Lead Inventor:
Angelos Keromytis, Ph.D.
Problem or Unmet Need:
IPsec provides a mechanism to establish a secure end-to-end channel between communicating parties. In an organization, such a secure channel can be directly established between two communicating hosts. However, a system administrator may be required by law or policy to log all the information between two users. A solution is to terminate the IP-sec tunnel at the network perimeter of the organization. This poses the problem that router configuration may be necessary. Additionally, when using next version of IP protocol, i.e., IPv6, a transparent IPsec device is needed.
Network security uses encryption unit as repeater-encryption module:
This technology is a Layer-2 IPsec encryption unit: it does not encrypt control packets used for routing, address resolution and resource reservation. This functions as a ""repeater-encryption"" module similar to IPsec bump-in-the-wire mode.
Applications:
• Securing next generation IPv6 networks
• Installation and upgrade in a transparent manner. No changes necessary to the existing router configuration or nodes.
Advantages:
• Seamless integration within existing infrastructure
• No change necessary to the router or host configurations
Patent Status: Copyright
Publications:
Nagashima N., Keromytis A., A repeater encryption unit for IPv4 and IPv6 (2005), Networks'2005.
Licensing Status: Available for Licensing and Sponsored Research Support