`
`
`JOINT DECLARATION FOR PATENT APPLICATION
`
`As the below named inventors, wc hereby declare that:
`
`Our residence, post office address and citiznoship an: as stated below next to our names;
`
`as Application Serial Number
`
`and was amended on
`
`(if
`
`We believe we are the original, firs: andjoint inventors ofthe subject matter Which is claimed and for which a patent is
`sought onthe invention entitledwWWW
`
`DOMAIN NAMES the specification of which
`E
`is attached hemno.
`[3
`was filed on
`applicable).
`was filed under the Patent Cooperation Tmty (PCT) and aocordnd Informational Application
`
`No.
`filed
`and amended on
`(if any).
`
`D
`
`W: hereby State that we have reviewed and undamand the contents ofthe abovoldentifled specification, including the
`claims, as amended by any amendment refuted to above.
`
`We hemby acknowledge thc duty to disclcme information which is matetial to patentability in aooordanoc With Titlo 37,
`Code of Federal Regulations, §l.56(a).
`
`Prior Foreign Applicationei)
`We hereby claim foreign priority benefits under Title 35, Unimd States Code. § 1 19 ofany foreign applicafion(s) for
`paid-3t or inventor's certificate listed below and have also identified below any foreign application(s) for patent or inventors
`certificate. having a filing date before that of the applicatim: on which pl'ioxity is claimed:
`
`
`
`Prior United States Provisional Application(s)
`We hereby claim priority benefits under Titlc 35, United States Codc, §l l9(¢)(1) ofany US. provisional application
`listed below:
`
`7 June 1999
`
`300Gtoberl998
`
`We hereby claim the benefit under Title 35, United Sta-”toe Coda, §l20 ofany United States applicafion(s) listed bolow
`and, insofar as the subjoct matter ofeach ofthe claims ofthis application is not disclosed in The prior Unitod States application in
`the manner provided by the first parangph ofTitle 35, United States Code, §l 12, we aclmowledge the duty to disclose mattrial
`information as defined in Title 37, Code of Federal Regulations, §l.56(a) which occm'rcd between the filing date of the prior '
`application and the national or PCT international filing date of this application:
`
`BANNER & Wrroor—‘F, LTD.
`
`Rev 1.1 menace]
`
`Page 1 of 2
`
`Petitioner Apple Inc. — Exhibit 1002, p. 1
`
`Petitioner Apple Inc. - Exhibit 1002, p. 1
`
`
`
`
`
`
`
`
`
`
`
`APP “WSW
`QJMbQF-hsr‘XéNJW'fi-r
`-'
`
`
`
`09mm
`mmooo
`
`
`
`09/429,643
`
`29 October 1999
`
`’
`
`Power of Attorney
`And we hertby appoim, both jointly and severally, as our attorneys with full power of subsfimfion and revoasfion, to
`prosecute this application and to transact all business in the Parent and Trademark Office connected herewith the practitioners at:
`
`(hammer Numbm 22907
`
`(WDC)
`
`Number.
`
`Please addrms all corrapondcncc and telephone communications to the addm and tnlephone number for this Customer
`
`We hereby declare that all 5121:2111an made herein of our own knowledge are true and that all mam: made on
`Marmanon and beliefare believed to be me; and timber that these statements were made with the knowledge that willful
`false statements and the likc so made are punishable by fine or imprisonment, or both, under Section 1001 of Title 18 ofthe
`United States Code and that such willful falsa statements may jeepardize the validity ofthe application or any pawn: imring
`thereon.
`
`Date
`Signature Wigg- , 32.3,,
`V‘m
`Full Name of First Inventor
`First Given Name
`,
`Citizenship
`ia
`Residence Ham Vgggg’'
`P031 Offioc Address
`12026 Lisa Marie C933; Bahia. Vim;nia D033
`
`_
`
`__
`
`1321:.ng
`‘Family Name
`
`fl (1Q; 24 223
`Second Given Name
`
`USA
`
`
`
`Signature
`Full Name of Second Inventor
`
`0
`First Given Name
`Citizenship U§A
`Residence Leesbgg, Vgg‘inia
`Pest Office Address
`3§710 Goosg Creek Lane, Leesburg, Virginia 20175
`
`Short. 111
`Family Name
`
`Date
`WW
`
`Second Given Name
`
`Calm
`Secmd Given Name
`
`Signature
`Full Name ofThird Invmtor
`
`Md
`First Given Name
`Citizenship QSA
`Residence menwillg, Mmland
`Post 01350: Addmss
`l 101 @aca Cog; Crownsvflle. Mallard 21032
`
`Mimggg
`Farmly Name
`
`Date
`
`
` Signamre
`Full Name ofFo
`
`Williamson
`Family Name
`
`‘
`
`Michael
`Second Given Name
`First Given Name
`Citizenship USA
`Scum Bjdg‘gg Vircn'nig
`Residence
`Post Ofiice Adm 26203 @a Circlc, 8011111 Riding. Virginia 20152
`
`Date £233: 22: M E
`
`BANNER & WlTCOFF, LTD.
`
`Rev 1.] 10-09-200}
`
`Page 2 of 2
`
`Petitioner Apple Inc. — Exhibit 1002, p. 2
`
`Petitioner Apple Inc. - Exhibit 1002, p. 2
`
`
`
`JOINT DECLARATION FOR PATENT APPLICATION
`
`As the below named inventors, we hereby declare that:
`
`Our residence, post office address and citizenship are as stated below next to our names;
`
`We believe we are the original, first and joint inventors of the subject matter which is claimed and for which a patent is
`sought on the invention entitled
`A IL
`0 OCO F R S
`CO
`CATI
`SIN
`E
`DOMAIN NAM E; the specification of which
`E
`is attached hereto.
`[3
`was filed on
`applicable).
`was filed under the Patent Cooperation Treaty (PCT) and accorded lntemational Application
`
`No.
`filed
`and amended on
`(if any).
`
`as Application Serial Number
`
`and was amended on
`
`
`
`(if
`
`D
`
`We hereby state that we have revieWed and understand the contents of the above-identified specification, including the
`claims, as amended by any amendment referred to above.
`
`We hereby acknowledge the duty to disclose information which is material to patentability in accordance with Title 37,
`Code ofFederal Regulations, §l.56(a).
`
`Prior Foreign Application(s)
`We hereby claim foreign priority benefits under Title 35, United States Code, §l 19 of any foreign application(s) for
`patent or inventor's certificate listed below and have also identified below any foreign application(s) for patent or inventofs
`certificate having a filing date before that of the application on which priority is claimed:
`
`
`
`Prior United States Provisional Application(s)
`We hereby claim priority benefits under Title 35, United States Code, §1 l9(e)(l ) of any US. provisional application
`listed below.
`
`7 June 1999
`
`’
`
`I
`
`300ctoberl998
`
`60/106,261
`
`60/137,704
`
`Prior United States Application(s)
`We hereby claim the benefit under Title 35, United States Code, § 120 ofany United States application(s) listed below
`and, insofar as the subject matter ofeach ofthe claims ofthis application is not disclosed in the prior United States application in
`the manner provided by the first paragraph ofTitle 35, United States Code, §l 12, we acknowledge the duty to disclose material
`information as defined in Title 37, Code of Federal Regulations, §l.56(a) which occurred between the filing date of the prior
`application and the national or PCT intemational filing date of this application:
`
`ANNER & WITCOFF, LTD.
`
`Rev 1.1 100942001
`
`Page 1 of2
`
`Petitioner Apple Inc. — Exhibit 1002, p. 3
`
`Petitioner Apple Inc. - Exhibit 1002, p. 3
`
`
`
`
`
`
`
`
`Application Serial No.
`
`
`Date of Filing
`Status -— Patented.
`(Day, Month. Year)
`Pending, Abandoned
`
`
`999mm
`99999999
`
`9999999999
`999999999
`
`
`
`
`
`
`
`
`
`Power of Attorney
`And we hereby appoint, both jointly and severally, as our attorneys with full power of substitution and revocation, to
`prosecute this application and to transact all business in the Patent and Trademark Office connected herewith the practitioners at:
`
`Customer Number: 22907
`
`(WDC)
`
`Please address all correspondence and telephone communications to the address and telephone number for this Customer
`
`N umber.
`
`We hereby declare that all statements made herein of our own knowledge are true and that all statements made on
`information and belief are believed to be true; and further that these statements were made with the knowledge that willful
`false statements and the like so made are punishable by fine or imprisonment, or both, under Section 1001 of Title 18 of the
`United States Code and that such willful false statements mayjeopardize the validity of the application or any patent issuing
`thereon.
`
`Signature
`Full Name of First Inventor
`
`Larson
`Family Name
`
`Victor
`First Given Name
`USA
`Citizenship
`Fairfax, Virginia
`Residence
`Post Office Address
`12026 Lisa Marie Court Fairfax Vir 'nia 22033
`
`
`Date
`
`Second Given Name
`
`
`Signature /“
`V
`N Date /7 / 7/é E
`Full Name of Second InventorL
`ort. 111
`Robert
`Dunham
`Family Name
`First Given Name
`Second Given Name
`Citizenship USA Residence Leesburot Vir inia
`
`
`
`Post Office Address 33710 Goose Creek Lane Leesburv. Virninia 2017
`
`Signature
`Full Name of Third Inventor
`
`
`Date
`
`Edmund
`First Given Name
`Citizenship USA
`Crownsville, Maryland
`Residence
`Post Office Address
`1101 O aca Court Crownsville‘ Marvland 21032
`
`Munger
`Farnil y Name
`
`Colby
`Second Given Name
`
`
`
`Signature
`Date
`Full Name of Fourth Inventor
`
`.
`
`Michael
`First Given Name
`Citizenship USA
`South Riding. Virginia
`Residence
`Post Office Address
`26203 Ocala Circle, South Riding, Virginia 20152
`
`Williamson
`Family Name
`
`Second Given Name
`
`
`
`BANNER & WlTCOFF, LTD.
`
`Rev 1.: 1009~200l
`
`Page 2 of 2
`
`Petitioner Apple Inc. — Exhibit 1002, p. 4
`
`Petitioner Apple Inc. - Exhibit 1002, p. 4
`
`
`
`JOINT DECLARATION FOR PATENT APPLICATION
`
`As the below named inventors, we hereby declare that:
`
`Our residence, post office address and citizenship are as stated below next to our names;
`
`We believe we are the original, first and joint inventors ofthe subject matter which is claimed and for which a patent is
`sought on the invention entitled AN AGILE NEng QRK PROTt EQL FOR SEflCOMMUNICATIONS USING SECURE
`
`DOMAIN NAMES the specification of which
`Ki
`is attached hereto.
`[:1
`was filed on
`applicable).
`was filed under the Patent Cooperation Treaty (PCT) and accorded International Application
`
`No.
`filed
`, and amended on
`(if any).
`
`as Application Serial Number
`
`and was amended on
`
`(if
`
`We hereby state that we have reviewed and understand the contents ofthe above—identified specification, including the
`claims, as amended by any amendment referred to above.
`
`We hereby acknowledge the duty to disclose information which is material to patentability in accordance with Title 37,
`Code of Federal Regulations, §l.56(a).
`
`Prior Foreign Application(s)
`We hereby claim foreign priority benefits under Title 35, United States Code, §ll9 ofany foreign application(s) for
`patent or inventor's certificate listed below and have also identified below any foreign application(s) for patent or inventor's
`certificate having a filing date before that ofthe application on which priority is claimed:
`
`(day month year)
`
`Date of Filing
`(day month year)
`
`Date nflssue
`
`Priority Claimed
`Under 35 USC-
`
`Prior United States Provisional Application(s)
`We hereby claim priority benefits under Title 35, United States Code, §l 19(e)(1) of any US. provisional application
`listed below:
`
`
`
`US. Provisional Application No.
`
`
`60/137,704
`
`
`
`
`
`Date of Filing
`(day month year)
`
`Priority Claimed
`Under 35 U.S.C. §119(e)(l)
`
`71““ 1999 “
`
`
`
`
`
`
`Prior United States Application(s)
`We hereby claim the benefit under Title 35, United States Code, § 120 ofany United States application(s) listed below
`and, insofar as the subject matter ofeach ofthe claims ofthis application is not disclosed in the prior United States application in
`the manner provided by the first paragraph ofTitle 35, United States Code, §1 12, we acknowledge the duty to disclose material
`information as defined in Title 37, Code ofFederal Regulations, §l.56(a) which occurred between the filing date of the prior
`application and the national or PCT international filing date of this application:
`
`\NNER & WITCOFF, LTD.
`
`Rev 2.: 1009.200:
`
`Page 1 of 2
`
`Petitioner Apple Inc. — Exhibit 1002, p. 5
`
`Petitioner Apple Inc. - Exhibit 1002, p. 5
`
`
`
`
`
`
`Date of Filing
`Status -—- Patented,
`Application Serial No.
`(Day, Month, Year)
`Pending, Abandoned
`
`
`09l558,210
`25 April 2000
`Pending
`09/5 04,783
`13 February 2000
`Patented
`09/429,643
`29 October 1999
`
`
`Pending
`
`
`
`
`
`
`Power of Attorney
`And we hereby appoint, both jointly and severally, as our attorneys with full power of substitution and revocation, to
`prosecute this application and to transact all business in the Patent and Trademark Office connected herewith the practitioners at:
`
`Customer Number: 22907
`
`(WDC)
`
`Number.
`
`Please address all correspondence and telephone connnmrieations to the address and telephone number for this Customer
`
`We hereby declare that all statements made herein ofour own knowledge are true and that all statements made on
`information and beliefare believed to be true; and further that these statements were made with the knowledge that willful
`false statements and the like so made are punishable by fine or imprisonment, or both, under Section 1001 of Title 18 of the
`United States Code and that such willfirl false statements mayjeopardize the validity of the application or any patent issuing
`thereon.
`
`Signature
`Full Name of First Inventor
`
`Victor
`First Given Name
`Citizenship
`Fairfax: Viw’g'a
`Residence
`Post Office Address
`12026 Lisa Marie Court, Fairfg, Virginia 22033
`
`Larson
`Family Name
`
`Date
`
`Second Given Name
`
`USA
`
`
`Signature
`Full Name of Second Inventor
`Shog, Ill
`Farnily Name
`
`Robert
`First Given Name
`Citizenship USfi
`Leesburg, Virginia
`Residence
`Post Office Address
`38710 Goose Creek Lane, I§§burg, Virginia 20175
`
`Date
`
`Dunham
`Second Given Name
`
`Signature
`
`Full Name of Third Inventor
`
`Second Given Name
`First Given Name
`Citizenship USAW
`Crownsville, Magdand
`Residence
`Post Office Address
`1 101 Opaca Court, Crownsville, Maryland 21032
`
`Family Name
`
` Signature
`Full Name ofFourth Inventor
`Williamson
`Family Name
`
`Michael
`Second Given Name
`First Given Name
`Citizenship USAW
`South Riding, Virginia
`Residence
`Post Office Address
`26203 Qcala Circle, South Riding, Virginia 20152
`
`Date
`
`3ANNER & WlTCOFF, LTD.
`
`,
`
`Rev l.l
`
`l0—09—200l
`
`Page 2 of2
`
`Petitioner Apple Inc. — Exhibit 1002, p. 6
`
`Petitioner Apple Inc. - Exhibit 1002, p. 6
`
`
`
`Attorney Docket No.: 077580—0177
`
`U.S. PATENT APPLICATION FOR
`
`AGILE NETWORK PROTOCOL FOR SECURE COMMUNICATIONS USING
`
`SECURE DOMAIN NAMES
`
`Inventors:
`
`Victor LARSON, a citizen of the United States, residing at
`12026 Lisa Marie Court, Fairfax, Virginia 22033
`
`Robert Dunham SHORT, III, a citizen of the United States, residing at
`38710 Goose Creek Lane, Leesburg, Virginia 20175
`
`Edmund Colby MUNGER, a citizen of the United States, residing at
`1101 Opaca Court, CrownsVille, Maryland 21032
`
`Michael WILLIAMSON, a citizen of the United States, residing at
`26203 Ocala Circle, South Riding, Virginia 20152
`
`Assignee:
`
`VIRNETX, INC.
`PO. Box 439
`
`Zephyr Cove, Nevada 89448
`
`Entity:
`
`Large
`
`McDERMOTT WILL & EMERY LLP
`
`28 State Street
`
`Boston, MA 02109—1775
`617.535.4000
`
`DMiUS 38877810—10775800177
`
`Petitioner Apple Inc. — Exhibit 1002, p. 7
`
`Petitioner Apple Inc. - Exhibit 1002, p. 7
`
`
`
`Attorney Docket No. 077580-0177
`
`AGILE NETWORK PROTOCOL FOR SECURE COMMUNICATIONS USING
`
`SECURE DOMAIN NAMES
`
`CROSS-REFERENCE TO RELATED APPLICATIONS
`
`[0001]
`
`This application claims priority from and is a continuation of a co—pending
`
`US Application No. 13/049,552, filed March 16, 2011, which is a continuation of US
`
`Application No. 11/840,560, filed August 17, 2007, now US Patent No. 7,921,211, issued April
`
`5, 2011, which is a continuation of US Application No. 10/714,849, filed November 18, 2003,
`
`now US Patent No. 7,418,504,
`
`issued August 26, 2008, which is a continuation of US
`
`Application No. 09/558,210, filed April 26, 2000, now abandoned, which is a continuation—in—
`
`part of US Application No. 09/504,783, filed on February 15, 2000, now US Patent No.
`
`6,502,135, issued December 31, 2002, which claims priority from and is a continuation—in—part
`
`patent application of previously—filed US Application No. 09/429,643, filed on October 29,
`
`1999, now US Patent No. 7,010,604,
`
`issued March 07, 2006, all of which are hereby
`
`incorporated by reference in their entirety for all purposes. The subject matter of US application
`
`serial number 09/429,643 derives from provisional US Application Nos. 60/106,261 (filed
`
`October 30, 1998) and 60/ 137,704 (filed June 7, 1999), all of which are hereby incorporated by
`
`reference in their entirety for all purposes. The present application is also related to US
`
`application serial number 09/558,209, filed April 26, 2000, now abandoned, which is hereby
`
`incorporated by reference in its entirety for all purposes.
`
`BACKGROUND OF THE INVENTION
`
`[0002]
`
`A tremendous variety of methods have been proposed and implemented to
`
`provide security and anonymity for communications over the Internet. The variety stems, in part,
`
`from the different needs of different Internet users. A basic heuristic framework to aid in
`
`discussing these different security techniques is illustrated in FIG.
`
`1. Two terminals, an
`
`originating terminal 100 and a destination terminal 110 are in communication over the Internet.
`
`It
`
`is desired for the communications to be secure,
`
`that is,
`
`immune to eavesdropping. For
`
`example, terminal 100 may transmit secret information to terminal 110 over the Internet 107.
`
`Also, it may be desired to prevent an eavesdropper from discovering that terminal 100 is in
`
`communication with terminal 110. For example, if terminal 100 is a user and terminal 110 hosts
`
`a web site, terminal 100’s user may not want anyone in the intervening networks to know what
`
`DMiUS 38873985—1 077580.0116
`
`Petitioner Apple Inc. — Exhibit 1002, p. 8
`
`Petitioner Apple Inc. - Exhibit 1002, p. 8
`
`
`
`Attorney Docket No. 077580-0177
`
`web sites he is “visiting.” Anonymity would thus be an issue, for example, for companies that
`
`want to keep their market research interests private and thus would prefer to prevent outsiders
`
`from knowing which websites or other Internet resources they are “visiting.” These two security
`
`issues may be called data security and anonymity, respectively.
`
`[0003]
`
`Data security is usually tackled using some form of data encryption. An
`
`encryption key 48 is known at both the originating and terminating terminals 100 and 110. The
`
`keys may be private and public at
`
`the originating and destination terminals 100 and 110,
`
`respectively or they may be symmetrical keys (the same key is used by both parties to encrypt
`
`and decrypt). Many encryption methods are known and usable in this context.
`
`[0004]
`
`To hide traffic from a local administrator or ISP, a user can employ a local
`
`proxy server in communicating over an encrypted channel with an outside proxy such that the
`
`local administrator or ISP only sees the encrypted traffic. Proxy servers prevent destination
`
`servers from determining the identities of the originating clients. This system employs an
`
`intermediate server interposed between client and destination server. The destination server sees
`
`only the Internet Protocol (IP) address of the proxy server and not the originating client. The
`
`target server only sees the address of the outside proxy. This scheme relies on a trusted outside
`
`proxy server. Also, proxy schemes are vulnerable to traffic analysis methods of determining
`
`identities of transmitters and receivers. Another important limitation of proxy servers is that the
`
`server knows the identities of both calling and called parties. In many instances, an originating
`
`terminal, such as terminal A, would prefer to keep its identity concealed from the proxy, for
`
`example, if the proxy server is provided by an Internet service provider (ISP).
`
`[0005]
`
`To defeat traffic analysis, a scheme called Chaum’s mixes employs a proxy
`
`server that transmits and receives fixed length messages, including dummy messages. Multiple
`
`originating terminals are connected through a mix (a server) to multiple target servers. It is
`
`difficult to tell which of the originating terminals are communicating to which of the connected
`
`target servers, and the dummy messages confuse eavesdroppers’ efforts to detect communicating
`
`pairs by analyzing traffic. A drawback is that there is a risk that the mix server could be
`
`compromised. One way to deal with this risk is to spread the trust among multiple mixes. If one
`
`mix is compromised, the identities of the originating and target terminals may remain concealed.
`
`DMiUS 38873985—l.077580.0116
`
`- 2 -
`
`Petitioner Apple Inc. — Exhibit 1002, p. 9
`
`Petitioner Apple Inc. - Exhibit 1002, p. 9
`
`
`
`Attorney Docket No. 077580-0177
`
`This strategy requires a number of alternative mixes so that the intermediate servers interposed
`
`between the originating and target terminals are not determinable except by compromising more
`
`than one mix. The strategy wraps the message with multiple layers of encrypted addresses. The
`
`first mix in a sequence can decrypt only the outer layer of the message to reveal the next
`
`destination mix in sequence. The second mix can decrypt the message to reveal the next mix and
`
`so on. The target server receives the message and, optionally, a multi—layer encrypted payload
`
`containing return information to send data back in the same fashion. The only way to defeat such
`
`a mix scheme is to collude among mixes. If the packets are all fixed—length and intermixed with
`
`dummy packets, there is no way to do any kind of traffic analysis.
`
`[0006]
`
`Still another anonymity technique, called ‘crowds,’ protects the identity of the
`
`originating terminal from the intermediate proxies by providing that originating terminals belong
`
`to groups of proxies called crowds. The crowd proxies are interposed between originating and
`
`target terminals. Each proxy through which the message is sent is randomly chosen by an
`
`upstream proxy. Each intermediate proxy can send the message either to another randomly
`
`chosen proxy in the “crowd” or to the destination. Thus, even crowd members cannot determine
`
`if a preceding proxy is the originator of the message or if it was simply passed from another
`
`proxy.
`
`[0007]
`
`ZKS (Zero—Knowledge Systems) Anonymous IP Protocol allows users to
`
`select up to any of five different pseudonyms, while desktop software encrypts outgoing traffic
`
`and wraps it in User Datagram Protocol (UDP) packets. The first server in a 2+—hop system gets
`
`the UDP packets, strips off one layer of encryption to add another, then sends the traffic to the
`
`next server, which strips off yet another layer of encryption and adds a new one. The user is
`
`permitted to control
`
`the number of hops. At the final server,
`
`traffic is decrypted with an
`
`untraceable IP address. The technique is called onion—routing. This method can be defeated using
`
`traffic analysis. For a simple example, bursts of packets from a user during low—duty periods can
`
`reveal the identities of sender and receiver.
`
`[0008]
`
`Firewalls attempt
`
`to protect LANs from unauthorized access and hostile
`
`exploitation or damage to computers connected to the LAN. Firewalls provide a server through
`
`which all access to the LAN must pass. Firewalls are centralized systems that require
`
`DMiUS 38873985—l.077580.0116
`
`- 3 -
`
`Petitioner Apple Inc. - Exhibit 1002, p. 10
`
`Petitioner Apple Inc. - Exhibit 1002, p. 10
`
`
`
`Attorney Docket No. 077580-0177
`
`administrative overhead to maintain. They can be compromised by virtual—machine applications
`
`(“applets”). They instill a false sense of security that leads to security breaches for example by
`
`users sending sensitive information to servers outside the firewall or encouraging use of modems
`
`to sidestep the firewall security. Firewalls are not useful for distributed systems such as business
`
`travelers, extranets, small teams, etc.
`
`SUMMARY OF THE INVENTION
`
`[0009]
`
`A secure mechanism for communicating over
`
`the internet,
`
`including a
`
`protocol referred to as the Tunneled Agile Routing Protocol (TARP), uses a unique two—layer
`
`encryption format and special TARP routers. TARP routers are similar in function to regular lP
`
`routers. Each TARP router has one or more IP addresses and uses normal IP protocol to send IP
`
`packet messages (“packets” or “datagrams”). The IP packets exchanged between TARP
`
`terminals via TARP routers are actually encrypted packets whose true destination address is
`
`concealed except to TARP routers and servers. The normal or “clear” or “outside” lP header
`
`attached to TARP IP packets contains only the address of a next hop router or destination server.
`
`That is, instead of indicating a final destination in the destination field of the IP header, the
`
`TARP packet’s IP header always points to a next—hop in a series of TARP router hops, or to the
`
`final destination. This means there is no overt indication from an intercepted TARP packet of the
`
`true destination of the TARP packet since the destination could always be next—hop TARP router
`
`as well as the final destination.
`
`[0010]
`
`Each TARP packet’s
`
`true destination is concealed behind a layer of
`
`encryption generated using a link key. The link key is the encryption key used for encrypted
`
`communication between the hops intervening between an originating TARP terminal and a
`
`destination TARP terminal. Each TARP router can remove the outer layer of encryption to reveal
`
`the destination router for each TARP packet. To identify the link key needed to decrypt the outer
`
`layer of encryption of a TARP packet, a receiving TARP or routing terminal may identify the
`
`transmitting terminal by the sender/receiver IP numbers in the cleartext lP header.
`
`[0011]
`
`Once the outer layer of encryption is removed, the TARP router determines
`
`the final destination. Each TARP packet 140 undergoes a minimum number of hops to help foil
`
`traffic analysis. The hops may be chosen at random or by a fixed value. As a result, each TARP
`
`DMiUS 38873985—1.077580.0116
`
`- 4 -
`
`Petitioner Apple Inc. - Exhibit 1002, p. 11
`
`Petitioner Apple Inc. - Exhibit 1002, p. 11
`
`
`
`Attorney Docket No. 077580-0177
`
`packet may make random trips among a number of geographically disparate routers before
`
`reaching its destination. Each trip is highly likely to be different for each packet composing a
`
`given message because each trip is independently randomly determined. This feature is called
`
`agile routing. The fact that different packets take different routes provides distinct advantages by
`
`making it difficult for an interloper to obtain all the packets forming an entire multi—packet
`
`message. The associated advantages have to do with the inner layer of encryption discussed
`
`below. Agile routing is combined with another feature that furthers this purpose; a feature that
`
`ensures that any message is broken into multiple packets.
`
`[0012]
`
`The IP address of a TARP router can be changed, a feature called IP agility.
`
`Each TARP router, independently or under direction from another TARP terminal or router, can
`
`change its IP address. A separate, unchangeable identifier or address is also defined. This
`
`address, called the TARP address, is known only to TARP routers and terminals and may be
`
`correlated at any time by a TARP router or a TARP terminal using a Lookup Table (LUT). When
`
`a TARP router or terminal changes its IP address,
`
`it updates the other TARP routers and
`
`terminals which in turn update their respective LUTs.
`
`[0013]
`
`The message payload is hidden behind an inner layer of encryption in the
`
`TARP packet that can only be unlocked using a session key. The session key is not available to
`
`any of the intervening TARP routers. The session key is used to decrypt the payloads of the
`
`TARP packets permitting the data stream to be reconstructed.
`
`[0014]
`
`Communication may be made private using link and session keys, which in
`
`turn may be shared and used according to any desired method. For example, public/private keys
`
`or symmetric keys may be used.
`
`[0015]
`
`To transmit a data stream, a TARP originating terminal constructs a series of
`
`TARP packets from a series of IP packets generated by a network (1P) layer process. (Note that
`77 4‘
`
`the terms “network layer,” “data link layer,
`
`application layer,” etc. used in this specification
`
`correspond to the Open Systems Interconnection (OSI) network terminology.) The payloads of
`
`these packets are assembled into a block and chain—block encrypted using the session key. This
`
`assumes, of course, that all the IP packets are destined for the same TARP terminal. The block is
`
`DMiUS 38873985—1.077580.0116
`
`- 5 -
`
`Petitioner Apple Inc. - Exhibit 1002, p. 12
`
`Petitioner Apple Inc. - Exhibit 1002, p. 12
`
`
`
`Attorney Docket No. 077580-0177
`
`then interleaved and the interleaved encrypted block is broken into a series of payloads, one for
`
`each TARP packet to be generated. Special TARP headers lPT are then added to each payload
`
`using the 1P headers from the data stream packets. The TARP headers can be identical to normal
`
`IP headers or customized in some way. They should contain a formula or data for deinterleaving
`
`the data at the destination TARP terminal, a time—to—live (TTL) parameter to indicate the number
`
`of hops still to be executed, a data type identifier which indicates whether the payload contains,
`
`for example, TCP or UDP data, the sender’s TARP address, the destination TARP address, and
`
`an indicator as to whether the packet contains real or decoy data or a formula for filtering out
`
`decoy data if decoy data is spread in some way through the TARP payload data.
`
`[0016]
`
`Note that although chain—block encryption is discussed here with reference to
`
`the session key, any encryption method may be used. Preferably, as in chain block encryption, a
`
`method should be used that makes unauthorized decryption difficult without an entire result of
`
`the encryption process. Thus, by separating the encrypted block among multiple packets and
`
`making it difficult for an interloper to obtain access to all of such packets, the contents of the
`
`communications are provided an extra layer of security.
`
`[0017]
`
`Decoy or dummy data can be added to a stream to help foil traffic analysis by
`
`reducing the peak—to—average network load. It may be desirable to provide the TARP process
`
`with an ability to respond to the time of day or other criteria to generate more decoy data during
`
`low traffic periods so that communication bursts at one point in the Internet cannot be tied to
`
`communication bursts at another point to reveal the communicating endpoints.
`
`[0018]
`
`Dummy data also helps
`
`to break the data into a larger number of
`
`inconspicuously—sized packets permitting the interleave window size to be increased while
`
`maintaining a reasonable size for each packet. (The packet size can be a single standard size or
`
`selected from a fixed range of sizes.) One primary reason for desiring for each message to be
`
`broken into multiple packets is apparent if a chain block encryption scheme is used to form the
`
`first encryption layer prior to interleaving. A single block encryption may be applied to a portion,
`
`or entirety, of a message, and that portion or entirety then interleaved into a number of separate
`
`packets. Considering the agile IP routing of the packets, and the attendant difficulty of
`
`DMiUS 38873985—1.077580.0116
`
`- 6 -
`
`Petitioner Apple Inc. - Exhibit 1002, p. 13
`
`Petitioner Apple Inc. - Exhibit 1002, p. 13
`
`
`
`Attorney Docket No. 077580-0177
`
`reconstructing an entire sequence of packets to form a single block—encrypted message element,
`
`decoy packets can significantly increase the difficulty of reconstructing an entire data stream.
`
`[0019]
`
`The above scheme may be implemented entirely by processes operating
`
`between the data link layer and the network layer of each server or terminal participating in the
`
`TARP system. Because the encryption system described above is insertable between the data link
`
`and network layers, the processes involved in supporting the encrypted communication may be
`
`completely transparent to processes at the IP (network) layer and above. The TARP processes
`
`may also be completely transparent to the data link layer processes as well. Thus, no operations
`
`at or above the Network layer, or at or below the data link layer, are affected by the insertion of
`
`the TARP stack. This provides additional security to all processes at or above the network layer,
`
`since the difficulty of unauthorized penetration of the network layer (by, for example, a hacker)
`
`is increased substantially. Even newly developed servers running at the session layer leave all
`
`processes below the session layer vulnerable to attack. Note that in this architecture, security is
`
`distributed. That is, notebook computers used by executives on the road, for example, can
`
`communicate over the Internet without any compromise in security.
`
`[0020]
`
`IP address changes made by TARP terminals and routers can be done at
`
`regular intervals, at random intervals, or upon detection of “attacks.” The variation of IP
`
`addresses hinders traffic analysis that might reveal which computers are communicating, and
`
`also provides a degree of immunity from attack. The level of immunity from attack is roughly
`
`proportional to the rate at which the IP address of the host is changing.
`
`[0021]
`
`As mentioned, IP addresses ma