Method and apparatus for securely conveying network control data across

Abstract

Disclosed is a method and apparatus for securely conveying network control data across a cryptographic boundary (12). A plain text (PT) processor (32) located on a plain text side (14) of the cryptographic boundary (12) transfers unencrypted data packets to and from plain text devices on the plain text side (14). A crypto processor (34) encrypts the unencrypted data packets from the PT processor (32). A cipher text (CT) processor (20) transfers encrypted data packets from the crypto processor (34) to network devices located on a cipher text side (16) of the cryptographic boundary (12). The CT processor (20) transfers the encrypted data packets to the appropriate destination address by reading the destination address from an isolated RAM (22) containing a mapping table (26) which is automatically constructed upon initialization by the CT processor (20). The mapping table (26) identifies the destination addresses and other network control data for active network devices on the cipher text side (16) of the cryptographic boundary (12). The PT processor (32) contains an identical copy of the mapping table (26) and determines a pointer corresponding to the location of the destination address and other network control data in the mapping table (26). The CT processor (20) utilizes this pointer to read the destination address and network control data from the mapping table (26) located in the isolated RAM (22).