1. Field of the Invention
The present invention relates to communication systems, in particular, to data packet security using anti-replay protection.
2. Description of the Related Art
Internet Protocol Security (IPsec) is a set of protocols for securing Internet Protocol (IP) communications by authenticating and encrypting IP packets in a data stream. IPsec includes protocols for establishing mutual authentication and negotiation of cryptographic keys, which might protect data flows between two or more host devices (e.g., computers or servers), between a pair of security gateways (e.g., routers or firewalls), or between a security gateway and a host device. The IPsec protocol is officially specified by the Internet Engineering Task Force (IETF) in a series of Requests for Comment (RFC). For example, IETF RFC 2402 (1998), which is incorporated herein by reference, defines anti-replay protection for the IP Authentication Header protocol, which secures IP data flows against a security breach by a adversary inserting or replaying packets in the data flow. Although generally described herein in relation to the IPsec protocol, other network protocol standards, such as Secure Real-time Transport Protocol (SRTP), Transport Layer Security (TLS) and Secure Socket Layer (SSL) also define similar anti-replay protection.
In general, as described in RFC 2402, IPsec authentication provides anti-replay protection by assigning a unique sequence number to each encrypted packet. In the IPsec protocol, for example, the sequence number is a 64-bit number. Security association (“SA”) anti-replay is a security service in which a receiving device can reject old or duplicate packets to protect itself against replay attacks. The transmitting device assigns a sequence number to each packet in a data stream in monotonically increasing order. In a packet-switched network, individual packets of a sequence of packets in the same data stream might take different paths between the transmitting device and the receiving device and, thus, packets might not arrive in the same order in which they were transmitted. Therefore, the receiving device tracks sequence numbers that it has received, and discards packets with a repeated sequence number. Since the sequence number can be a large number (e.g., 64 bits), the receiver does not track all the sequence numbers it has received, instead tracking only those sequence numbers that are within a sliding anti-replay window.
For example, a “position” of the sliding anti-replay window is determined based on the highest sequence number, X, that the receiving device has received. If N is the anti-replay window width, the receiving device will track whether it has received packets having sequence numbers from a low value of X−(N+1) through a high value of X, thus defining the anti-replay window between X−(N+1) and X. Any packet with a sequence number value less than X−(N+1) is discarded. The “position” of the window slides as the value of X changes as packets with higher sequence numbers are received. Common values of N are 32 and 64, although some devices support up to 1024.
However, in instances when the width, N, of the anti-replay window is small, valid packets might be discarded by the receiving device. Further, some Quality of Service (QoS) schemes might give priority to high-priority packets, which might cause some low-priority packets to be discarded even though they are within the anti-replay window. Although increasing the anti-replay window width does not affect system security, increasing the window width could increase costs or lower processing throughput of, for example, a network processing device. For example, if a barrel shifter is employed to store the contents of the anti-replay window, the larger the width of the anti-replay window, the higher the cost of the barrel shifter. Similarly, if the contents of the anti-replay window are stored in a memory and the window “slides” by updating a pointer to the memory, entries that are below the X−(N+1) threshold must be reset to zero by writing to the memory. As the size of the anti-replay window increases, the more memory cycles are consumed resetting the memory, which consumes memory bandwidth and could lower system throughput.