1. Field of the Invention
The present invention relates to a method for establishing secure communications via an interconnected computer network and, more particularly, to a method for establishing a security association between computers that are communicating, or desire to communicate, via the interconnected computer network.
2. Description of Related Art
Data that is transferred over an interconnected computer network, such as the Internet, is susceptible to various forms of attack. These attacks may result in such things as loss of privacy, loss of data integrity, identity theft, denial of service, or any combination of these attacks. The ever-expanding popularity of the Internet for secure communications, e-commerce, and various other transactions, has led to the need to ensure communications over non-secure interconnected computer networks like the Internet are secure from such attacks.
In order to address the above-mentioned concerns, the so-called “Internet Engineering Task Force” (IETF) developed a framework of open standards for ensuring the confidentiality, integrity, and authenticity of private communications over the Internet. This standards framework is known in the art as the Internet Security Protocol, or “IPSec.” IPSec provides security services at the IP layer of a system, and allows a system to select required security protocols, determine the algorithm(s) used to secure data, and implement any cryptographic keys required to provide the security services. Because these security services are implemented within the IP layer, the IPSec services may be used by any higher layer protocol, such as TCP (Transmission Control Protocol), UDP (User Datagram Protocol), ICMP (Internet Control Message Protocol), BGP (Border Gateway Protocol), or various other protocols known in the art. IPSec can be used to establish one or more secure communication channels between host computers, between security gateways, such as a router or firewall, or between hosts and security gateways.
As is known, IP data traverses an interconnected computer network as discrete data packets, colloquially referred to as IP datagrams. IPSec provides a new set of IPSec headers that are added to IP datagrams. The new IPSec headers, among other things, provide information regarding the security protocols that are used to secure the IP datagram payload as it traverses an interconnected computer network. These security protocols are known as the Authentication Header (AH) and Encapsulating Security Payload (ESP). The AH security protocol provides connectionless integrity, data origin authentication, and an optional anti-replay service, and is generally represented using protocol number 51. The ESP security protocol provides confidentiality, integrity, data origin authentication, and anti-replay services, and is generally represented using protocol number 50. The AH and ESP protocols can be used independently or in combination with each other to provide a desired set of security services.
Fundamental to the use and understanding of IPSec is the Security Association (SA). In general, an SA is a relationship between two or more devices that describe how the devices will use IPSec's security services to securely communicate with each other. An SA is unidirectional. Hence, to secure bi-directional communication channels between two nodes in an interconnected computer network, two SAs are required, one for each direction. These individual secure communication channels are generally referred to as an “inbound tunnel” and an “outbound tunnel,” where one device's inbound tunnel is the other device's outbound tunnel, and vice-versa.
An SA is uniquely identified by a “triple” that consists of predetermined data fields. Specifically, the triple consists of an IP Destination Address, an IPSec security protocol, and a Security Parameter Index (SPI). The IP Destination Address data field, as it connotes, specifies the IP address of the intended recipient. The IPSec security protocol data field specifies the security protocol that the devices have agreed upon implementing (e.g., AH=51, or ESP=50). The SPI is a randomly generated 32-bit value that distinguishes among different Security Associations established at the same destination address and using the same IPSec security protocol.
Each device that is intercommunicating over the non-secure network specifies the SPI value that the other devices should use when communicating to it over its inbound tunnel. For example, when two devices are establishing an SA, the first device will request an SPI value from the second device. The second device will then provide the first device with an SPI value. Thereafter, the first device will include the SPI value in the IPSec header when transmitting secure data over the first device's outbound tunnel, which is also the second device's inbound tunnel. As is known, an SA can be established either manually or automatically; however, in most instances an SA is established automatically using the Internet Key Exchange (IKE) processing software.
All active SAs of a device are stored within a centralized database, known as a Security Association Database (SAD). Thus, each active SA, both inbound and outbound, has an entry in the SAD. When one device sends an IP packet that requires IPSec protection, the device receiving the protected IP datagram will look to various portions of the datagram and determine the destination address, security protocol, and SPI value. These three values are used to create a hash key, the result of which is used to hash into the SAD. Thereafter, a linear search is conducted in the SAD until a match is found.
IPSec data transmission and processing is targeting higher and higher data rates. For example, data rates on the order of OC-24, OC-48, OC-192, and even higher, are being implemented and/or targeted. The present known methods of establishing and determining SAs for inbound IPSec traffic, especially at these higher data rates, becomes less and less efficient, due to the calculational overhead. Hence, there is a need in the art for a method of efficiently establishing and determining inbound SAs, that does not require the calculational overhead, and thus processing time, associated with present methods.