`9/2001 Ramanathan et 31~
`6,301,223 Bl
`10/2001 H1351?“ et 31
`6,308,274 B1
`10/2001 Swift
`6,311,207 Bl
`10/2001 Mighdoll et 31
`6,324,161 Bl
`“/2001 Kirch
`6,330,562 B1
`12/2001 Boden etal.
`6,332,158 Bl * 12/2001 Risley et 31~
`6,353,614 B1
`3/2002 Borella etal.
`6,425,003 B1 *
`7/2002 Herzog 6t 31.
`6,430,155 B1
`8/2002 Davie etal.
`6,430,610 B1
`8/2002 Carter
`6,487,598 B1
`11/2002 Valencia
`
`....... 370/352
`
`.................. 713/201
`
`.......... 709/227
`
`~~~~~~~~~~~~~~~~ 709/219
`
`............... 709/223
`
`2
`
`
`
`US 7,490,151 B2
`Page 3
`
`D. B. Chapman et al., “Building Internet Firewalls”, Nov. 1995, pp.
`278-297 and pp. 351-375.
`P. Srisuresh et al., “DNS extensions to Network Address Translators”,
`Jul. 1998, 27 pages.
`Laurie Wells, “Security Icon”, Oct. 19, 1998, 1 page.
`W. Stallings, “Cryptography And Network Security”, 2nd Edition,
`Chapter 13, IP Security, Jun. 8, 1998, pp. 399-440.
`W. Stallings, “New Cryptography and Network Security Book”, Jun.
`8, 1998, 3 pages.
`Search Report (dated Aug. 20, 2002), International Application No.
`PCT/US01/04340.
`Shree Murthy et al., “Congestion-Oriented Shortest Multipath Rout-
`ing”, Proceedings of IEEE Infocom, 1996, pp. 1028-1036.
`Jim Jones et al., “Distributed Denial of Service Attacks: Defenses”,
`Global Integrity Corporation, 2000, pp. 1-14.
`Fasbender, Kesdogan, and Kubitz: “Variable and Scalable Security:
`Protection of Location Information in Mobile IP”, IEEE publication,
`1996, pp. 963-967.
`Laurie Wells (Lancasterbibelmail MSN COM); “Subject: Security
`Icon” Usenet Newsgroup, Oct. 19, 1998, XP002200606.
`Davila J et al, “Implementation of Virtual Private Networks at the
`Transport Layer”, Information Security, Second International Work-
`shop, ISW ’99. Proceedings (Lecture Springer-Verlag Berlin, Ger-
`many,
`[Online] 1999, pp. 85-102, XP002399276, ISBN 3-540-
`66695-B, retrieved from the Internet: URL: http://www.springerlink.
`com/content/4uac0tb0heccma89/fulltext.pdf> (Abstract).
`Alan 0. Frier et al., “The SSL Protocol Version 3.0”, Nov. 18, 1996,
`printed from http://www.netscape.com/eng/ssll3/ draft302.b<t on
`Feb. 4, 2002, 56 pages.
`Davila J et al, “Implementation of Virtual Private Networks at the
`Transport Layer”, Information Security, Second International Work-
`shop, ISW’99. Proceedings (Lecture Springer-Verlag Berlin, Ger-
`
`[Online] 1999, pp. 85-102, XP002399276, ISBN 3-540-
`many,
`66695-B, retrieved from the Internet: URL: http://www. springerlink.
`com/content/4uac0tb0hecoma89/fulltext.pdf>.
`Dolev, Shlomi and Ostrovsky, Rafil, Efficient Anonymous Multicast
`and Reception (Extended Abstract), 16 pages.
`F. Halsall, “Data Communications, Computer Networks and Open
`Systems”, Chapter 4, Protocol Basics, 1996, pp. 198-203.
`Glossary for the Linux FreeS/WAN project, printed from http://
`liberty.freeswan .org/freeswanitrees/freeswan-l .3/
`doc/glo ssary.
`html on Feb. 21, 2002, 25 pages.
`J. Gilmore, “Swan: Securing the Internet against Wiretapping”,
`printed from http ://liberty. freeswan. org/freeswanitrees/freeswan- l .
`3.doc/rationale.html on Feb. 21, 2002, 4 pages.
`Linux FreeS/WAN Index File, printed from http://liberty.freewan.
`org/freeswan trees/freeswan-l.3/doc/ on Feb. 21, 2002, 3 pages.
`Reiter, Michael K. and Rubin, Aviel D. (AT&T LabsiResearch),
`Crowds: Anonymity for Web Transactions, pp. 1-23.
`RFC 2401-Security Architecture for the Internet Protocol (RTP).
`RFC 2543-SIP: Session Initiation Protocol (SIP or SIPS).
`Rubin, Aviel D., Geer, Daniel, and Ranum, Marcus J. (Wiley Com-
`puter Publishing), “Web Security Sourcebook”, pp. 82-94.
`Search Report, IPER (dataed Nov. 13, 2002), International Applica-
`tion No. PCT/USO 1/04340.
`Search Report, IPER (dated Feb. 6, 2002), International Application
`No. PCT/US01/13261.
`Search Report, IPER (dated Jan. 14, 2003), International Application
`No. PCT/US01/13260.
`Shankar, A.U. “A verified sliding window protocol with variable flow
`control”. Proceedings of ACM SIGCOMM conference on Commu-
`nications architectures & protocols. pp. 84-91, ACM Press, NY,NY
`1986.
`
`* cited by examiner
`
`3
`
`
`
`US. Patent
`
`Feb. 10, 2009
`
`Sheet 1 0135
`
`US 7,490,151 B2
`
`100
`
`ORKHNAHNG
`TERMINAL
`
`A 40
`IP PACKET
`
`23
`
`IP
`
`ROUTER
`
`
`
`
`
`107
`
`
`22
`
`
`IP
`
`ROUTER
`
`
`
`
`
`
`
`IP
`
`ROUTER
`
`29
`
`25
`
`INTERNET
`
`ROUTER
`
`IP
`
`
`
`
`
`32
`
`IP
`ROUTER
`
`28
`
`
`
`
`
`
`110
`
`
`
`
`
`
`IP
`ROUTER
`
`IP
`ROUTER
`
`27
`
`IP
`ROUTER
`
`Ip
`ROUTER
`
`26
`
`ROUTER
`
`ENCRYPTION KEY
`
`DESTINATION
`TERMINAL
`
`FIG. 1
`
`4
`
`
`
`US. Patent
`
`Feb. 10, 2009
`
`Sheet 2 0f 35
`
`US 7,490,151 B2
`
`107
`
`131
`
`122
`
`100
`
`TERMINAL
`
`A 140
`
`TARP PACKET
`
`145
`
`’11
`LINK KEY
`
`TARP
`
`ROUTER
`
`129
`
`ROUTER
`
`123 ’11
`LINK KEY
`
`IP
`ROUTER
`TARP
`ROUTER h
`LINK KEY
`
`
`
`
`
`124
`
`128
`
`IP
`ROUTER
`
`TARP
`ROUTER
`
`132
`
`IP
`ROUTER
`
`127
`
`126
`
`TARP
`
`143
`
`RITA
`
`om
`LINK KEY
`
`
`
`
`
`h
`'
`SESSION KEY
`
`FIG. 2
`
`’11
`LINK KEY
`TARP PACKET
`
`
`
`110
`
`TARP
`
`TERMINAL
`
`
`
`5
`
`
`
`US. Patent
`
`Feb. 10, 2009
`
`Sheet 3 0f 35
`
`US 7,490,151 B2
`
`
`
`
`DATA STREAM M
`
`INTERLEAVED
`
`SESSION-KEY—ENCRYPTED
`PAYLOAD DATA@
`
`TARP PACKET WITH
`ENCRYPTED PAYLOADS 142
`
`TARP PACKETS 159
`
`‘-
`
`
`
`
`LINK-KEY-ENCRYPTED
`
`lP PACKETS wz ENCRYPTED
`TARP PACKETS AS
`PAYLOADfiQ
`
`TARP
`ROUTER 1
`
`TARP
`
`
`
`ROUTER 2
`
`TARP
`
`ROUTER 4
`
`
`
`TARP
`
`DESTINATION
`
`6
`
`
`
`U.S. Patent
`
`Feb.10,2009
`
`Sheet40f35
`
`US 7,490,151 B2
`
`
`
`8035x003omEEozm
`
`
`
`mummlom><mém2mo<9><mon_
`
`omoo<mm><s_
`
`<29mo$50.5>228
`
`
`500.29000008502020x0030
`Ola002008023:;
`
`“lg029%0;:
`
`
`$02000300053020
`
`
`...IIIIEIEIE
`
`clog/$52201“...280am£8£8
`
`893550.5omEEozm
`
`
`
`
`
`mfidmzqmémhzmm<o._><n_o._.z_
` Mm>502;WEE:
`
`E;05005has
`
`
`
`%02320855020
`
`
`
`7
`
`
`
`
`
`
`2Bm
`
`0,
`
`IMBEE/E;mgooeofixzjsgU/
`
`v.GE
`
`U.S. Patent
`
`Feb. 10, 2009
`
`Sheet 5 of 35
`
`
`
`o._.m>:.<zmm.:<mzo
`
`wz_mmwoomn_mms.
`
`mzazoo
`
`mOmwmooE
`
`n:m5_.:._>>
`
`fimmzmowzémms
`
`31%:Eéosz
`
`Agog;
`
`ozawmoog
`
`1%$45289ESE:EEO
`
`memmmoog.3It;
`
`92892_EB69
`
`8
`
`
`
`
`
`US. Patent
`
`Feb. 10, 2009
`
`Sheet 6 0f 35
`
`US 7,490,151 B2
`
`BACKGROUND LOOP-DECOY
`GENERATION
`
`SO
`
`AUTHENTICATE TARP PACKET
`
`$2
`
`36
`
`
`
`DUMP DECOY
`
`
`
`
`
`
`OUTER LAYER DECRYPTION OF
`TARP PACKET USING LINK KEY
`
`CHECK FOR DECOY AND
`INCREMENT PERISHABLE DECOY
`COUNTER AS APPROPRIATE
`
`TRANSMIT DECOY?
`
`YES
`
`
`
`
`
`DECREMENT
`TTLTTL>0?
`
`39
`
`
`DETERMINE DESTINATION TARP
`GENERATE NEXT-HOP TARP
`ADDRESS AND STORE LINK KEY
`ADDRESS AND STORE LINK KEY
`
`AND IPADDRESS
`AND IPADDRESS
`
`
`GENERATE NEXT-HOP TARP
`ADDRESS AND STORE LINK KEY
`AND IP ADDRESS
`
`GENERATE IP HEADER
`AND TRANSMIT
`
`FIG. 5
`
`S3
`
`S4
`
`35
`
`S7
`
`38
`
`SI 0
`
`311
`
`9
`
`
`
`US. Patent
`
`Feb. 10, 2009
`
`Sheet 7 Of 35
`
`US 7,490,151 B2
`
`BACKGROUND LOOP-DECOY
`GENERATION
`
`320
`
`GROUP RECEIVED IP PACKETS
`INTO INTERLEAVE WINDOW
`
`821
`
`DETERMINE DESTINATION TARP
`ADDRESS, INITIALIZE TTL, STORE
`IN TARP HEADER
`
`RECORD WINDOW SEQ. NOS. AND
`INTERLEAVE SEQ. NOS IN TARP
`HEADERS
`
`CHOOSE FIRST HOP TARP
`
`OUTER LAYER ENCRYPT
`
`ROUTER, LOOK UP IP ADDRESS
`AND STORE IN CLEAR IP HEADER,
`
`822
`
`323
`
`324
`
`INSTALL CLEAR IP HEADER
`AND TRANSMIT
`
`325
`
`FIG. 6
`
`10
`
`
`
`US. Patent
`
`Feb. 10, 2009
`
`Sheet 8 0f 35
`
`US 7,490,151 B2
`
`S40
`
`AGBCKROUND LOOP-DECOY
`
`GENERATION
`
`S42
`
`AUTHENTICATE TARP PACKET
`RECEIVED
`
`S49
`
`DIVIDE BLOCK INTO PACKETS S43
`
`USING WINDOW SEQUENCE DATA,
`ADD CLEAR IP HEADERS
`
`GENERflflEfigM TARP
`
`350
`
`HAN?§$TZ§EEEER%§Q§§ETS
`
`DECRYPT OUTER LAYER
`
`ENCRYPTION WITH LINK KEY
`844
`
`INCREMENT PERISHABLE
`
`COUNTER IF DECOY
`
`S45
`
`THROW AWAY DECOY 0R KEEP
`IN RESPONSE TO ALGORITHM
`
`S46
`
`CACHE TARP PACKETS UNTIL
`WINDOW IS ASSEMBLED
`
`S47
`
`S48
`
`DEINTERLEAVE PACKETS
`FORMING WINDOW
`
`DECRYPT BLOCK
`
`FIG. 7
`
`11
`
`11
`
`
`
`U.S. Patent
`
`Sheet 9 of 35
`
`US 7,490,151 B2
`
`
`
` $52IiWhas83%;;225m,$555222%m@5553%Q
`
`
`
`._<z_s_mm_.Hzmjo
`
`fl
`
`
`
`
`
`flzo:.<_._._z_zo_mmmmmmzomm
`
`
`
`
`
`mgxo<zo_._.<_._._z_zo_mwwmmmzomw
`
`m.o_u_
`
`12
`
`12
`
`
`
`
`
`U.S. Patent
`
`US 7,490,151 B2
`
`nag
`
`am$58
`
`
`
`szwso
`
`am
`
`mmwasmagma
`
`
`
`Elmwas:ng?
`
`
`
`
`
`
`
` 9mmgNEE_2%.25mOSEENE_EENEEm.,582.5_swaggerM85355_$632.5
`
` $3N§N._2.EggaémaimwasEmzstmHH
`
`
`
`
`Eggs:_SENEE
`
`
`
`5.33:5_gmggaé
`
`2.§.E.§_3%.25
`
`wig5%EH?
`
`
`
`$382.5.§§§§
`
`2335.5.g.§§.§
`
`53.0.35.5:825
`
`33.2.5.$§§§
`
`@335_adage:
`
`SEES.FNEENE
`
`
`
`©3835.3%.25
`
`
`
`ngxé.SENSE
`
`13
`
`m.OE
`
`13
`
`
`
`U.S. Patent
`
`Feb.10,2009
`
`Sheet110f35
`
`US 7,490,151 B2
`
`:o_
`
`«Po?
`
`mFoF
`
`<mw_
`
`11¢;
`
`awkzom
`
`mmm_
`
`mm<p
`
`mmppom
`
`FNOF
`
`NNOF
`
`mNoF
`
`or.OE
`
`Hzmjo
`
`‘
`
`FOOF
`
`14
`
`14
`
`
`
`
`
`U.S. Patent
`
`Feb.10,2009
`
`Sheet120f35
`
`US 7,490,151 B2
`
`mmo<mx
`
`<2:
`
`mg:amemgoiaomsa<8:
`
`EU:a”wage::1:80mg:
`
`323::2:
`
`:nmmmgozfimomg:
`gauge?03:Us:
`
`
`2:
`
`mzéEzmmE
`
`a:so:
`gummmgoiiomm:0:mg:
`
`
`:3?AI.
`
`mzém52$th
`
`$9M:
`
`
`
`mm”wmmmomz>>_._9%
`
`
`
`ma”mmmmomz>>I.53
`
`.5onn:
`
`mmofi:
`
`5:529E@859:n__“5mm2”mmmmogn:womDOm
`R”Sm:
`
`Eo<o._><n_
`
`5x05n:
`
`mum/E:
`
`
`2”3m:
`
` 5:1852”mmmmog&5%2uwmmmaof:momDOm
`
`N3:232;
`
`X:
`
`No:
`
`15
`
`>f8:
`
`F8:
`
`15
`
`
`
`
`
`
`U.S. Patent
`
`Feb
`
`.10,2009
`
`Sheet130f35
`
`US 7,490,151 B2
`
`NSF
`
`:3
`
`EN?
`
`Eam5
`
`BNF83
`
`83
`
`33 53
`
`XVNNF
`
`mum:
`
`zo_._.<o:&<
`
`3am8:
`
`8amE
`
`mum:
`
`zo_._.<o_._nE<
`
`8am8owEE
`
`16
`
`
`
`<Nr.QE
`
`:2
`
`25
`
`83we?
`
`16
`
`
`
`U.S. Patent
`
`Feb.10
`
`9
`
`2009
`
`Sheet140f35
`
`US 7,490,151 B2
`
`
`
`am:20223285
`
`3:25
`
`omE<>mm25
`
`0252_
`
`82%mm25
`
`02$2_
`
`8245mm25
`
`02$2_
`
`wmmmmmggg
`
`om_m<>mm25
`
`oz>m2_
`
`om_m<>mm25
`
`02%2_
`
`om_m<>mm25
`
`02%2_
`
`moo:
`
`
`
`mm?.0E
`
`om_x<>mm25
`
`02$2_
`
`
`
`mm<§om<z.m
`
`$2520:
`
`mag/mg:
`
`mmmmmmog
`
`mmoozj<20¢m2<m
`
`>._m_._.m.2n_28mo
`
`2002,?
`
`
`
`2n_>Io<m202BE
`
`mo
`
`2.52585
`
`macaw—20$.F
`
`
`
`30202202;.N
`
`2n_>mm;
`
`17
`
`17
`
`
`
`U.S. Patent
`
`Feb.10,2009
`
`Sheet150f35
`
`US 7,490,151 B2
`
`3mF
`
`Ezmjo
`
`momF
`
`SQ
`
`<._.zm_._o 82
`
`magma
`
`.5on
`
`2.o_n_
`
`.5on
`
`mmmoommmm>
`
`:2
`
`6.2ozm
`
`EEomo
`
`oz>m825200
`
`
`
`
`
`mmmmogmomDOmn:
`
`
`
`wmmmoo<Hmmom_
`
`
`
`mag,02%
`
`
`
`225803%“:
`
`m3<>02$
`
`2258NEE
`
`mo?
`
`18
`
`Exgz:
`
`omEEozm
`
`232m
`
`82
`
`18
`
`
`
`
`
`
`
`
`
`U.S. Patent
`
`Feb.10,2009
`
`Sheet160f35
`
`US 7,490,151 B2
`
`
`
`AllllnlllllllllvmmN_zomxoz>mmmozmmo._.Hzmaammmomoz>mz_me
`
`
`
`
`
`
`
`A........................YmwN_zom_._oz>m._.zw_n=ommo._.mmozmmmo;oz>mz_me
`
`
`
`
`
`0
`
`39.0
`
`5301!}:
`
`
`
`55n:........--
`
`I‘ll
`Nm_<n_n:V3%22;n:{-7min:Hzmmmao
`m_<n::zmm%ou282%
`0.5%..--IIImmEEmzép
`m2mpzmaammn_m_wmmozmm
`
`
`I-0tall:
`mmEzmz<Emmzmomi
`
`mm>mommF12¢m_
`3%>>m_<n_n__
`5%o5%
`3%A......-
`
`
`I]!
`I'llI
`
`3%.....Y5%
`
`Nm_<n_n__
`
`19
`
`3.0E
`
`19
`
`
`
`U.S. Patent
`
`Feb.10,2009
`
`Sheet170f35
`
`US 7,490,151 B2
`
`”magmaz_c5%mig285%
`Ez5%sz.
`
`
`
` v202$EWZE.EEEWZEz__35mi&E§§Io
`
`_EumamgEolmazo52@253
`32%:am02%E1;*
`"mam:0.238;TE;
`
`£82322?2aE0mgmomm
`$2Eémzmo.
`
`8102$@2952855Ex;@
`
`
`Emzémxv:Emzémzamm
`
`Esmzmo92:5%NEa55.285mmtzmzé
`
`30:5:255%;
`
`mmzemmmmmzmbmmEz
`
`92382.5;32%
`
`
`
`m_‘.GE
`
`$Ezmz§z_c3%min:Pzangomzo
`
`H.E0"$2M:
`E2Eémzmw
`
`52025:8”.025
`
`_at2335
`
`x202$ZMIE
`
`20
`
`20
`
`
`
`U.S. Patent
`
`Feb.10,2009
`
`Sheet180f35
`
`US 7,490,151 B2
`
`
`
`
`
`8.60.5mmmmoo<<02:2z<._52$ka
`
`9.9...
`
`380$3o33o38o
`
`21
`
`21
`
`
`
`US. Patent
`
`Feb. 10, 2009
`
`Sheet 19 0135
`
`US 7,490,151 B2
`
`000
`
`
`
`WI/I/I/I/I/I/I/I/I/I/A
`
`
`
`I INACTIVE
`ACTIVE
`USED
`
`7a
`
`'
`
`WINDOW_S|ZE WW
`
`VIII/l/l/l/l/l/I/I/l/l
`WI/l/l/l/I/I/l/I/I/l/fl
`T/I/[I/I/I/I/I/I/I/I/Ifl
`7/I/I/I/I/I/I/I/I/I/l/(A
`
`W|NDOW_SIZE
`
`
`
`
`
`
`
`
`
`
`l/I/I/I/I/I/I/I/I/I/I/IA
`V/l/I/l/I/I/I/I'l/I'l/I/IA
`VIII/I'll/l/lllllllllld
`
`l/I/I/I/I/I/I/I/I/I/Il/A
`
`
`
`
`FIG. 17
`
`22
`
`22
`
`
`
`U.S. Patent
`
`Feb. 10, 2009
`
`Sheet 20 0f 35
`
`US 7,490,151 B2
`
`III/IIIIIIIIIIIIIIIIIfl
`
`—— V
`
`III/IIII/IIII/III/IIIIA
`
`
`I INACTIVE
`
`
`l/IIIIIIIIIIIIIIIIIIIIA
`I/lI/II/II/II/IIII'IIIII
`'IIIIIIIIIIIIIII/IIII/II
`III/IIIIIIIIIIIIIIIIIII
`
`000
`
`WINDOW_S|ZE
`
`WINDOW_SIZE
`
`FIG. 18
`
`23
`
`23
`
`
`
`US. Patent
`
`Feb. 10, 2009
`
`Sheet 21 0135
`
`US 7,490,151 B2
`
`
`
`VII/llll/I/l/l/l/l/Il'l/A
`
`
`
`I INACTIVE
`% ACTIVE
`USED
`
`7mm
`Vl/I/I/I/I/I/I/I/I/Il/fl
`V/I/I/I/I/I/I/I/I/I/I/IA
`
`WINDOW_SIZE
`
`000
`
`
`
`
`.
`
`
`7/I/I/I/Ill/I/I/I/I/I/IA
`7/]l/I/I/I/I/I/I/I/I/I/A
`
`
`'l/l/l/l/l/l/l/l/l/l/IM
`l/l/l/l/l/l/l/l/l/l/Ifl
`'//////////////////m
`
`
`
`
`WINDOW_SIZE
`
`
`
`
`
`
`7/////////////////////4
`
`000
`
`FIG. 19
`
`24
`
`24
`
`
`
`U.S. Patent
`
`Feb.10,2009
`
`Sheet220f35
`
`US 7,490,151 B2
`
`awhzmzoo
`
`Na
`
`$8
`
`E58
`
`$.5ng
`
`$8
`
`$53
`
`Ffix.
`
`25
`
`:8
`
`om.0_u_
`
`25
`
`
`
`U.S. Patent
`
`Feb. 10, 2009
`
`Sheet 23 0f 35
`
`US 7,490,151 B2
`
`LINK DOWN
`
`V
`
`AD TABLE
`
`IP1
`
`|P3
`
`|P2
`
`|P4
`
`AE TABLE
`
`AF TABLE
`
`BD TABLE
`
`BE TABLE
`
`CD TABLE
`
`CE TABLE
`
`CF TABLE
`
`
`
`
`
`
`
`
`
`2101
`
`2102
`
`2103
`
`2104
`
`2105
`
`2106
`
`2107
`
`2108
`
`2109
`
`
`
`
`
`
`
`
`
`
`2100 /
`
`
`
`26
`
`
`
`US. Patent
`
`Feb. 10, 2009
`
`Sheet 24 0f 35
`
`US 7,490,151 B2
`
`
`
`
`MEASURE
`
`
`
`QUALITY OF
`TRANSMISSION
`PATH X
`
`
`
`MORE
`THAN ONE
`
`
`TRANSMITTER
`
`TURNED
`
`ON?
`
`
`
`2209
`
`SET WEIGHT
`
`TO MIN. VALUE
`
`
`
`
`
`
`PATH X
`
`
`QUALITY <
`
`THRESHOLD?
`
`
`
`
`
`
`
`PATH X
`
`WEIGHT LESS
`THAN STEADY
`STATE
`
`VALUE?
`
`DECREASE
`WEIGHT FOR
`PATH X
`
`INCREASE WEIGHT
`FOR PATH X
`TOWARD STEADY
`
`STATE VALUE
`
`
`ADJUST WEIGHTS
`FOR REMAINING
`
`PATHS SO THAT
`WEIGHTS EQUAL ONE
`
`
`
`27
`
`FIG. 22A
`
`27
`
`
`
`US. Patent
`
`Feb. 10, 2009
`
`Sheet 25 0f 35
`
`US 7,490,151 B2
`
`
`
`TURNS OFF
`
`(EVENT) TRANSMITTER
`FOR PATH x
`
`
`
`
`
`AT LEAST
`DROP ALL PACKETS
`ONE TRANSMlTTER
`UNTILATRANSMITTER
`
`
`
`
`
`TURNED ON?
`
`TURNS ON
`
`2210
`
`2211
`
`2212
`
`2213
`
`2214
`
`SET WEIGHT
`
`TO ZERO
`
`
`
`ADJUST WElGHTS
`FOR REMAINING
`PATHS SO THAT
`
`WEIGHTS EQUAL ONE
`
`FIG. 228
`
`28
`
`
`
`U.S. Patent
`
`Feb.10,2009
`
`Sheet260f35
`
`US 7,490,151 B2
`
`8mm
`
`mm.OE
`
`._._._m_m>>
`
`HszmDB,‘
`
`29.522
`
`Egox2:
`
`Hzmzmxzmfiz
`
`29523
`
`Fx1.5
`
`NxIE;
`
`vxIE;
`
`
`mezmz<EmxTEE55$
`
`8mm
`
`
`mm>_mowm
`
`8mm\EOEmmm
`
`
`
`Ems.m>_momm
`
`._om.
`
`29
`
`29
`
`
`
`
`
`
`
`U.S. Patent
`
`Feb.10,2009
`
`Sheet270f35
`
`US 7,490,151 B2
`
`awhsmzoo
`
`Nova
`
`voww
`
`$51283
`
`vm.OE
`
`30
`
`
`
`U.S. Patent
`
`Feb.10,2009
`
`Sheet280f35
`
`US 7,490,151 B2
`
`Noam
`
`CHE.mOEm
`
`mm.OE
`
`mow—S.
`
`m._._wmm>>ammmme
`
`ammmmzo
`
`0mmmeg
`
`mm;
`
`mmmgomm
`
`31
`
`31
`
`
`
`U.S. Patent
`
`Feb.10,2009
`
`Sheet290f35
`
`US 7,490,151 B2
`
`33Eamomsmmzam
`
`8302510:n__
`
`:8manommz:
`
`E5593
`
`om.0_u_
`
`N08
`
`mummmxMEG
`
`mug
`
`E02:50:
`
`Ema/0mm
`
`32
`
`32
`
`
`
`
`
`US. Patent
`
`Feb. 10, 2009
`
`Sheet 30 0f 35
`
`US 7,490,151 B2
`
`2701
`
`RECEIVE DNS
`REQUEST FOR
`
`TARGET SITE
`
`2702
`
`2704
`
`
`
`
`ACCESS TO
`SECURE SlTE
`REQUESTED?
`
`YES
`
`2703
`
`PASS TH RU
`
`REQUEST TO
`DNS SERVER
`
`2705
`
`
`
`
`
`RETURN
`llHOST UNKNOWN"
`ERROR
`
`USER
`AUTHORIZED TO
`CONNECT?
`
`YES
`
`2706
`
`ESTABLISH
`VPN WITH
`
`TARGET SITE
`
`FIG. 27
`
`33
`
`
`
`U.S. Patent
`
`Feb.10,2009
`
`Sheet310f35
`
`US 7,490,151 B2
`
`._.mo_._
`
`g“$51200
`
`mm.OI
`
`8mm
`
`8%
`
`$850:
`
`mmzbomi$5128
`
`34
`
`34
`
`
`
`
`U.S. Patent
`
`Feb.10,2009
`
`Sheet320f35
`
`US 7,490,151 B2
`
`>>mI9:
`
`momm3mm
`
`8%
`
`>>m£9
`
`8325.&
`
`I‘ll
`
`$8
`
`$53
`
`3%
`
`
`
`EmmSQEOQ.50:
`
`
`
`
`
`NH,ESEOQ.50:
`
`8g3%8%
`
`35
`
`8onx._.n:80.:
`
`$sz8156%
`
`2%~me
`
`Im
`
`8%
`
`8%
`
`35
`
`
`
`
`
`
`
`U.S. Patent
`
`Feb.10,2009
`
`Sheet330f35
`
`US 7,490,151 B2
`
`
`
`mmE2m2<EEamomm
`
`360EEmmzmo
`
`ggdi
`
`2.5%857%BEE
`
`>53
`
`mammmm
`
`Omanoz>m
`
`36
`
`8208mm‘2m5
`
`memes
`
`so”om.GE8%
`
`wkémzmo
`
`zuExo
`
`36
`
`
`
`US. Patent
`
`Feb. 10, 2009
`
`Sheet 34 0f 35
`
`US 7,490,151 B2
`
`0')
`Ov—
`(‘0
`
`3104
`
`3105
`
`HACKER
`
`CUENT#2
`
`
`
`FIG.31
`
`
` 3210
`
`
`TWRXTWRXTWRX
`
`
`
`32083209
`
`
`
`
`3102
`
`37
`
`3100
`
`‘—
`Or-
`0')
`
`3107
`
`37
`
`
`
`U.S. Patent
`
`Feb. 10, 2009
`
`Sheet 35 of 35
`
`US 7,490,151 B2
`
`CLIENT
`
`SERVER
`
`SEND DATA PACKET
`USING CKPT_N
`CKPT_O=CKPT_N
`GENERATE NEW CKPT_N
`START TIMER, SHUT
`TRANSMITTER OFF
`
`IF CKPT_O IN SYNC_ACK
`MATCHES TRANSMITTER'S
`CKPT_O
`UPDATE RECEIVER'S
`CKPT_R
`KILL TIMER, TURN
`TRANSMITTER ON
`
`SEND DATA PACKET
`USING CKPT_N
`CKPT_O=CKPT_N
`GENERATE NEW CKPT_N
`START TIMER, SHUT
`TRANSMITTER OFF
`
`WHEN TIMER EXPIRES
`TRANSMIT SYNC_REQ
`USING TRANSMITTERS
`CKPT_O, START TIMER
`
`IF CKPT_O IN SYNC_ACK
`MATCHES TRANSMITTER'S
`CKPT_O
`UPDATE RECEIVER'S
`CKPT_R
`KILL TIMER, TURN
`TRANSMITTER ON
`
`SYNC_REQ
`
`PASS DATA UP STACK
`CKPT_O=CKPT_N
`GENERATE NEW CKPT_N
`GENERATE NEW CKPT_R
`FOR TRANSMITTER SIDE
`TRANSMIT SYNC_ACK
`CONTAINING CKPT_O
`
`CKPT_O=CKPT_N
`GENERATE NEW CKPT_N
`GENERATE NEW CKPT_R
`FOR TRANSMITTER SIDE
`TRANSMIT SYNC_ACK
`CONTAINING CKPT_O
`
`FIG. 32
`
`38
`
`38
`
`
`
`US 7,490,151 B2
`
`1
`ESTABLISHMENT OF A SECURE
`COMMUNICATION LINK BASED ON A
`
`DOMAIN NAME SERVICE (DNS) REQUEST
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`This application is a divisional application of 09/504,783
`(filed Feb. 15, 2000), now US. Pat. No. 6,502,135, issued
`Dec. 31, 2002, which claims priority from and is a continua-
`tion-in-part of previously filed US. application Ser. No.
`09/429,643 (filed Oct. 29, 1999) now US. Pat. No. 7,010,604.
`The subject matter of the ’643 application, which is bodily
`incorporated herein, derives from provisional U.S. applica-
`tion No. 60/106,261 (filed Oct. 30, 1998) and 60/137,704
`(filed Jun. 7, 1999).
`
`GOVERNMENT CONTRACT RIGHTS
`
`This invention was made with Government support under
`Contract No. 360000-1999-000000-QC-000-000 awarded by
`the Central Intelligence Agency. The Government has certain
`rights in the invention.
`
`BACKGROUND OF THE INVENTION
`
`A tremendous variety of methods have been proposed and
`implemented to provide security and anonymity for commu-
`nications over the Internet. The variety stems, in part, from the
`different needs of different Internet users. A basic heuristic
`
`framework to aid in discussing these different security tech-
`niques is illustrated in FIG. 1. Two terminals, an originating
`terminal 100 and a destination terminal 110 are in communi-
`cation over the Internet. It is desired for the communications
`
`to be secure, that is, immune to eavesdropping. For example,
`terminal 100 may transmit secret information to terminal 110
`over the Internet 107. Also, it may be desired to prevent an
`eavesdropper from discovering that terminal 100 is in com-
`munication with terminal 1 10. For example, ifterminal 1 00 is
`a user and terminal 110 hosts a web site, terminal 100’s user
`may not want anyone in the intervening networks to know
`what web sites he is “visiting.” Anonymity would thus be an
`issue, for example, for companies that want to keep their
`market research interests private and thus would prefer to
`prevent outsiders from knowing which web-sites or other
`Internet resources they are “visiting.” These two security
`issues may be called data security and anonymity, respec-
`tively.
`Data security is usually tackled using some form of data
`encryption. An encryption key 48 is known at both the origi-
`nating and terminating terminals 100 and 110. The keys may
`be private and public at the originating and destination termi-
`nals 100 and 110, respectively or they may be symmetrical
`keys (the same key is used by both parties to encrypt and
`decrypt). Many encryption methods are known and usable in
`this context.
`
`To hide traffic from a local administrator or ISP, a user can
`employ a local proxy server in communicating over an
`encrypted channel with an outside proxy such that the local
`administrator or ISP only sees the encrypted trafiic. Proxy
`servers prevent destination servers from determining the
`identities of the originating clients. This system employs an
`intermediate server interposed between client and destination
`server. The destination server sees only the Internet Protocol
`(IP) address ofthe proxy server and not the originating client.
`The target server only sees the address of the outside proxy.
`This scheme relies on a trusted outside proxy server. Also,
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`2
`
`proxy schemes are vulnerable to traffic analysis methods of
`determining identities of transmitters and receivers. Another
`important limitation of proxy servers is that the server knows
`the identities of both calling and called parties. In many
`instances, an originating terminal, such as terminal A, would
`prefer to keep its identity concealed from the proxy, for
`example, ifthe proxy server is provided by an Internet service
`provider (ISP).
`To defeat traffic analysis, a scheme called Chaum’s mixes
`employs a proxy server that transmits and receives fixed
`length messages, including dummy messages. Multiple origi-
`nating terminals are connected through a mix (a server) to
`multiple target servers. It is difficult to tell which of the
`originating terminals are communicating to which ofthe con-
`nected target servers, and the dummy messages confuse
`eavesdroppers’ efforts to detect communicating pairs by ana-
`lyzing traffic. A drawback is that there is a risk that the mix
`server could be compromised. One way to deal with this risk
`is to spread the trust among multiple mixes. If one mix is
`compromised, the identities of the originating and target ter-
`minals may remain concealed. This strategy requires a num-
`ber of alternative mixes so that the intermediate servers inter-
`
`posed between the originating and target terminals are not
`determinable except by compromising more than one mix.
`The strategy wraps the message with multiple layers of
`encrypted addresses. The first mix in a sequence can decrypt
`only the outer layer of the message to reveal the next desti-
`nation mix in sequence. The second mix can decrypt the
`message to reveal the next mix and so on. The target server
`receives the message and, optionally, a multi-layer encrypted
`payload containing return information to send data back in
`the same fashion. The only way to defeat such a mix scheme
`is to collude among mixes. If the packets are all fixed-length
`and intermixed with dummy packets, there is no way to do
`any kind of traffic analysis.
`Still another anonymity technique, called ‘crowds,’ pro-
`tects the identity of the originating terminal from the inter-
`mediate proxies by providing that originating terminals
`belong to groups ofproxies called crowds. The crowd proxies
`are interposed between originating and target terminals. Each
`proxy through which the message is sent is randomly chosen
`by an up stream proxy. Each intermediate proxy can send the
`message either to another randomly chosen proxy in the
`“crowd” or to the destination. Thus, even crowd members
`cannot determine if a preceding proxy is the originator of the
`message or if it was simply passed from another proxy.
`ZKS (Zero-Knowledge Systems) Anonymous IP Protocol
`allows users to select up to any of five different pseudonyms,
`while desktop software encrypts outgoing traffic and wraps it
`in User Datagram Protocol (UDP) packets. The first server in
`a 2+-hop system gets the UDP packets, strips off one layer of
`encryption to add another, then sends the traffic to the next
`server, which strips off yet another layer of encryption and
`adds a new one. The user is permitted to control the number of
`hops. At the final server, traffic is decrypted with an untrace-
`able IP address. The technique is called onion-routing. This
`method can be defeated using traffic analysis. For a simple
`example, bursts of packets from a user during low-duty peri-
`ods can reveal the identities of sender and receiver.
`
`Firewalls attempt to protect LANs from unauthorized
`access and hostile exploitation or damage to computers con-
`nected to the LAN. Firewalls provide a server through which
`all access to the LAN must pass. Firewalls are centralized
`systems that require administrative overhead to maintain.
`They can be compromised by virtual-machine applications
`(“applets”). They instill a false sense of security that leads to
`security breaches for example by users sending sensitive
`
`39
`
`39
`
`
`
`US 7,490,151 B2
`
`3
`information to servers outside the firewall or encouraging use
`of modems to sidestep the firewall security. Firewalls are not
`useful for distributed systems such as business travelers,
`extranets, small teams, etc.
`
`SUMMARY OF THE INVENTION
`
`A secure mechanism for communicating over the intemet,
`including a protocol referred to as the TunneledAgile Routing
`Protocol (TARP), uses a unique two-layer encryption format
`and special TARP routers. TARP routers are similar in func-
`tion to regular lP routers. Each TARP router has one or more
`IP addresses and uses normal IP protocol to send lP packet
`messages
`(“packets” or “datagrams”). The IP packets
`exchanged between TARP terminals Via TARP routers are
`actually encrypted packets whose true destination address is
`concealed except to TARP routers and servers. The normal or
`“clear” or “outside” lP header attached to TARP IP packets
`contains only the address of a next hop router or destination
`server. That is, instead of indicating a final destination in the
`destination field of the 1P header, the TARP packet’s lP
`header always points to a next-hop in a series of TARP router
`hops, or to the final destination. This means there is no overt
`indication from an intercepted TARP packet of the true des-
`tination of the TARP packet since the destination could
`always be next-hop TARP router as well as the final destina-
`tion.
`
`Each TARP packet’s true destination is concealed behind a
`layer of encryption generated using a link key. The link key is
`the encryption key used for encrypted communication
`between the hops intervening between an originating TARP
`terminal and a destination TARP terminal. Each TARP router
`
`can remove the outer layer of encryption to reveal the desti-
`nation router for each TARP packet. To identify the link key
`needed to decrypt the outer layer of encryption of a TARP
`packet, a receiving TARP or routing terminal may identify the
`transmitting terminal by the sender/receiver IP numbers in the
`cleartext lP header.
`
`Once the outer layer of encryption is removed, the TARP
`router determines the final destination. Each TARP packet
`140 undergoes a minimum number of hops to help foil traffic
`analysis. The hops may be chosen at random or by a fixed
`value. As a result, each TARP packet may make random trips
`among a number of geographically disparate routers before
`reaching its destination. Each trip is highly likely to be dif-
`ferent for each packet composing a given message because
`each trip is independently randomly determined. This feature
`is called agile routing. The fact that different packets take
`different routes provides distinct advantages by making it
`difficult for an interloper to obtain all th