1. Field of the Invention
The present invention relates to an information processing apparatus, which is connected to a network and can execute encrypted communication with an external device on the network.
2. Description of the Related Art
An information processing system with a power saving mode for suppressing power consumption, when the information processing system in a standby state, has been known. As one example of such the information processing system, there is a communication configured by an information processing apparatus on the main body side including a main central processing unit (CPU) and a network interface card (NIC) apparatus including a sub CPU.
In such the communication system, generally, the information processing apparatus on the main body side is shifted to a power saving mode, and each module on the NIC apparatus side, which is small in electric power consumption, stands by with normal electric power being supplied.
Further, in Japanese Patent Application Laid-Open No. 2006-259906, it is discussed that when the information processing apparatus is shifted to the power saving mode and electric power supply to the main CPU is stopped, the main CPU informs the sub CPU of the address of a multicast packet to be responded thereto.
This allows the sub CPU to respond instead of the main CPU when the multicast packet is received while the electric power supply to the main CPU stopped. Thus, it is not necessary to start the main CPU. In other words, this allows the electric power stop to the main CPU to be continued for a longer period of time. Thus, an electric power saving effect is enhanced.
Recently, in order to protect confidential information, as a technique for communicating with a network path encrypted, internet protocol security (IPSec), secure socket layer (SSL) or the like has been known. If these techniques are used, the confidential information can be transmitted and received via a network with data encrypted. Thus, leakage of information can be protected.
As described above, when the information processing apparatus on the main body side is shifted to the power saving mode, information about a packet to be responded thereto is registered with the NIC apparatus. Thus, the NIC apparatus can execute a response for a received packet instead of the information processing apparatus on the main body side. However, when the NIC apparatus responds as proxy of the information processing apparatus on the main body, if the packet to be transmitted via a network is encrypted, a response by the NIC apparatus may not successfully be executed in some cases.
More specifically, when the NIC apparatus responds instead of the information processing apparatus on the main body, a pattern of a packet to which the NIC apparatus is to respond and a packet to be transmitted as a response to a packet that matches the pattern are registered. Then, the NIC apparatus having received a packet that matches the registered pattern will transmit a packet corresponding to the pattern.
At this time, if a packet received by the NIC apparatus is encrypted, although the content of its packet matches the registered pattern, when a packer that remains encrypted and the registered pattern are compared, it is determined that these are not matched.
In this case, the information processing apparatus is to be returned on the main body from the power saving mode and transfer the packet received by the NIC apparatus to the information processing apparatus on the main body. Accordingly, the number of times in which the information processing apparatus on the main body is returned to the normal power mode is increased and an electric power saving effect is reduced.
Further, it is also considered that the NIC apparatus is provided with a configuration for executing encryption/decryption processing similar to the information processing apparatus on the main body. However, the hardware configuration of the NIC apparatus (processing capability of CPU and memory capacity) is usually more insufficient than that of the information processing apparatus on the main body. Thus, for example, when a plurality of algorithms for executing encrypted communication are present, it may be difficult to also provide the NIC apparatus with all of the plurality of algorithms to be included in the information processing apparatus on the main body.
Accordingly, when a session for encrypted communication using a specific algorithm between the information processing apparatus on the main body and an external device on a network is established, if the information processing apparatus on the main body is shifted to the power saving mode, a similar situation may arise. In other words, if the NIC apparatus does not include the above-described specific algorithm, a packet received by the NIC apparatus cannot be decrypted. Thus, pattern matching in the NIC apparatus is not successfully executed.