In FIG. 1 is shown a small portion of a computer network 100 in which data packets are transmitted from host computers 102, 104 and 106, through switches 110 and 112 to host computer 114. For the purposes of this discussion, it can be assumed that the host computers are multi-user or multitasking computers with operating systems that support multiple user address spaces.
The receiving host computer 114 has a network controller 116 for receiving data packets, which decrypts and error checks those data packets. The network controller 116 delivers each received, decrypted data packet to one of several buffers queues 118-1 to 118-N in the receiving host computer's memory in accordance with a BQI (buffer queue index) value found in the data packet's header. Each buffer queue 118 is associated with a different user address, and the delivery mechanism used by the network controller 116 is preferably a DMA (direct memory access) transfer.
As shown in FIG. 2, each data packet 130 transmitted through the network has a packet header 132 and a packet body 134. Information typically found in the packet header 132 includes a network destination address 136 that indicates where the packet is being sent, source identification data 138 that indicates where the data packet 130 originated, a packet type value 140, an offset value 142 indicating the position of the boundary between the encrypted portion 143 of the data packet and the unencrypted portion of the data packet 130, and a buffer queue index (BQI) value 144. The BQI value 144 in each packet header specifies which of the buffer queues 118 in the destination host computer the data packet should be sent to. In one of the two preferred embodiments, the data packet header 132 also includes an encrypted key value 146, the origin and purpose of which will be described below.
Data packets are usually encrypted using a private key encryption methodology, such as DES CBC. Furthermore, to ensure data integrity, a CRC error detection code 148 is included in each packet, usually at the end of the data packet, for detecting corrupted packets as well as for detecting packets that may have been tampered with in an attempt to break the system's security provisions. Therefore each packet received by the network controller 116 must be decrypted and error checked by a CRC (cyclic redundancy check) circuit before it can be used by the host computer 114.
The problem addressed by the present invention is as follows. When an encrypted packet arrives at a network controller 116, it is useful to use "cut through" packet processing, which means that the controller 116 begins storing the beginning of the data packet in the host computer's memory at specified buffer location in a user address space before the end of the data packet has been received. Since the CRC check on the packet cannot completed before the end of the data packet has been received, this means that cut-through packet processing results in at least a portion of the data packet being delivered into a user's address space before the CRC check can determine whether or not the packet has been tampered with or otherwise corrupted. On the other hand, it is unacceptable to deliver a decrypted data packet to the wrong buffer queue 118 in the host computer, because that might disclose confidential information to a user not authorized to access that information. In other words, it is important for security reasons that a data packet not be delivered to the wrong address if it is correctly decrypted.
If the network controller 116 could CRC check the entire data packet before delivery of the data packet to a user's address space, the problem presented above would not exist, but the advantages of cut-through packet processing would be lost.
Referring to FIG. 1, if an interloper 150 compromises the security of the computer network using a mechanism 152 that replaces the original BQI value 144 in a data packet with a different BQI value, the network controller 116 at the destination host computer 114 will deliver the data packet to the wrong buffer queue in the host computer. Data packets can also be misdirected if the BQI value 114 in the data packet is corrupted by noise during transmission.
In many computer systems, all data packets transmitted between two host computers are encrypted using a single "host-to-host" key that has been agreed upon by the two host computers. Since exchanging and managing keys is typically a resource intensive process, using only one key exchange for each pair of hosts is efficient.
Using the DES CBC (cipher-block-chaining) encryption scheme, which is well known to those in the field, partial replacement of an encrypted packet with new data will not cause the packet decryption process to fail. In other words, portions of the packet will still be decrypted correctly. Clearly, in the context of the interloper scenario shown in FIG. 1 this is not an acceptable result, because the interloper will be able not only to have the packet rerouted to the wrong buffer queue, but the rerouted packet will be correctly decrypted, at least in part, giving the wrong user on the host computer 114 access to potentially confidential information.
The goal of the present invention is to prevent misdelivered data packets, or data packets with destination buffer values that have been modified after initial transmission of the data packet, from being successfully decrypted. Delivery of unintelligible "garbage" data packets, such as data packets "decrypted" using the wrong decryption key, does not constitute a security breach.