A method for establishing a secure private interconnection over a multipath network

A path and network technology, applied in the field of communication network, can solve problems such as impossible to find, not having high performance efficiency, compromising data packet transmission performance, etc.

Inactive Publication Date: 2017-08-18
SECRET DOUBLE OCTOPUS LTD
View PDF5 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0011] However, neither of the solutions proposed by Lou et al. is high-performance efficient, since shares have to be routed in predetermined fully independent source-to-destination paths, regardless of varying data flow congestion / limitation in each node
Therefore, in order to obtain the desired level of security, the performance of packet delivery may be compromised
Also, according to the solution proposed by Lou et al., there are cases where it is impossible to find completely independent source-to-destination paths, whereas there are existing solutions in which less than k shares traverse each node in the network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method for establishing a secure private interconnection over a multipath network
  • A method for establishing a secure private interconnection over a multipath network
  • A method for establishing a secure private interconnection over a multipath network

Examples

Experimental program
Comparison scheme
Effect test

example 2

[0096] Example 2: Managed Network

[0097] In another embodiment, the method proposed by the present invention proposes to use secret distribution in conjunction with a management network such as SDN, to enable the secret distribution scheme to be managed by the SDN controller. The general concept of the proposed solution is to use SDN to be able to create several tunnels between each pair of data centers communicating with each other. The source encrypts its data using a secret distribution technique and creates n shares. In order to reconstruct data, the destination must have at least k shares in addition to the n shares sent by the sender. The present invention proposes a method of creating these tunnels under the constraint that only less than k shares of the same information can reach a single router. In this way, a private and secure interconnection between data centers is obtained. To guarantee this privacy, n-k secret shares are used to encrypt the data. A source...

example 3

[0105] Example 3: Data separation using primary and backup channels

[0106] Almost any enterprise has a primary channel and a backup channel for exchanging data, the two channels are completely independent and separate (otherwise, if the primary channel fails, the backup channel would not be able to be a true replacement). In this case, no node intercepts k or more shares because there are no relevant segments along each path from source to destination.

[0107] data separation problem

[0108] Check the problem of data separation between tunnels as in the theoretical problem. Given a graph G=(V,E), where source node s (with only output streams) and sink node t (with only input streams) is given. Each node v∈V has a certain non-negative capacity C v . The goal is to push as many flows as possible from s to t in the graph. each path p i has flow f pi , the rule is that the sum of the flows of all paths intercepted by each node cannot exceed its capacity. In the form...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A method for establishing a fully private, information theoretically secure interconnection between a source and a destination, over an unmanaged data network with at least a portion of a public infrastructure is disclosed. Accordingly, n shares of the source data are created at the source according to a predetermined secret sharing scheme and the shares are sent to the data network, while encrypting the sent data using (n,k) secret sharing. A plurality of intermediating nodes are deployed in different locations over the network, to create a plurality of fully and / or partially independent paths in different directions on the path from the source to the destination, and with sufficient data separation. Then, the shares are sent over the plurality of fully and / or partially independent paths while forcing shares' carrying packets to pass through selected intermediate nodes, such that no router at any intermediating nodes intercepts k or more shares.

Description

technical field [0001] The invention relates to the field of communication networks such as the Internet. More specifically, the present invention relates to a secret distribution scheme that is particularly effective for establishing dedicated channels for two parties communicating through multipath communications on a hybrid infrastructure including cloud, servers at points of presence (PoPs) and alternate communication channels. Secret distribution schemes can use fused public directory authentication to replace the confidentiality and authenticity provided by public key infrastructure to eliminate the need for trusted authorities and key protection. Background technique [0002] Public key infrastructure is based on modern cryptography, where the existence of one-way functions is assumed, and such presumably one-way functions are used in practice. Security is based on computational security, rather than classical information-theoretic security techniques such as one-tim...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/00H04L45/128H04L45/24
CPCH04L9/085H04L9/3247H04L63/0428H04L63/067H04L63/0272H04L45/128H04L45/24H04W12/102H04L9/0656H04L9/0827H04L45/1287H04L63/04H04L63/061
Inventor 什洛米·多列夫希姆里特·楚尔-戴维
Owner SECRET DOUBLE OCTOPUS LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap