公开(公告)号：US20220201020A1

公开(公告)日：2022-06-23

申请号：US17694230

申请日：2022-03-14

Applicant: Intel Corporation

Inventor： Ravikumar AIMANGALA NAGARAJA SETTY ,  Rajakumar CHIDAMBARAM ,  Balaji CHINTALAPALLE ,  Deepak KHANDELWAL ,  Joy DEVASSYKUTTY PULLOKARAN ,  Joseph Maria Jaison VINCENT SOLOMON

IPC: H04L9/40

Abstract: Methods and apparatus for dynamic adaption of anti-replay window (ARW) management with enhanced security. According to aspects of the method, pre-ARW block employing a pre-ARW sliding window and an ARW block employing an ARW sliding window are maintained for an associated IPsec security association (SA). A determination is made to whether a received packet passes a pre-ARW check using the pre-ARW sliding window. When it does, the pre-ARW sliding window is advanced, encrypted content in the packet is decrypted, and processing is forwarded to the ARW block which performs an ARW check and advances the ARW sliding window when the ARW check is passed. Packets that do not pass the pre-ARW check may be buffered in queues and subsequently rechecked against the ARW sliding window. Under solutions provided herein, ARW checks and updates are decoupled from the decryption processes, enabling decryption to be performed in parallel and/or offloaded to a hardware accelerator.