PatentsDB

Decrypted packet padding removal

US11444789B2 · US · B2

Patent metadata
FieldValue
Publication numberUS-11444789-B2
Application numberUS-201916591348-A
CountryUS
Kind codeB2
Filing dateOct 2, 2019
Priority dateApr 4, 2017
Publication dateSep 13, 2022
Grant dateSep 13, 2022

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

  1. Title

    What the patent document calls the invention.

  2. Abstract

    A short plain-language summary of the technical disclosure.

  3. Assignees and inventors

    Who owns or filed the patent and who is credited as inventor.

  4. Key dates

    Filing, priority, publication, and grant dates set the timeline.

  5. First independent claim

    The legal scope of protection — read this for what is actually claimed.

  6. CPC / IPC classifications

    Technology tags used to group this patent with similar filings.

  7. Citations and related patents

    Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

In order to improve the efficiency of transfer to outside devices while necessary buffer memory is suppressed, the present invention is an information processing apparatus for decoding a packet that is encrypted in accordance with Transport Layer Security (TLS) protocols and in which a padding portion has a variable length, the information processing apparatus including acquisition means for acquiring an encrypted packet on a unit data basis, decoding means for decoding the encrypted packet on the unit data basis, output means for outputting decoded data obtained through the decoding performed by the decoding means to an external device in accordance with an order in which the decoding is performed by the decoding means, and control means for restricting output to be performed by the output means in a case where a padding pattern is detected from the decoded data obtained through the decoding performed by the decoding means.

First claim

Opening claim text (preview).

The invention claimed is: 1. An information processing apparatus for decoding a packet that is encrypted in accordance with Transport Layer Security (TLS) protocols and in which a padding portion has a variable length, the information processing apparatus comprising: at least one circuit configured to function as: an acquisition unit configured to acquire an encrypted packet on a unit data basis; a decoding unit configured to decode the encrypted packet on the unit data basis; an output unit configured to output decoded data obtained through the decoding performed by the decoding unit to an external device in accordance with an order in which the decoding is performed by the decoding unit; and a restricting unit configured to restrict output to be performed by the output unit in a case where a padding pattern is detected from the decoded data obtained through the decoding performed by the decoding unit, and to keep restricting the output to be performed by the output unit until a pattern different from the padding pattern is detected from the decoded data obtained through the decoding performed by the decoding unit. 2. The information processing apparatus according to claim 1 , wherein the restricting unit includes a transfer unit for acquiring the decoded data obtained through the decoding performed by the decoding unit and transferring the acquired decoded data obtained through the decoding performed by the decoding unit to the output unit, and restricts, in a case where the decoded data obtained through the decoding performed by the decoding unit contains the padding pattern, the output to be performed by the output unit by restricting transfer to be performed by the transfer unit. 3. The information processing apparatus according to claim 2 , wherein the restricting unit allows the transfer unit to perform the transfer in a case where the padding pattern is detected from the decoded data obtained through the decoding performed by the decoding unit and where, after the padding pattern, a pattern different from the padding pattern is detected from the decoded data obtained through the decoding performed by the decoding unit. 4. The information processing apparatus according to claim 2 , wherein the restricting unit does not perform transfer using the transfer unit in a case where the padding pattern is detected from the decoded data obtained through the decoding performed by the decoding unit and where a size of a padding pattern contained after the padding pattern is greater than a threshold. 5. The information processing apparatus according to claim 1 , wherein the padding pattern is formed by repeating a value of zero. 6. The information processing apparatus according to claim 5 , wherein the padding pattern is a pattern subsequent to a value indicating a type of the packet. 7. The information processing apparatus according to claim 1 , wherein the padding pattern is a padding pattern defined in accordance with protocols. 8. The information processing apparatus according to claim 7 , wherein the padding pattern is a padding pattern defined in accordance with TLS protocols. 9. The information processing apparatus according to claim 1 , wherein the padding pattern is formed by repeating a fixed value a predetermined number of times. 10. The information processing apparatus according to claim 1 , wherein the encrypted packet is a portion of image pickup data generated by an image capturing device. 11. An information processing method for decoding a packet that is encrypted in accordance with Transport Layer Security (TLS) protocols and in which a padding portion has a variable length, the information processing method comprising: acquiring, by an acquisition unit, an encrypted packet on a unit data basis; decoding, by a decoding unit, the encrypted packet on the unit data basis; outputting, by an output unit, decoded data obtained through the decoding performed by the decoding unit to an external device in accordance with an order in which the decoding is performed by the decoding unit; and restricting, by a restricting unit, output to be performed by the output unit in a case where a padding pattern is detected from the decoded data obtained through the decoding performed by the decoding unit and keep restricting the output to be performed by the output unit until a pattern different from the padding pattern is detected from the decoded data obtained through the decoding performed by the decoding unit. 12. The information processing method according to claim 11 , wherein the restricting includes transferring, by a transfer unit, in which the decoded data obtained through the decoding performed in the decoding is acquired and the acquired decoded data obtained through the decoding performed in the decoding is transferred to the output unit, and in a case where the decoded data obtained through the decoding performed in the decoding unit contains the padding pattern, the output to be performed by the output unit is restricted by restricting transfer to be performed in the transferring. 13. The information processing method according to claim 12 , wherein in the restricting, the transfer in the transferring is allowed in a case where the padding pattern is detected from the decoded data obtained through the decoding performed in the decoding and where, after the padding pattern, a pattern different from the padding pattern is detected from the decoded data obtained through the decoding performed in the decoding step. 14. The information processing method according to claim 12 , wherein in the restricting, the transfer in the transferring is not performed in a case where the padding pattern is detected from the decoded data obtained through the decoding performed in the decoding and where a size of a padding pattern contained after the padding pattern is greater than a threshold. 15. The information processing method according to claim 11 , wherein the padding pattern is formed by repeating a value of zero. 16. The information processing method according to claim 15 , wherein the padding pattern is a pattern subsequent to a value indicating a type of the packet. 17. The information processing method according to claim 11 , wherein the padding pattern is a padding pattern defined in accordance with protocols. 18. The information processing method according to claim 17 , wherein the padding pattern is a padding pattern defined in accordance with TLS protocols. 19. The information processing method according to claim 11 , wherein the padding pattern is formed by repeating a fixed value. 20. A non-transitory storage medium storing a program causing an information processing apparatus for decoding a packet that is encrypted in accordance with Transport Layer Security (TLS) protocols and in which a padding portion has a variable length to execute an information processing method, the information processing method comprising: acquiring, by an acquisition unit, an encrypted packet on a unit data basis; decoding, by a decoding unit, the encrypted packet on the unit data basis; outputting, by an output unit, decoded data obtained through the decoding performed by the decoding unit to an external device in accordance with an order in which the decoding is performed by the decoding unit; and restricting, by a restricting unit, output to be performed by the output unit in a case where a padding pattern is detected from the decoded data obtained through the decoding performed by the decoding unit and keep restricting the o

Assignees

Inventors

Classifications

  • H04L63/166Primary

    at the transport layer · CPC title

  • H04L9/3242

    involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC · CPC title

  • H04L9/36Primary

    with means for detecting characters not meant for transmission · CPC title

  • H04L2209/34

    Encoding or coding, e.g. Huffman coding or error correction · CPC title

  • H04L63/0485

    Networking architectures for enhanced packet encryption processing, e.g. offloading of IPsec packet processing or efficient security association look-up · CPC title

Patent family

Related publications grouped by family.

View patent family 63712205

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11444789B2 cover?
In order to improve the efficiency of transfer to outside devices while necessary buffer memory is suppressed, the present invention is an information processing apparatus for decoding a packet that is encrypted in accordance with Transport Layer Security (TLS) protocols and in which a padding portion has a variable length, the information processing apparatus including acquisition means for ac…
Who is the assignee on this patent?
Canon Kk
What technology area does this patent fall under?
Primary CPC classification H04L63/166. Mapped technology areas include Electricity.
When was this patent published?
Publication date Tue Sep 13 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?
We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).