| 摘要 |
<p>Computer networks are present everywhere now a day. A major hardware component of these networks is router. A router helps in finding the path to destination. It does so by checking packet headers which contain Internet protocol (IP) address of the destination. In some networks such as mobile adhoc networks, Wireless Mesh networks etc the node itself can act as a router as well making the transient packets in the network more vulnerable to snooping. In such networks, source and destination privacy becomes a major concern. More over when data is transported over internet, the router can see the source and destination leading to privacy violations. The major reason of privacy violation, whether over internet or adhoc networks, is presence of source and destination IP addresses in packet header. In present techniques data present in the packet can be encrypted but the headers cannot be encrypted as headers are needed by router to perform routing. If headers are encrypted to perform routing, router needs encryption keys which again is not a secure technique. The claimed method removes need of such unencrypted headers. Instead a code is moved to the router called agent, which handles the encrypted packets as well as knows the destination of the packet. This Agent can be trusted with encryption keys by which packets are encrypted. These keys are meant for the destination agent. The destination agent decrypts the packets with the key and forwards the packets to the above networking layers. As a result, not only a secure channel is created between source and destination of traffic but a secure routing is performed at router as well revealing nothing about the source and destination to the intermediate devices.</p> |
