Cryptography – Cellular telephone cryptographic authentication
Reexamination Certificate
1999-06-23
2001-08-21
Cangialosi, Salvatore (Department: 2661)
Cryptography
Cellular telephone cryptographic authentication
C380S250000
Reexamination Certificate
active
06278781
ABSTRACT:
TECHNICAL FIELD
The present invention relates to wireless communication systems, such as cellular systems and PCS systems, and more particularly relates to methods and systems for reducing theft of wireless telephony services by use of steganographically encoded authentication data.
BACKGROUND AND SUMMARY OF THE INVENTION
(For expository convenience, this disclosure generally refers to cellular telephony systems. However, it should be recognized that the invention is not so limited, but can be used with any wireless communications device, whether for voice or data; analog or digital.)
In the cellular telephone industry, hundreds of millions of dollars of revenue is lost each year through theft of services. While some services are lost due to physical theft of cellular telephones, the more pernicious threat is posed by cellular telephone hackers.
Cellular telephone hackers employ various electronic devices to mimic the identification signals produced by an authorized cellular telephone. (These signals are sometimes called authorization signals, verification numbers, signature data, etc.) Often, the hacker learns of these signals by eavesdropping on authorized cellular telephone subscribers and recording the data exchanged with the cell cite. By artful use of this data, the hacker can impersonate an authorized subscriber and dupe the carrier into completing pirate calls.
In the prior art, identification signals are segregated from the voice signals. Most commonly, they are temporally separated, e.g. transmitted in a burst at the time of call origination. Voice data passes through the channel only after a verification operation has taken place on this identification data. (Identification data is also commonly included in data packets sent during the transmission.) Another approach is to spectrally separate the identification, e.g. in a spectral subband outside that allocated to the voice data.
Other fraud-deterrent schemes have also been employed. One class of techniques monitors characteristics of a cellular telephone's RF signal to identify the originating phone. Another class of techniques uses handshaking protocols, wherein some of the data returned by the cellular telephone is based on an algorithm (e.g. hashing) applied to random data sent thereto.
Combinations of the foregoing approaches are also sometimes employed.
U.S. Pat. Nos. 5,465,387, 5,454,027, 5,420,910, 5,448,760, 5,335,278, 5,345,595, 5,144,649, 5,204,902, 5,153,919 and 5,388,212 detail various cellular telephone systems, and fraud deterrence techniques used therein. The disclosures of these patents are incorporated by reference.
As the sophistication of fraud deterrence systems increases, so does the sophistication of cellular telephone hackers. Ultimately, hackers have the upper hand since they recognize that all prior art systems are vulnerable to the same weakness: the identification is based on some attribute of the cellular telephone transmission outside the voice data. Since this attribute is segregated from the voice data, such systems will always be susceptible to pirates who electronically “patch” their voice into a composite electronic signal having the attribute(s) necessary to defeat the fraud deterrence system.
To overcome this failing, the preferred embodiments of the present invention steganographically encodes the voice signal with identification data, resulting in “in-band” signaling (in-band both temporally and spectrally). This approach allows the carrier to monitor the user's voice signal and decode the identification data therefrom.
In one form of the invention, some or all of the identification data used in the prior art (e.g. data transmitted at call origination) is repeatedly steganographically encoded in the user's voice signal as well. The carrier can thus periodically or a periodically check the identification data accompanying the voice data with that sent at call origination to ensure they match. If they do not, the call is identified as being hacked and steps for remediation can be instigated such as interrupting the call.
In another form of the invention, a randomly selected one of several possible messages is repeatedly steganographically encoded on the subscriber's voice. An index sent to the cellular carrier at call set-up identifies which message to expect. If the message steganographically decoded by the cellular carrier from the subscriber's voice does not match that expected, the call is identified as fraudulent.
In the preferred form of the invention, the steganographic encoding relies on a pseudo random data signal to transform the message or identification data into a low level noise-like signal superimposed on the subscriber's digitized voice signal. This pseudo random data signal is known, or knowable, to both the subscriber's telephone (for encoding) and to the cellular carrier (for decoding). Many such embodiments rely on a deterministic pseudo random number generator seeded with a datum known to both the telephone and the carrier. In simple embodiments this seed can remain constant from one call to the next (e.g. a telephone ID number). In more complex embodiments, a pseudo-one-time pad system may be used, wherein a new seed is used for each session (i.e. telephone call). In a hybrid system, the telephone and cellular carrier each have a reference noise key (e.g. 10,000 bits) from which the telephone selects a field of bits, such as 50 bits beginning at a randomly selected offset, and each uses this excerpt as the seed to generate the pseudo random data for encoding. Data sent from the telephone to the carrier (e.g. the offset) during call set-up allows the carrier to reconstruct the same pseudo random data for use in decoding. Yet further improvements can be derived by borrowing basic techniques from the art of cryptographic communications and applying them to the steganographically encoded signal detailed in this disclosure.
Details of applicant's preferred techniques for steganographic encoding/decoding with a pseudo random data stream are more particularly detailed in applicant's prior applications, but the present invention is not limited to use with such techniques. A brief review of other steganographic techniques suitable for use with the present invention follows.
British patent publication 2,196,167 to Thorn EMI discloses a system in which an audio recording is electronically mixed with a marking signal indicative of the owner of the recording, where the combination is perceptually identical to the original. U.S. Pat. Nos. 4,963,998 and 5,079,648 disclose variants of this system.
U.S. Pat. No. 5,319,735 to B.B.N. rests on the same principles as the earlier Thorn EMI publication, but additionally addresses psycho-acoustic masking issues.
U.S. Pat. Nos. 4,425,642, 4,425,661, 5,404,377 and 5,473,631 to Moses disclose various systems for imperceptibly embedding data into audio signals—the latter two patents particularly focusing on neural network implementations and perceptual coding details.
U.S. Pat. No. 4,943,973 to AT&T discloses a system employing spread spectrum techniques for adding a low level noise signal to other data to convey auxiliary data therewith. The patent is particularly illustrated in the context of transmitting network control signals along with digitized voice signals.
U.S. Pat. No. 5,161,210 to U.S. Philips discloses a system in which additional low-level quantization levels are defined on an audio signal to convey, e.g., a copy inhibit code, therewith.
U.S. Pat. No. 4,972,471 to Gross discloses a system intended to assist in the automated monitoring of audio (e.g. radio) signals for copyrighted materials by reference to identification signals subliminally embedded therein.
There are a variety of shareware programs available on the internet (e.g. “Stego” and “White Noise Storm”) which generally operate by swapping bits from a to-be-concealed message stream into the least significant bits of an image or audio signal. White Noise Storm effects a randomization of the data to enhance its concealm
Cangialosi Salvatore
Conwell William Y.
Digimarc Corporation
Digimarc Corporation
LandOfFree
Wireless telephony with steganography does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Wireless telephony with steganography, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Wireless telephony with steganography will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2478558