In recent years, as a technique related to information security, a communication technique by which encrypted information is transmitted and received between a transmission origin communication apparatus (hereinafter, a “transmission origin apparatus”) that transmits information and a transmission destination communication apparatus (hereinafter, a “transmission destination apparatus”) that receives the information has been implemented. As examples of such a technique used for performing communication by encrypting information, communication techniques that use Security Architecture for Internet Protocol (IPsec) are known (see, for example, Japanese Laid-open Patent Publication No. 2006-311164).
In the following sections, a specific process that is performed by a transmission origin apparatus will be explained. Before obtaining user data, which is information to be transmitted, the transmission origin apparatus performs a call setting process to set a processing path within the apparatus. After having established a call setting, the transmission origin apparatus obtains the user data, encrypts the obtained user data, and transmits the encrypted user data to a transmission destination apparatus, as illustrated in FIG. 11.
In this situation, in the case where a security association (SA) has been established between the transmission origin apparatus and the transmission destination apparatus, the transmission origin apparatus encrypts the user data by using the SA that has been established with the transmission destination apparatus. The SA is information related to an encryption key used for encrypting information to be exchanged with the transmission destination apparatus.
In contrast, in the case where, as illustrated in FIG. 12, no SA has been established with the transmission destination apparatus, the transmission origin apparatus temporarily stores the obtained user data and establishes an SA by exchanging a key with the transmission destination apparatus. After that, when the SA has been established with the transmission destination apparatus, the transmission origin apparatus encrypts the temporarily-stored user data by using the SA. The transmission origin apparatus then transmits the encrypted user data to the transmission destination apparatus.
In this situation, when changing the transmission destination apparatus to another communication apparatus, the transmission origin apparatus establishes an SA also with the communication apparatus serving as the new transmission destination. It means that the transmission origin apparatus needs to temporarily store the information to be transmitted and establishes the new SA when changing the transmission destination apparatus to the new communication apparatus.
According to the technique by which an SA is established after a call setting process has been performed, however, in the case where no SA has been established with the transmission destination apparatus, the SA establishing process is started when being triggered by obtainment of the user data. For this reason, when no SA has been established, the user data is temporarily stored and it is therefore not possible to encrypt and transmit the user data until an SA is established. Thus, the user data transmitting process is suspended. It means that, when no SA has been established, the transmission origin apparatus suspends the user data until the SA has been established. As a result, a problem arises where it is not possible to maintain real-time characteristics.
For example, according to the technique described above by which an SA is established after a call setting process has been performed, in the case where encrypted communication is performed with information that requires real-time characteristics in, for example, communication using a video conference system or a video phone or communication to distribute live pictures, it is necessary to temporarily store the information until the SA is established. As a result, according to the technique by which an SA is established after a call setting process has been performed, the flow of the information is suspended when the SA has not yet been established. Thus, the problem arises where it is not possible to maintain the real-time characteristics.
Also, when changing the transmission destination apparatus to another communication apparatus, the transmission origin apparatus needs to newly establish an SA and suspends the user data until the SA is established. As a result, the problem arises where it is not possible to maintain the real-time characteristics.