/W’
`
`
`JOINT DECLARATION FOR PATENT APPLICATION
`
`As the below named inventors, we hereby declare that:
`
`Our residence, post ofiice address and citizenship are as stated below next to our names;
`
`We believe we are the original, first andjoint inventors ofthe subject matter which is claimed and for which a patent it
`sought on the invention entitled AN AGILE
`TWORK PROTOCOL
`R
`COMMUNICATION USING SECURE
`
`DOMAIN NAMES the specification of which
`E
`is attached hereno.
`[3
`was filed on
`applicable).
`was filed under the Patent Cooperation Trealy (PCT) and accorded International Application
`
`No.
`filed
`and amended on
`(if any).
`
`and was amended on
`
`(if
`
`as Application Serial Number
`
`C]
`
`We hereby stare that we have reviewed and understand the contents ofthe abovoidentifled specification, including the
`claims, as amended by any amendment referred to above.
`
`We hereby aclcnowlcdgo the duty to disclose information which is material to patcntability in accordance with Title 37,
`Code of Federal Regulations, §l.56(a).
`
`Prior Foreign Application(s)
`We hereby claim foreign priority benefits under Title 35, United States Code, § 1 19 ofany foreign application(s) for
`paient or inventor's catificate listed below and have also identified below any foreign appllca.tion(s) for patent or inventors
`certificate having a filing date before that of the application on which prio '
`is claimed:
`
`
`
`Prior United States Provisional Application(s)
`We hereby claim priority benefits under Title 35, United States Code, §l 19(e)(1) ofany US. provisional application
`listed below:
`
`7 June 1999
`
`300ctober1998
`
`We hereby claim the benefit under Title 35, United States Code, §l20 ofany United States 3pplicafi0n(s) listed below
`and, insofar as the subject matter ofeach ofthe claims ofthis application is not disclosed in the prior United States application in
`the manner provided by the first paragraph ofTitle 35, United States Code, §l 12, we aclmowledge the duty to disclose material
`information as defined in Title 37, Code of Federal Regulations, §l.56(a) which occurred between the filing date of the prior '
`application and the national or PCT international filing date of this application:
`
`BANNER & WFTCOFF, LTD.
`
`Rev 1.1 roowzool
`
`Page 1 of 2
`
`Petitioner Apple Inc. — Exhibit 1002, p. 1
`
`Petitioner Apple Inc. - Exhibit 1002, p. 1
`
`

`
`
`
`
`
` _ c.&tii'>lI‘-Sé.na1?'l . .—.,. aigzlsdivxaltrfifiélar-).«~ie.»: “
`
`
`
`
` '09/553,210
` 5Apri12ooo
`‘Pendvingm
`H
`
`
`
`09/429,643
`
`29 October 1999
`
`'
`
`Power of Attorney
`And we hcxtby appoint, both jointly and severally, as our attorneys with full power of substimfion and revocation, to
`prosecute this application and to transact all business in the Parent and Trademark Ofiicc connected herewith the practitioncrs at;
`
`Cuswmer Number. 22907
`
`(WDC)
`
`Number.
`
`Please: addrtss all correspondence and telephone communications to the address and telephone number for this Customer
`
`We hereby declare that all smmmcnrs made herein of our own knowledge are true and that all statements made on
`informazion and beliefare believed to be true; and fizrtber that these statements were made with the knowledge that w1'llfi1l
`false statements and the like so made are punishable by fine or imprisonment, or both, under Section 1001 of Title 18 ofthe
`United States Code and that such willful false statements may jeopardize the validity ofthe application or any patent issuing
`thereon.
`
`“ (K21 a Z
`Date
`Signature - , gm
`Full Name ofFirsthventor
`,
`First GivcnbNa:n1e
`Second Given Name
`‘Family Name
`ia
`Fa_1;'i_z;_>_<,' Vgg;;_g''
`
`Citizenship
`Residence
`Pom Office: Address
`12026 Lisa Marie Cgggg, Egigfag. Virvgnia D033
`
`USA
`
`
`Signature
`Full Name of Second Inventor
`
`0
`Short. III
`First Given Name
`Family Nam:
`Rwidenm Citizenship U§A
`Post Office Address
`3§7l0 Goosg Creek Lane, Leesburg, Virginia 20175
`
`Date
`
`Second Given Name
`
`Si@amn
`Full Name ofThird Inventor
`Munggg;
`
` d
`First Given Name
`Cifizenship QSA
`Residence Crownsvillg, Mgyland
`Post Oflice Address
`I 101 Qgaca Co_u;r_t, Crownsvflle. Magzland 21032
`
`DatI:__________________________,_____.____________
`com
`Second Given Name
`
`
` Signatme
`Full Name ofFo
`
`Williamson
`Family Name
`
`‘
`
`Michael
`Second Given Name
`First Given Name
`Citiznnship USA
`Scum g;'dg'gg, Vfrcrinig
`Residence
`Post 01350:: Address
`26203 on Circle, Soufh Riding. Virginia 20152
`
`Date
`
`@_ E
`
`BANNER & WITCOFF, LTD.
`
`Rev l.l 10-09-2001
`
`Page 2 of2
`
`Petitioner Apple Inc. — Exhibit 1002, p. 2
`
`Petitioner Apple Inc. - Exhibit 1002, p. 2
`
`

`
`JOINT DECLARATION FOR PATENT APPLICATION
`
`As the below named inventors, we hereby declare that:
`
`Our residence, post ofice address and citizenship are as stated below next to our names;
`
`as Application Serial Number
`
`and was amended on
`
`
`
`(if
`
`We believe we are the original, first and joint inventors of the subject matter which is claimed and for which a patent is
`sought on the invention entitled
`A IL
`0 OCO F R S
`CO
`CATI
`SIN
`E
`DOMAIE NAME; the specification of which
`E
`is attached hereto.
`C]
`was filed on
`applicable).
`was filed under the Patent Cooperation Treaty (PCT) and accorded International Application
`
`No.
`filed
`and amended on
`(if any).
`
`D
`
`We hereby state that we have reviewed and understand the contents of the above-identified specification, including the
`claims, as amended by any amendment referred to above.
`
`We hereby acknowledge the duty to disclose information which is material to patentability in accordance with Title 37,
`Code ofFederal Regulations, §l.56(a).
`
`Prior Foreign Application(s)
`We hereby claim foreign priority benefits under Title 35, United States Code, §l l9 of any foreign application(s) for
`patent or inventors certificate listed below and have also identified below any foreign application(s) for patent or inventors
`certificate having a filing date before that of the application on which priority is claimed:
`
`
`
`Prior United States Provisional Application(s)
`We hereby claim priority benefits under Title 35, United States Code, §1l9(e)(l) of any U.S. provisional application
`listed below:
`
`7 June 1999
`
`so October 1993
`
`Prior United States Application(s)
`We hereby claim the benefit under Title 35, United States Code, §l20 ofany United States application(s) listed below
`and, insofar as the subject matter ofeach ofthe claims ofthis application is not disclosed in the prior United States application in
`the manner provided by the first paragraph ofTitle 35, United States Code, §l 12, we acknowledge the duty to disclose material
`information as defined in Title 37, Code of Federal Regulations, §l.56(a) which occurred between the filing date of the prior
`application and the national or PCT international filing date of this application:
`
`_*____%
`ANNER & WITCOFF, LTD.
`Rev 2.1 I0-O9-2001
`
`Page 1 of2
`
`Petitioner Apple Inc. — Exhibit 1002, p. 3
`
`Petitioner Apple Inc. - Exhibit 1002, p. 3
`
`

`
`
`
`Status -- Patented.
`Pending, Abandoned
`
`Application Serial No.
`09/558210
`09/504783
`09/429 643
`
`
`
`
`
`
`
`Date of Filing
`(Day, Month. Year)
`26Avr"2000
`15 Februawooo
`29 October 1999
`
`
`
`
`
`Power of Attorney
`And we hereby appoint. both jointly and severally, as our attorneys with full power of substitution and revocation, to
`prosecute this application and to transact all business in the Patent and Trademark Office connected herewith the practitioners at:
`
`Customer Number: 22907
`
`(WDC)
`
`Please address all correspondence and telephone communications to the address and telephone number for this Customer
`
`N umber.
`
`We hereby declare that all statements made herein of our own knowledge are true and that all statements made on
`information and belief are believed to be true; and further that these statements were made with the knowledge that willful
`false statements and the like so made are punishable by line or imprisonment, or both, under Section 1001 of Title 18 of the
`United States Code and that such willful false statements mayjeopardize the validity of the application or any patent issuing
`thereon.
`
`Signature
`Full Name of First Inventor
`
`Larson
`Family Name
`
`Victor
`First Given Name
`USA
`Citizenship
`Fairfax, Virginia
`Residence
`
`Post Office Address 12026 Lisa Marie Court Fairfax Vir 'nia 22033
`
`Date
`
`Second Given Name
`
`I
`Signature
`Full Name of Second Inventor‘
`
` ._M Date
`
`_
`Dunham
`R0 ert
`ort. III
`Second Given Name
`First Given Name
`Family Name
`Leesburo. Vir iniaResidence Citizenship USA
`
`
` Post Office Address 33710 Goose Creek Lane Leesburv. Virninia 2017
`
`
`-
`
`Signature
`Full Name of Third Inventor
`
`Munger
`Farnil y Name
`
`Edmund
`First Given Name
`Citizenship USA
`Crownsville, Maryland
`Residence
` Post Office Address llOl O aca Court Crownsville. Marvland 21032
`
`
`Date
`
`Colby
`Second Given Name
`
`
`Signature
`Full Name of Fourth Inventor
`
`.
`
`Michael
`First Given Name
`Citizenship USA
`South Riding. Virginia
`Residence
`Post Office Address
`26203 Ocala Circle, South Riding, Virginia 2015;
`
`Williamson
`Family Name
`
`Date
`
`Second Given Name
`
`
`
`BANNER & WITCOFF, LTD.
`
`R" H 1099.200,
`
`Page 2 of 2
`
`Petitioner Apple Inc. — Exhibit 1002, p. 4
`
`Petitioner Apple Inc. - Exhibit 1002, p. 4
`
`

`
`JOINT DECLARATION FOR PATENT APPLICATION
`
`As the below named inventors, we hereby declare that:
`
`Our residence, post office address and citizenship are as stated below next to our names;
`
`We believe we are the original, first and joint inventors ofthe subject matter which is claimed and for which a patent is
`sought on the invention entitled AN AGILE NETWQ QRK PROTl ;_(;§ EL F0R SECL__fIl§_E_COM3\/IUNICATIONS USING SECURE
`
`DOMAIN NAMES the specification of which
`V3
`is attached hereto.
`E]
`was filed on
`applicable).
`was filed under the Patent Cooperation Treaty (PCT) and accorded International Application
`
`No.
`filed
`, and amended on
`(if any).
`
`as Application Serial Number
`
`and was amended on
`
`(if
`
`We hereby state that we have reviewed and understand the contents ofthe above—idcntified specification, including the
`claims, as amended by any amendment referred to above.
`
`We hereby acknowledge the duty to disclose information which is material to patentability in accordance with Title 37,
`Code of Federal Regulations, §l.56(a).
`
`Prior Foreign Application(s)
`We hereby claim foreign priority benefits under Title 35, United States Code, §l19 ofany foreign apph'cation(s) for
`patent or inventor's certificate listed below and have also identified below any foreign application(s) for patent or inventor's
`certificate having a filing date before that ofthe application on which priority is claimed:
`
`(day month year)
`
`Date of Issue
`
`Priority Claimed
`UDd5T 35 U-S-C
`
`Date of Filing
`(day month year)
`
`Prior United States Provisional Application(s)
`We hereby claim priority benefits under Title 35, United States Cod
`e, §l I9(e)(l) of any US. provisional application
`listed below:
`
`
`
`U.S. Provisional Application No.
`
`D-are ofpujng
`(day month year)
`
`Priority Claimed
`Under 35 U.S.C. §I19(e)(l)
`
`
`
`
`
`
`
`so/137,704
`
`7 June 1999
`
`
`pplication is not disclosed in the prior United States application in
`the manner provided by the first paragraph ofTitle 35, United States Code, {ii 12, we acknowledge the duty to disclose material
`information as defined in Title 37, Code ofFederal Regulations, §l.56(a) which occurred between the filing date of the prior
`application and the national or PCT international filing date of this application:
`
`KNNER & WITCOFF, LTD.
`
`Rev 2.: 1009.200!
`
`Page l of 2
`
`Petitioner Apple Inc. — Exhibit 1002, p. 5
`
`Petitioner Apple Inc. - Exhibit 1002, p. 5
`
`

`
`
`
`
`Date of Filing
`Status -~ Patented,
`(Day, Month, Year)
`Pending, Aandoned
`Application Serial No.
`
`25 April 2000
`Pending
`091558,! 1 0
`in February 2000
`Patented
`O9/504,783
`29 October 1999
`O9/429,643
`
`
`
`
`Pending
`
`
`
`
`
`Power of Attorney
`And we hereby appoint, both jointly and severally, as our attorneys with full power of substitution and revocation, to
`prosecute this application and to transact all business in the Patent and Trademark Office connected herewith the practitioners at:
`
`Customer Number: 22907
`
`(WDC)
`
`Number.
`
`Please address all correspondence and telephone communications to the address and telephone number for this Customer
`
`We hereby declare that all statements made herein ofour own knowledge are true and that all statements made on
`information and beliefare believed to be true; and further that these statements were made with the knowledge that willful
`false statements and the like so made are punishable by fine or irnpiisonrnent, or both, under Section 100] of Title l8 of the
`United States Code and that such willful false statements mayjeopardize the validity of the application or any patent issuing
`thereon.
`
`Signature
`Dafe
`Full Name of First Inventor
`Larson
`Victor
`........._.._.._.__........_.___.._~___.__...__._.___..__....._.
`Family Name
`First Given Name
`Second Given Name
`Citizenship
`Fairfagg, Vin2__-z_n'ja
`Residence
`Post Office Address
`12026 Lisa Marie Court, Fairfg, Virginia 22033
`
`USA
`
`Date......__....___._._._..._...___..___.._.__...
`Dunham
`Second Given Name
`
`Signature
`Full Name of Third Inventor
`
`First Given Name
`Citizenship USA
`Crownsville, Mgyland
`Residence
`Post Office Address
`l 101 Opaca Court, Crownsville, Maryland 21032
`
`Family Name
`
`Second Given Name
`
` Signature
`Full Name ofFourth Inventor
`Williarmon
`Family Name
`
`Michael
`Second Given Name
`First Given Name
`Citizenship USA
`South Riding Virginia
`Residence
`._.____...___._..___.__.._._.....__.....___._
`Post Office Address
`26203 Qcala Circle, South Riding, Virginia 20152
`
`Date
`
`3ANNER & WITCOFF, LTD.
`
`9
`
`Rev Ll
`
`l0—O9—200l
`
`Page 2 of2
`
`Petitioner Apple Inc. — Exhibit 1002, p. 6
`
`
`
`Signature
`Full Name of Second Inventor
`
`Shogt, Ill
`Family Name
`
`Robert
`First Given Name
`Citizenship USA
`Leesburg, Virginia
`Residence
`Post Office Address
`38710 Goose Qreek Lane, Igburg, Virginia 20175
`
`Petitioner Apple Inc. - Exhibit 1002, p. 6
`
`

`
`Attorney Docket No.: 077580-0177
`
`U.S. PATENT APPLICATION FOR
`
`AGILE NETWORK PROTOCOL FOR SECURE COMMUNICATIONS USING
`
`SECURE DOMAIN NAMES
`
`Inventors:
`
`Victor LARSON, a citizen of the United States, residing at
`12026 Lisa Marie Court, Fairfax, Virginia 22033
`
`Robert Dunham SHORT, III, a citizen of the United States, residing at
`38710 Goose Creek Lane, Leesburg, Virginia 20175
`
`Edmund Colby MUNGER, a citizen of the United States, residing at
`1101 Opaca Court, Crownsville, Maryland 21032
`
`Michael WILLIAMSON, a citizen of the United States, residing at
`26203 Ocala Circle, South Riding, Virginia 20152
`
`Assignee:
`
`VIRNETX, INC.
`P.O. Box 439
`
`Zephyr Cove, Nevada 89448
`
`Entity:
`
`Large
`
`MCDERMOTT WILL & EMERY LLP
`
`28 State Street
`
`Boston, MA 02109-1775
`617.535.4000
`
`DM_US 38877810—1.077580.0177
`
`Petitioner Apple Inc. — Exhibit 1002, p. 7
`
`Petitioner Apple Inc. - Exhibit 1002, p. 7
`
`

`
`Attorney Docket No. 077580-0177
`
`AGILE NETWORK PROTOCOL FOR SECURE COMMUNICATIONS USING
`
`SECURE DOMAIN NAMES
`
`CROSS—REFERENCE TO RELATED APPLICATIONS
`
`[0001]
`
`This application claims priority from and is a continuation of a co—pending
`
`U.S. Application No. 13/049,552, filed March 16, 2011, which is a continuation of U.S.
`
`Application No. 11/840,560, filed August 17, 2007, now U.S. Patent No. 7,921,211, issued April
`
`5, 2011, which is a continuation of U.S. Application No. 10/714,849, filed November 18, 2003,
`
`now U.S. Patent No. 7,418,504,
`
`issued August 26, 2008, which is a continuation of U.S.
`
`Application No. 09/558,210, filed April 26, 2000, now abandoned, which is a continuation—in—
`
`part of U.S. Application No. 09/504,783, filed on February 15, 2000, now U.S. Patent No.
`
`6,502,135, issued December 31, 2002, which claims priority from and is a continuation—in—part
`
`patent application of previously—filed U.S. Application No. 09/429,643, filed on October 29,
`
`1999, now U.S. Patent No. 7,010,604,
`
`issued March 07, 2006, all of which are hereby
`
`incorporated by reference in their entirety for all purposes. The subject matter of U.S. application
`
`serial number 09/429,643 derives from provisional U.S. Application Nos. 60/106,261 (filed
`
`October 30, 1998) and 60/137,704 (filed June 7, 1999), all of which are hereby incorporated by
`
`reference in their entirety for all purposes. The present application is also related to U.S.
`
`application serial number 09/558,209, filed April 26, 2000, now abandoned, which is hereby
`
`incorporated by reference in its entirety for all purposes.
`
`BACKGROUND OF THE INVENTION
`
`[0002]
`
`A tremendous variety of methods have been proposed and implemented to
`
`provide security and anonymity for communications over the Internet. The variety stems, in part,
`
`from the different needs of different Internet users. A basic heuristic framework to aid in
`
`discussing these different security techniques is illustrated in FIG.
`
`1. Two terminals, an
`
`originating terminal 100 and a destination terminal 110 are in communication over the Internet.
`
`It
`
`is desired for the communications to be secure,
`
`that is,
`
`immune to eavesdropping. For
`
`example, terminal 100 may transmit secret information to terminal 110 over the Internet 107.
`
`Also, it may be desired to prevent an eavesdropper from discovering that terminal 100 is in
`
`communication with terminal 110. For example, if terminal 100 is a user and terminal 110 hosts
`
`a web site, terminal 100’s user may not want anyone in the intervening networks to know what
`
`DM_US 38873985—1 .077580.0116
`
`Petitioner Apple Inc. — Exhibit 1002, p. 8
`
`Petitioner Apple Inc. - Exhibit 1002, p. 8
`
`

`
`Attorney Docket No. 077580-0177
`
`web sites he is “visiting.” Anonymity would thus be an issue, for example, for companies that
`
`want to keep their market research interests private and thus would prefer to prevent outsiders
`
`from knowing which websites or other Internet resources they are “visiting.” These two security
`
`issues may be called data security and anonymity, respectively.
`
`[0003]
`
`Data security is usually tackled using some form of data encryption. An
`
`encryption key 48 is known at both the originating and terminating terminals 100 and ll0. The
`
`keys may be private and public at
`
`the originating and destination terminals 100 and ll0,
`
`respectively or they may be symmetrical keys (the same key is used by both parties to encrypt
`
`and decrypt). Many encryption methods are known and usable in this context.
`
`[0004]
`
`To hide traffic from a local administrator or ISP, a user can employ a local
`
`proxy server in communicating over an encrypted channel with an outside proxy such that the
`
`local administrator or ISP only sees the encrypted traffic. Proxy servers prevent destination
`
`servers from determining the identities of the originating clients. This system employs an
`
`intermediate server interposed between client and destination server. The destination server sees
`
`only the Internet Protocol (IP) address of the proxy server and not the originating client. The
`
`target server only sees the address of the outside proxy. This scheme relies on a trusted outside
`
`proxy server. Also, proxy schemes are vulnerable to traffic analysis methods of determining
`
`identities of transmitters and receivers. Another important limitation of proxy servers is that the
`
`server knows the identities of both calling and called parties. In many instances, an originating
`
`terminal, such as terminal A, would prefer to keep its identity concealed from the proxy, for
`
`example, if the proxy server is provided by an Internet service provider (ISP).
`
`[0005]
`
`To defeat traffic analysis, a scheme called Chaum’s mixes employs a proxy
`
`server that transmits and receives fixed length messages, including dummy messages. Multiple
`
`originating terminals are connected through a mix (a server) to multiple target servers. It is
`
`difficult to tell which of the originating terminals are communicating to which of the connected
`
`target servers, and the dummy messages confuse eavesdroppers’ efforts to detect communicating
`
`pairs by analyzing traffic. A drawback is that there is a risk that the mix server could be
`
`compromised. One way to deal with this risk is to spread the trust among multiple mixes. If one
`
`mix is compromised, the identities of the originating and target terminals may remain concealed.
`
`DM_US 38873985—l.077580.0ll6
`
`- 2 -
`
`Petitioner Apple Inc. — Exhibit 1002, p. 9
`
`Petitioner Apple Inc. - Exhibit 1002, p. 9
`
`

`
`Attorney Docket No. 077580-0177
`
`This strategy requires a number of alternative mixes so that the intermediate servers interposed
`
`between the originating and target terminals are not determinable except by compromising more
`
`than one mix. The strategy wraps the message with multiple layers of encrypted addresses. The
`
`first mix in a sequence can decrypt only the outer layer of the message to reveal the next
`
`destination mix in sequence. The second mix can decrypt the message to reveal the next mix and
`
`so on. The target server receives the message and, optionally, a multi—layer encrypted payload
`
`containing return information to send data back in the same fashion. The only way to defeat such
`
`a mix scheme is to collude among mixes. If the packets are all fixed—length and intermixed with
`
`dummy packets, there is no way to do any kind of traffic analysis.
`
`[0006]
`
`Still another anonymity technique, called ‘crowds,’ protects the identity of the
`
`originating terminal from the intermediate proxies by providing that originating terminals belong
`
`to groups of proxies called crowds. The crowd proxies are interposed between originating and
`
`target terminals. Each proxy through which the message is sent is randomly chosen by an
`
`upstream proxy. Each intermediate proxy can send the message either to another randomly
`
`chosen proxy in the “crowd” or to the destination. Thus, even crowd members cannot determine
`
`if a preceding proxy is the originator of the message or if it was simply passed from another
`
`proxy.
`
`[0007]
`
`ZKS (Zero—Knowledge Systems) Anonymous IP Protocol allows users to
`
`select up to any of five different pseudonyms, while desktop software encrypts outgoing traffic
`
`and wraps it in User Datagram Protocol (UDP) packets. The first server in a 2+—hop system gets
`
`the UDP packets, strips off one layer of encryption to add another, then sends the traffic to the
`
`next server, which strips off yet another layer of encryption and adds a new one. The user is
`
`permitted to control
`
`the number of hops. At the final server,
`
`traffic is decrypted with an
`
`untraceable IP address. The technique is called onion—routing. This method can be defeated using
`
`traffic analysis. For a simple example, bursts of packets from a user during low—duty periods can
`
`reveal the identities of sender and receiver.
`
`[0008]
`
`Firewalls attempt
`
`to protect LANs from unauthorized access and hostile
`
`exploitation or damage to computers connected to the LAN. Firewalls provide a server through
`
`which all access to the LAN must pass. Firewalls are centralized systems that require
`
`DM_US 38873985—l.O77580.0ll6
`
`- 3 '
`
`Petitioner Apple Inc. — Exhibit 1002, p. 10
`
`Petitioner Apple Inc. - Exhibit 1002, p. 10
`
`

`
`Attorney Docket No. 077580-0177
`
`administrative overhead to maintain. They can be compromised by virtual—machine applications
`
`(“applets”). They instill a false sense of security that leads to security breaches for example by
`
`users sending sensitive information to servers outside the firewall or encouraging use of modems
`
`to sidestep the firewall security. Firewalls are not useful for distributed systems such as business
`
`travelers, extranets, small teams, etc.
`
`SUMMARY OF THE INVENTION
`
`[0009]
`
`A secure mechanism for communicating over
`
`the internet,
`
`including a
`
`protocol referred to as the Tunneled Agile Routing Protocol (TARP), uses a unique two—layer
`
`encryption format and special TARP routers. TARP routers are similar in function to regular IP
`
`routers. Each TARP router has one or more IP addresses and uses normal IP protocol to send IP
`
`packet messages (“packets” or “datagrams”). The IP packets exchanged between TARP
`
`terminals via TARP routers are actually encrypted packets whose true destination address is
`
`concealed except to TARP routers and servers. The normal or “clear” or “outside” IP header
`
`attached to TARP IP packets contains only the address of a next hop router or destination server.
`
`That is, instead of indicating a final destination in the destination field of the IP header, the
`
`TARP packet’s IP header always points to a next—hop in a series of TARP router hops, or to the
`
`final destination. This means there is no overt indication from an intercepted TARP packet of the
`
`true destination of the TARP packet since the destination could always be next—hop TARP router
`
`as well as the final destination.
`
`[0010]
`
`Each TARP packet’s
`
`true destination is concealed behind a layer of
`
`encryption generated using a link key. The link key is the encryption key used for encrypted
`
`communication between the hops intervening between an originating TARP terminal and a
`
`destination TARP terminal. Each TARP router can remove the outer layer of encryption to reveal
`
`the destination router for each TARP packet. To identify the link key needed to decrypt the outer
`
`layer of encryption of a TARP packet, a receiving TARP or routing terminal may identify the
`
`transmitting terminal by the sender/receiver IP numbers in the cleartext IP header.
`
`[0011]
`
`Once the outer layer of encryption is removed, the TARP router determines
`
`the final destination. Each TARP packet 140 undergoes a minimum number of hops to help foil
`
`traffic analysis. The hops may be chosen at random or by a fixed value. As a result, each TARP
`
`DM_US 38873985—l.077580.0ll6
`
`- 4 -
`
`Petitioner Apple Inc. — Exhibit 1002, p. ll
`
`Petitioner Apple Inc. - Exhibit 1002, p. 11
`
`

`
`Attorney Docket No. 077580-0177
`
`packet may make random trips among a number of geographically disparate routers before
`
`reaching its destination. Each trip is highly likely to be different for each packet composing a
`
`given message because each trip is independently randomly determined. This feature is called
`
`agile routing. The fact that different packets take different routes provides distinct advantages by
`
`making it difficult for an interloper to obtain all the packets forming an entire multi—packet
`
`message. The associated advantages have to do with the inner layer of encryption discussed
`
`below. Agile routing is combined with another feature that furthers this purpose; a feature that
`
`ensures that any message is broken into multiple packets.
`
`[0012]
`
`The IP address of a TARP router can be changed, a feature called IP agility.
`
`Each TARP router, independently or under direction from another TARP terminal or router, can
`
`change its IP address. A separate, unchangeable identifier or address is also defined. This
`
`address, called the TARP address, is known only to TARP routers and terminals and may be
`
`correlated at any time by a TARP router or a TARP terminal using a Lookup Table (LUT). When
`
`a TARP router or terminal changes its IP address,
`
`it updates the other TARP routers and
`
`terminals which in turn update their respective LUTs.
`
`[0013]
`
`The message payload is hidden behind an inner layer of encryption in the
`
`TARP packet that can only be unlocked using a session key. The session key is not available to
`
`any of the intervening TARP routers. The session key is used to decrypt the payloads of the
`
`TARP packets permitting the data stream to be reconstructed.
`
`[0014]
`
`Communication may be made private using link and session keys, which in
`
`turn may be shared and used according to any desired method. For example, public/private keys
`
`or symmetric keys may be used.
`
`[0015]
`
`To transmit a data stream, a TARP originating terminal constructs a series of
`
`TARP packets from a series of IP packets generated by a network (IP) layer process. (Note that
`77
`C4
`
`the terms “network layer,” “data link layer,
`
`application layer,” etc. used in this specification
`
`correspond to the Open Systems Interconnection (OSI) network terminology.) The payloads of
`
`these packets are assembled into a block and chain—block encrypted using the session key. This
`
`assumes, of course, that all the IP packets are destined for the same TARP terminal. The block is
`
`DM_US 38873985—l.O77580.0ll6
`
`- 5 '
`
`Petitioner Apple Inc. — Exhibit 1002, p. 12
`
`Petitioner Apple Inc. - Exhibit 1002, p. 12
`
`

`
`Attorney Docket No. 077580-0177
`
`then interleaved and the interleaved encrypted block is broken into a series of payloads, one for
`
`each TARP packet to be generated. Special TARP headers IPT are then added to each payload
`
`using the 1P headers from the data stream packets. The TARP headers can be identical to normal
`
`IP headers or customized in some way. They should contain a formula or data for deinterleaving
`
`the data at the destination TARP terminal, a time—to—live (TTL) parameter to indicate the number
`
`of hops still to be executed, a data type identifier which indicates whether the payload contains,
`
`for example, TCP or UDP data, the sender’s TARP address, the destination TARP address, and
`
`an indicator as to whether the packet contains real or decoy data or a formula for filtering out
`
`decoy data if decoy data is spread in some way through the TARP payload data.
`
`[0016]
`
`Note that although chain—block encryption is discussed here with reference to
`
`the session key, any encryption method may be used. Preferably, as in chain block encryption, a
`
`method should be used that makes unauthorized decryption difficult without an entire result of
`
`the encryption process. Thus, by separating the encrypted block among multiple packets and
`
`making it difficult for an interloper to obtain access to all of such packets, the contents of the
`
`communications are provided an extra layer of security.
`
`[0017]
`
`Decoy or dummy data can be added to a stream to help foil traffic analysis by
`
`reducing the peak—to—average network load. It may be desirable to provide the TARP process
`
`with an ability to respond to the time of day or other criteria to generate more decoy data during
`
`low traffic periods so that communication bursts at one point in the Internet cannot be tied to
`
`communication bursts at another point to reveal the communicating endpoints.
`
`[0018]
`
`Dummy data also helps
`
`to break the data into a larger number of
`
`inconspicuously—sized packets permitting the interleave window size to be increased while
`
`maintaining a reasonable size for each packet. (The packet size can be a single standard size or
`
`selected from a fixed range of sizes.) One primary reason for desiring for each message to be
`
`broken into multiple packets is apparent if a chain block encryption scheme is used to form the
`
`first encryption layer prior to interleaving. A single block encryption may be applied to a portion,
`
`or entirety, of a message, and that portion or entirety then interleaved into a number of separate
`
`packets. Considering the agile IP routing of the packets, and the attendant difficulty of
`
`DM_US 38873985—l.O77580.0ll6
`
`- 6 '
`
`Petitioner Apple Inc. — Exhibit 1002, p. 13
`
`Petitioner Apple Inc. - Exhibit 1002, p. 13
`
`

`
`Attorney Docket No. 077580-0177
`
`reconstructing an entire sequence of packets to form a single block—encrypted message element,
`
`decoy packets can significantly increase the difficulty of reconstructing an entire data stream.
`
`[0019]
`
`The above scheme may be implemented entirely by processes operating
`
`between the data link layer and the network layer of each server or terminal participating in the
`
`TARP system. Because the encryption system described above is insertable between the data link
`
`and network layers, the processes involved in supporting the encrypted communication may be
`
`completely transparent to processes at the IP (network) layer and above. The TARP processes
`
`may also be completely transparent to the data link layer processes as well. Thus, no operations
`
`at or above the Network layer, or at or below the data link layer, are affected by the insertion of
`
`the TARP stack. This provides additional security to all processes at or above the network layer,
`
`since the difficulty of unauthorized penetration of the network layer (by, for example, a hacker)
`
`is increased substantially. Even newly developed servers running at the session layer leave all
`
`processes below the session layer vulnerable to attack. Note that in this architecture, security is
`
`distributed. That is, notebook computers used by executives on the road, for example, can
`
`communicate over the Internet without any compromise in security.
`
`[0020]
`
`IP address changes made by TARP terminals and routers can be done at
`
`regular intervals, at random intervals, or upon detection of “attacks.” The variation of IP
`
`addresses hinders traffic analysis that might reveal which computers are communicating, and
`
`also provides a degree of immunity from attack. The level