Cryptography – Video cryptography – Video electric signal modification
Reexamination Certificate
1997-12-23
2002-04-16
Barron, Jr., Gilberto (Department: 2132)
Cryptography
Video cryptography
Video electric signal modification
Reexamination Certificate
active
06373946
ABSTRACT:
FIELD OF THE INVENTION
This invention relates to a method and apparatus for providing secure communication through a communications network.
BACKGROUND
Digital mobile voice communications systems are well known and one example is the GSM terrestrial cellular system. Others are the Inmarsat-M satellite telephone system, the IRIDIUM™ satellite cellular system described in, for example, EP-A-0365885, the ICO™ satellite cellular system described in, for example, GB-A-2295296 or the ODYSSEY™ satellite cellular system described in, for example EP-A-0510789. Since such systems operate over a wireless link, there is a risk of interception of calls by unauthorised persons.
The GSM system includes an optional encryption scheme described in, for example, “Security aspects and the implementation in the GSM-system”; Peter C. J. van der Arend, paper 4a, Conference Proceedings of the Digital Cellular Radio Conference (DCRC), Oct. 12th-14th, 1988, published by Deutsche Bundespost, France Telecom and Fernuniversitate. Greater detail is given in the following GSM recommendations: GSM 02.09 “Security Aspects”; GSM03.20 “Security Related Algorithms”. In this scheme, a database known as the Authentication Centre (AuC) holds an individual encryption key number (K
i
) for each subscriber to the authentication service, which is also stored on a chip known as the Subscriber Information Module (SIM) held in the subscriber's mobile terminal. The subscriber has no access to the data stored in the SIM and cannot read the key.
Where a secure session is requested, a random number (RAND) is generated by the AuC and used, together with the customer's key (K
i
), to calculate a ciphering key (K
c
) used during the session for ciphering and deciphering messages to/from the subscriber. The random number is sent from the AuC to the subscriber's mobile terminal via the Base Transceiver Station (BTS). The mobile terminal passes the random number to the SIM, which calculates the ciphering key K
C
using an algorithm termed A5, from the received random number and the stored key (K
i
). Thus, the random number is sent over the air, but not the customer's key K
i
or the ciphering key K
c
.
The random number and the ciphering key K
c
are fed to the Home Location Register (HLR) database of the GSM network, which stores details for the subscriber concerned, and are also sent to the Visiting Location Register (VLR) for the area where the user terminal is currently located, and are supplied to the BTS via which the mobile is communicating to the network.
The ciphering key K
c
is used, together with the current TDMA frame number,to implement the A5 ciphering algorithm in both the mobile terminal and the BTS so that data transmitted over the air interface between the mobile terminal and the BTS is encrypted. Thus, the individual user key K
i
is stored only at the authentication centre and the SIM, where the ciphering key K
c
is calculated and forwarded to the BTS and the mobile terminal.
Whilst this scheme is adequate in many respects, it fails to provide complete security since it offers protection only over the air transmission path. Thus, it is possible for illicit access to be obtained by tampering with the fixed part of the network.
Accordingly, end-to-end encryption schemes have been proposed. Because the encryption runs from one user terminal to the other, across the whole communications path and not just the air path, improved privacy is obtained.
The basic problem in offering end-to-end encipherment of communications over a network is in providing each of the two users with the same, or each other's, secret key. In some applications, a group of terminals (for example all owned by a single body) may all have access to the same key. Whilst this provides privacy against personnel from outside the group, it is an incomplete solution since it does not provide privacy for communication between two terminals within the group and a third within the group.
It is possible to employ public key encryption systems, in which each terminal has a secret decryption key and a non-secret encryption key, so that any other party can use the encryption key to encrypt data but only the recipient can decrypt data which has been encrypted using the public encryption key.
A communication system could be envisaged in which every user is provided with such a pair of keys, and in setting up a communication between a pair of users each sends the other its encryption key whilst keeping its decryption key secret. However, there is widespread public concern that the use of such techniques on a telecommunications network would allow criminals or terrorists to communicate using completely secure communications, free from any possibility of supervision.
It has been proposed to hold the keys in a remote “trusted third party” database. An example of such an arrangement is described in “Security measures in communication networks”, K. Presttun, Electrical Communication, 1986, Vol 60, No. 1 pp 63-70. The keys for two users (user A and user B) are distributed from a remote key distribution centre as a common, masked message, which is firstly sent to user A, where the key for user A is stripped out, and then from user A to user B, to provide the key to user B.
In our GB 96 11411.1 (and corresponding U.S. Ser. No. 08/866 912) there is described an end-to-end encryption and decryption scheme in which the terminal keys that are stored in the terminals, are held additionally in a remote “trusted third party” database. In order to set up an encrypted transmission between a first and a second terminal, each of them is provided from the remote location with a partial key which contains masked data concerning the key of the other terminal, derived from the stored data in the database. As a result, both terminals can be provided with data that in combination with their own key stored at the terminal, enables them each to set up a common secret code which can be used for end to end encryption and decryption through the network.
A difficulty with the prior references “trust third party” databases arises when it is desired to set up secure conference calls between three or more terminals. Each terminal needs to be provided with masked data concerning all the keys of the other terminals participating in the conference call so that they can each establish a common code, with the result that the partial keys and the final encryption code become long and cumbersome in dependence upon the number of participants. Also the risk of the code being ascertained by eavesdropping, from the long partial keys, is increased.
SUMMARY OF THE INVENTION
The present invention provides a solution to these problems. The invention provides a method of distributing through a communications network, enciphering key data to be used in encrypting and decrypting data at first and second terminals so as to provide secure data transmission between the terminals through the network, the terminals each storing corresponding first and second terminal keys, the method comprising: storing the first and second keys remotely of the terminals; generating at a location remote from both of the terminals, first and second separate partial keys each as a masked function of a common number and a corresponding one of said separately stored keys; dispatching the first partial key separately towards the first terminal; and separately dispatching the second partial key separately towards the second terminal.
The invention also provides a method of setting up a first terminal that stores an individual terminal key, to encrypt data to be transmitted according to a secure encryption code through a communications network to a second terminal where the data is to be decrypted, comprising receiving at the first terminal a partial key dispatched thereto through the network from a remote location, the partial key being a masked function of the individual terminal key and a number for determining the encryption code, and comparing at the terminal the received partial key and the stored key so as
Barron Jr. Gilberto
ICO Services Ltd.
Nixon & Vanderhye P.C.
LandOfFree
Communication security does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Communication security, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Communication security will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2905572