It is known to transfer digital data between communicating entities such as digital computers and the like across computer networks such as wide area networks (WAN), local area networks (LAN) and the internet. This digital data may represent digitized audio or video signals, or increasingly, sensitive financial information such as credit card details, banking information and the like.
Referring to FIG. 1 herein, there is illustrated schematically two such computing entities 100 and 101 configurable to exchange data across a communications network 102.
With the development of technologies such as the world wide web (WWW) there has been a rapid increase in the use of networks of computing entities to exchange sensitive information carried as data across the networks. As the amount of sensitive data being transferred across networks has increased there has been increasing pressure to develop and improve the security of transferred data. It is known to improve the security of data transfer between digital computers by encrypting the data using one or a plurality of standard encryption algorithms and transmitting the encrypted data across a network where it may be decrypted and subsequently processed only by those recipients for whom the encrypted data is intended.
Referring to FIG. 2 herein, there is illustrated schematically a conventional system for encrypting user data and transferring the encrypted data across a network for subsequent decryption. A first digital computer 200 is represented schematically to include the following sub-components:                A kernel/operating system (OS) 201 which occupies a logical location or plurality of logical locations within an electronic memory of the first digital computer 200;        A plurality of user applications 202–204 which are stored within a second memory area which is logically distinct from the memory locations storing the operating system, the second memory area also known herein as “user memory”; and        A network interface card 205 which is configurable to convert digital data into a form suitable for physical transmission across a network 250.        
The kernel/operating system comprises a network protocol stack. The network protocol stack may be considered as a series of functional layers within the operating system which are configured to convert data received from, for example, processes operating in user memory, and to convert this data into a form suitable for passing to a network interface card for subsequent transmission to a remote computer. As described herein, a protocol is a pre-determined set of procedures used for exchanging information between computing entities for example such as digital computers 200 and 210 in FIG. 2. A protocol may be the subject of an international standard or a de facto standard Data which is to be transferred across the network 250 from first computer 200 to a second computer 210 is passed down the protocol stack. For example, the data may pass through a known transmission control protocol (TCP) or user datagram protocol (UDP) layer 206 down through an internet protocol layer (IP) 207, and ultimately via a physical layer to the network interface card 205.
A conventional network protocol stack may include the following layers:                TCP/UDP        Internet protocol (IP) layer        Physical layer.        
The requirement to develop secure means of transmitting information between computing entities has previously been addressed by the insertion of an extra functional encryption layer within the network protocol stack. As illustrated in FIG. 2 herein, an additional encryption layer 208 encrypts data to be sent from a computer or decrypts encrypted data sent from a remote device. This encryption layer 208 is known conventionally as an Internet Protocol Security (IPSec) layer. In order to provide secure transmission of data between entities across a network each internet protocol security layer must have access to at least one data base of private key information. Networks between computing entities which are secured by the transmission of encrypted data are known in the prior art as virtual private networks (VPN). Conventional virtual private networks incorporating an internet protocol security layer and an associated private key data base into the network protocol stack as illustrated in FIG. 2 herein are also known as “bump in the stack” (BITS) systems. The internet protocol security layer 208 accesses a first data base of private key information 209 to encrypt or decrypt data. The private key database 209 contains a same private key data as second private key data base 219 which is associated with a remote second computer 210 which is itself configured to exchange encrypted data with first computer 200 and has a corresponding protocol stack to the protocol stack of the first computer 200. The second computer comprises a kernel/operating system 211, a plurality of applications 212, 213 and a network interface card 215 and has an internet protocol security layer 218. Typically, encryption and decryption of user data may be carried out using a standard cipher such as the prior art Data Encryption Standard (DES).
Referring to FIG. 3 herein there is illustrated schematically a conventional unencrypted data packet 300 with an IP header 301 as transmitted across a conventional network. An unencrypted data packet is also known herein as a “clear” data packet. There is also illustrated schematically an encrypted data packet 302 having both an IP header 303 and an internet protocol security header 304. Data encryption is carried out by internet protocol security layer 208 which also appends the internet protocol security header data 304 to the encrypted data 305.
Referring to FIG. 4 herein, there is illustrated schematically a conventional encryption system incorporating an internet protocol security layer 400 and associated keying data stored in a key database 401. Inserted into a network protocol stack resident within a kernel/operating system, is an Internet Key Exchange protocol 402 which is designed for negotiating the exchange of keying material, such as contained within key data base 401, between computer entities which wish to exchange data encrypted using the internet protocol security stack 400. In a conventional virtual private network the internet key exchange protocol resides within a region of user memory, outside of the kernel/operating system.
However, there are significant problems introduced in the prior art when the internet protocol security stack is located within the kernel/operating system. Locating the internet protocol security stack within the network protocol stack necessitates that, in a conventional operating system, the internet protocol security stack must operate in supervisory mode. In the event of a fault occurring during an encryption or decryption operation then the entire operating system may be affected. Malfunctioning of the internet protocol security stack may arise from the internet protocol security stack receiving incorrectly formatted data packets for example as a result of a deliberate attack by an individual wishing to cause damage to the system. The consequences of receiving an incorrectly formatted data packet are that it may result in a buffer memory overflow or in the overwriting of memory locations reserved for the operating system. This can result in causing the kernel/operating system to crash which consequently causes remaining systems, which depend upon the kernel/operating system, to crash.
Additionally, conventional operating systems are single threaded and non-reentrant and hence are not designed to run on multiple processors. The encryption or decryption of a plurality of data packets can occupy a substantial fraction of total processor resources available to an operating system with the result of a reduction in the fraction of processing resources available to user processes, which thereby affects overall system performance.
It is important to develop more fault tolerant encryption and decryption of user data for transfer across virtual private networks in order to improve the resistance to malicious attack and operating efficiency of networked computers.