JPH11261504A - Multiple address system for secret telephone - Google Patents

Abstract

PROBLEM TO BE SOLVED: To reduce the time that is necessary for secret synchronization with many secret receives of multiple address destinations in a multiple address system for secret telephones in a network for emergency, defense, etc. SOLUTION: An exchange 2 accommodates a command issuing device 1 which is connected together with a telephone set to the exchange 2 and is provided a new device of a secret device, a branching device 3 which forms a route that branches a connection with a master unit to plural multiple access destinations according to an instruction from the command issuing device to the multiple access destinations and slave units 4 (4-1 to 4-n) of the secret device which is connected to the each branch destination of the device 3 and is also connected to the line of each multiple access destination. Each slave unit 4 establishes synchronization and performs secret communication by controlling secret synchronization with secret devices of command receiving devices including a telephone set by the control from the master unit of the secret device through respective lines.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a broadcast system for a confidential telephone in a network such as disaster prevention, defense or security.

[0002] In a network for disaster prevention, defense, security, or the like, a command from a command issuing device that generates a command may be broadcast by voice to a receiving device that receives a plurality of commands. It is desirable that the content of such a broadcast be transmitted in secret rather than in plain text as much as possible. However, since it takes time to perform operations for synchronization and the like, improvement is desired.

[0003]

2. Description of the Related Art FIGS. 6 and 7 are explanatory diagrams (part 1) and (part 2) of a conventional encryption system. In the encryption method, the key operation method shown in FIG. 6 and B. in FIG. The public key cryptosystem shown in FIG. The secret key cryptosystem is described in A.I. As shown in (1), the sender and the receiver share the same key 80, respectively. The transmitting side converts the plaintext into ciphertext using the key 80 with the encryptor 81 and transmits the same. In this method, the original plaintext is obtained by decrypting the original plaintext. On the other hand, the public key cryptosystem uses a one-way function to publish either an encryption key or a decryption key. In this example, the sender encrypts the plaintext with the encryptor 84 using the public key 83, and decrypts the ciphertext with the decryption key 85 in the decryptor 86 on the receiving side to return to the plaintext.

[0004] It can be divided into two types according to the encryption method. Shows a stream cipher, and FIG. 7 shows a block cipher. C. of FIG. In the stream cipher, a random number generated based on a specific rule is applied to a transmission signal on a bit-by-bit basis (exclusive OR: EXOR), and a reciprocal of the transmission-side random number is applied on the receiving side. In this method, the original transmission signal is obtained. That is, the transmitting side generates a random number 88 determined in accordance with a convention 87 previously discussed with the receiving side, takes an exclusive OR 89 with each bit of the plaintext, and also generates a random number 88 in accordance with the convention 87 on the receiving side and generates a reciprocal generator 90 thereof. , An exclusive OR 91 is obtained for each bit of the received text to return to the original plain text. In this example, transmission and reception are performed simultaneously by two communication devices that perform communication. In this case, the random number is changed by changing the protocol according to the communication direction.

[0005] This method is used for confidential communication such as a telephone which requires real-time processing because the processing is simple, high-speed processing is possible and delay is small. The block cipher shown in FIG. 7 is a system in which transmission signals are grouped in a certain unit, and the order is rearranged and information is repeatedly replaced according to rules to keep the data secret. In this example, the received signals a to c are stored in a buffer 98.
Is set in the replacement unit 99 in accordance with the rules 97, the order is changed, and a, b, and c are replaced by the substitution unit 100 in accordance with the rules 97, and other characters (c, b, a in this example) are displayed in the table 102. Is replaced with a numeral 3, 2, 1), stored in the buffer 101, and transmitted. On the receiving side, the data is stored in the buffer 103, is replaced with the original character according to the table 107 according to the rule 97, and is further replaced by the replacement unit 105.
Then, the characters are replaced in the original order, stored in the buffer 106, and reception is performed.

This block cipher is often used for concealing a data system because a delay is relatively large and a transmission speed cannot be too high because data blocks are stored in a buffer and processed.

[0007] C. of FIG. In the secret key stream encryption method shown in (1), it is necessary for the transmitting side and the receiving side to generate the same random number and to act on the signal at the same timing. FIG. 8 shows an operation sequence for synchronizing confidentiality from selection of a rule, which is executed between the master and the slave. On the master side, a rule is selected to select one of a plurality of types of random numbers (M1 in FIG. 8). When the rule is transmitted to the slave, the slave receives this and selects the received rule (S1).
1). The master selects the start position of the random number (M in FIG. 8).
2), when sent to the slave, the start position of the slave is selected (S2). As a result, a random number synchronized between the master and the slave is generated, and the random number of the secret communication from the master side to the slave side is synchronized (M3, S3 in FIG. 8). On the other hand, when the start position is selected for confidential communication from the slave side to the master side and sent to the master side (S4, 5, M4,
5) A random number synchronized between the slave and the master is generated (S
6, M6), the master transmits a signal obtained by encrypting a predetermined test pattern with random numbers to the slave (M7, S7). The slave checks the pattern by decrypting the received code with a random number generated by the slave in synchronization with the master (S8 in FIG. 8). If the check indicates a failure (NG), the master is notified and resynchronization is performed (M8 in FIG. 8). If the check is successful, the test pattern is transmitted using a random number to be transmitted from the slave to the master. (S9), the master receives and checks (M9 and M10). If the check is good,
Release the line from the secret device to the communication device (M11, S1
0), confidential communication starts between the master and the slave (M
12, S11).

As described above, it is essential that the concealment devices mutually synchronize the concealment by the above processing. In the case of performing one-to-one confidential communication between two communication apparatuses in this manner, it is necessary to perform the confidential synchronization processing of FIG. When such confidential communication is performed by performing one-to-n broadcasting by confidential communication, the confidential communication is performed according to the conventional principle of confidential synchronization of broadcasting shown in FIG.

That is, 70 in FIG. 9 is a central security device,
Reference numerals 71 to 75 denote concealment devices on the receiving side. First, confidential synchronization is established between the central concealment device 70 and the concealment device 71.
Next, confidential synchronization is established between the central concealing device 70 and the concealing device 72. Thereafter, confidential synchronization is established between the central concealing device 70 and each of the concealing devices 73 to 75.

FIG. 10 shows a specific configuration for performing broadcast confidential communication. Reference numerals 70 to 75 denote the same symbols as those in FIG. 9, and a central concealment device 70 includes a concealment control unit 700 and a scrambler. And concealing device 71 at each receiving side.
.. 750 and descramblers 711, 721,... 751 are connected to telephone terminals, respectively, and 76 indicates an exchange.

The voice signal from the broadcast source telephone terminal is scrambled by the scrambler 701 of the central concealment device 70 that is the broadcast source, branched by the exchange 76 and concealed by each of the concealment devices 71 to 75 of the broadcast destination. Descramblers 711, 721, ...
At 751, the code is decrypted and sent to the destination telephone terminal.

The security control is performed sequentially from the security control unit 700 of the broadcast security device 70 via the exchange 76 to the security control units 710, 720,... 750 of the broadcast security devices 71 to 75.
And confidential synchronization control. In the case of the concealment control, the exchange 76 connects the concealment device 70 of the broadcast source and the concealment devices 71 to 75 of the broadcast destination in order as shown by a dotted line,
In the case of the broadcast communication, both of the branch connections between the broadcast source concealment device 70 and the broadcast destination concealment devices 71 to 75 are performed.

[0013]

As described above, in the conventional concealment device, in order to realize broadcast communication, the concealment device at the center of the broadcast source and the plurality of concealment devices on the receiving side are sequentially switched. And kept secret synchronization. In this method, there is a problem that the time required to perform confidential synchronization increases in proportion to the number of partners to be broadcast in order to perform broadcast control sequentially.

It is an object of the present invention to provide a broadcast method for a confidential telephone capable of shortening the time required for confidential synchronization with a plurality of concealment devices on the receiving side of the broadcast destination.

[0015]

FIG. 1 shows the principle of the present invention. In the figure, 1 is an issuing device including a parent device of the secret device,
2 is an exchange, 3 is a branching device, 4-1 to 4-n (n is the number of broadcast destinations) are a plurality of child devices individually connected by the issuing device 1 and the branching device 3, respectively, and 5-1 to 5 -N is a line, and 6-1 to 6-n are receiving devices including confidential devices of each broadcast destination.

In the present invention, when an instruction for designating a broadcast destination is input from the notification device 1 to the exchange 2, the exchange 2 transmits the notification device 6-1 to 6-n of the broadcast destination designated by the notification device 1. To the branching device 3 that branches and connects to the lines 5-1 to 5-n. Each of the child devices 4-1 to 4-n connected to the branching device 3 is controlled by using the concealing device of the issuing device 1 as a parent device, and each of the receiving devices 6-1 to 6-n of the broadcast destination facing each other. Control of secret synchronization is performed with the secret device. After the confidentiality synchronization is established, the telephone signal from the issuing device 1 is concealed (encrypted) by the parent device 1 and is branched by the branching device 3 of the exchange 2.
A plurality of child devices 4-1 to 4-n are transmitted to a broadcast destination via each of the lines 5-1 to 5-n, and are decrypted and restored by the respective concealing devices of the receiving devices 6-1 to 6-n. Being able to listen on each phone. In this manner, the synchronization control of the broadcast source parent concealment device, the multiple broadcast destination concealment devices, and the broadcast source concealment device can be performed in parallel (simultaneously) through the multiple child devices. Even when there are a large number of broadcast destinations, the processing time for establishing secret synchronization can be reduced.

[0017]

FIG. 2 shows the structure of the first embodiment. In FIG. 2, 1 to 6 use the same reference numerals for the same parts as in FIG. 1, 1 is an issuing device connected to the telephone, 10 is a concealing unit, and 11 is provided in the concealing unit 10. A scrambler 12, an input / output unit including an input device such as buttons and switches and a display device, a random number control unit 13, and an interface between the input / output unit 12, the random number control unit 13, and the data input / output unit 15. The control unit 15 is a data input / output unit for inputting / outputting a control signal between a control unit of the slave device described later and the control unit 14.

Reference numeral 2 denotes an exchange, reference numeral 20 denotes a control device for controlling a call in accordance with transmission control from a caller, reference numeral 21 denotes a communication path including a switch, and reference numeral 22 denotes a subscriber line interface (I).
F) and 23 are data interfaces (IF) for control signal data, and 24 is a data interface (IF) connected to the data IF 22 by a signal line and connected to the control unit 43 of the child device by a signal line. , 25-
1 to 25-5 are line interfaces connected to the broadcast unit, and 3 is a broadcast unit (branch in FIG. 1) having a function of branching a signal from the issuing device 1 to child devices connected to a plurality of receiving terminals. Reference numeral 4 denotes a child device unit including a plurality of child devices, and reference numerals 4-1 to 4-5 denote individual child devices provided corresponding to the plurality of receiving terminals. In this example, there are five broadcast destinations, but 4-3 and 4-4 are not shown. The exchange 2 is provided with a switch mechanism (not shown) controlled by the control device 20 in accordance with incoming and outgoing calls, and connection via the broadcast unit 3 is also performed by the switch mechanism.

4-1 to 4-5 are plural (five in this example)
Is a child device of the concealment device provided corresponding to the broadcast destination line, and 40 is a broadcast concealment control unit for transmission,
Reference numeral 41 denotes a broadcast concealment control unit for reception, and reference numeral 42 denotes a changeover switch. Reference numerals 5-1 to 5-5 denote lines for connecting each child device accommodated in the exchange and each receiving terminal, and transmit a call signal and a control signal. Reference numerals 6-1 to 6-5 denote receiving terminals, respectively, in which 60 is a broadcast security control unit for reception, 61 is a broadcast security control unit for transmission, 62 is a descrambler, and 63 is a switch. Switch.

FIG. 3 is an operation flow according to the configuration of the first embodiment shown in FIG. 2, and will be described below. When the user wants to start the broadcast communication, the user selects a broadcast destination in the input / output unit 12 of the issuing device 1 and inputs each number to make a call (S in FIG. 3).
1, S2), the issuing device 1 is connected to the broadcast unit 3 in the exchange 2 through the subscriber line interface 21 under the control of the control device 20 of the exchange 2. Subsequently, when the broadcast line information is transmitted from the control unit 14 of the issuing device 1 to the broadcast unit 3, the broadcast unit 3 sends the broadcast information to the child devices via the line interfaces 25-1 to 25-5 of the broadcast destination. 4
Each of the slave devices 4 is connected to -1 to 4-5 (S3 in FIG. 3).
-1 to 4-5 are connected to broadcast receiving terminals 6-1 to 6-5 via lines 5-1 to 5-5, respectively. The receiving terminals are connected to each other (S4 in FIG. 3).

At this time, it is determined whether each broadcast destination terminal (receiving terminal) or the line is busy (the receiving terminal can be usually used as a telephone terminal for a telephone call), broken, or vacant. (S5 in FIG. 3), when busy (or failure), the broadcast unit 3 detects it and notifies the broadcast issuing device 1 (S6) and displays it on the input / output unit 12 to broadcast. The line with the destination is disconnected (S7). If the terminal or line is not busy (failure), the broadcast receiving terminals 6-1 to 6-5 respond to the connection by the broadcast unit 3 via each child device (see FIG. 3). S8), the connection through the line is completed (S8)
9), broadcast communication of plain communication (plaintext communication) without confidentiality becomes possible (S10).

The operation for switching to secret broadcast will be described below. When switching to the confidential broadcast, when the confidential broadcast is selected by the input / output unit 12 of the issuing device 1 (S11 in FIG. 3), the control unit 14 and the data input / output unit 15 send the child device 4 of the issuing device.
−1 to 4-5, the data interface 23 of the exchange 2,
24, and instructs to establish secret synchronization (see FIG. 3).
S12). The concealment control is performed as follows. That is, under the control of the control unit 14 of the issuing device 1, the control units 43 of the child devices 4-1 to 4-5 of the issuing device 1 send the broadcast receiving control unit 40 from each of the broadcast concealment control units 40. Terminals 6-1 to 6
The information necessary for synchronization synchronization, such as the protocol number and the start random number generation start position, is transmitted to the broadcast concealment control unit 60 for reception of -5. When the confidential synchronization is established in the receiving terminal (S13 in FIG. 3), the broadcast concealment control unit 61 for transmission of the receiving terminals 6-1 to 6-5 of the broadcast destination sends the child device 4 of the issuing device.
A response is returned to the broadcast concealment control unit 41 for reception of -1 to 4-6 (S14). Upon receipt of this, each child device of the broadcast source notifies the control unit 13 of the issuing device 1 as the parent device of the result (S15 in FIG. 3).

Next, the broadcast concealment control unit 40 for transmission of the child devices 4-1 to 4-5 of the issuing device transmits a check pattern for confidential synchronization confirmation, and receives the check pattern for the receiving terminal of the broadcast destination. The broadcast security control unit 41 confirms the check pattern and responds similarly. Notification device 1 based on the result of the secret synchronization of the child device
From the flat communication mode in the concealment unit 10
1 is switched to the confidential communication mode. The receiving terminal also switches from the flat communication mode to the descrambler 6 similarly to the issuing device.
The communication mode is switched to the confidential mode via the telephone 2 and a telephone call by confidential broadcasting is executed (S16 in FIG. 3). When the broadcast ends, the line of the broadcast destination is disconnected from the broadcast source (S17 and S18 in FIG. 3), and the branch line from the parent device to the child device of the broadcast is disconnected (the same step S19).

FIGS. 4 and 5 show the configuration of the second embodiment (part 1),
(Part 2). The second embodiment is a case in which confidential communication is performed to a plurality of broadcast destinations via different exchanges in a multistage relay configuration.

4 and 5, reference numeral 1 denotes an issuing device, 2
A, 2B, 2C, 2D are exchanges, and A, B, C, D
The ranges indicated by are the exchanges 2A, 2B, 2C, 2
The range of stations A, B, C, and D including D is shown. Also,
23 and 24 in the exchange are data interfaces, 26
a and 26b are ISDN subscriber line interfaces, 26c
Is an ISDN trunk interface, 3-1 and 3-2 are broadcast units, 4 is a slave unit comprising a plurality of slaves, and 4-
Reference numerals 1 and 4-2 denote slave units, 43 denotes a control unit of the slave unit, and 44 denotes a slave unit of another exchange. Reference numerals 60 to 63 denote receiving devices accommodated in the exchanges 2C, 2B, 2D and 2A, respectively. Multiplexers 7a to 7f each include a multiplexing / demultiplexing circuit for multiplexing and transmitting signals on the trunk line.

In the second embodiment, exchanges 2A, 2B, 2C, and 2D are interconnected as shown in the lower part of FIG. 4, and broadcast destinations are distributed to different exchanges. If a trunk line for a confidential telephone is individually secured, many trunk lines are required on the way (for example, two lines are required between the exchanges 2A and 2B). Therefore, the intermediate station (the exchange 2B in FIG. 5) However, by providing a branch unit (3-2 in FIG. 5) and branching in multiple stages, the capacity of the trunk line can be saved.

To start broadcasting, a broadcast destination is selected by the input / output unit 12 of the issuing device 1 (FIG. 4) and a call is made. The broadcast unit 3-1 branches the signal via the ISDN subscriber line interface 26b of the exchange 2A. For the receiving terminal 63 of its own station, after the broadcast unit 3-1 branches,
The connection is made via the SDN subscriber line interface 26b. A child device unit 4 is provided between the exchange 2A and the multiplexing devices 7a and 7b for controlling the security of the terminal station with respect to the security device.
Synchronize confidentiality with the receiving terminal of the partner station and adjust the timing. The multiplexers 7a and 7b multiplex the signals with other signals and transmit the multiplexed signals to the exchanges 2B and 2D.
At the broadcast unit 3-2, and is connected to the exchange 2C via the child device 44 and the multiplexing devices 7e and 7f. As a result, a single line with the exchanges 2B and 2C can be operated, and the line can be used effectively.

In the configuration shown in FIGS. 4 and 5, the child device 4-1 of the exchange 2A and the receiving terminal 61 of the exchange 2B are connected to each other, and the child device 4-2 of the switching device 2A and the receiving terminal 62 of the exchange 2D are connected. Are connected to each other. Furthermore, the child device 4 of the exchange 2B
4 and the receiving terminal 60 of the exchange 2C are connected in opposition.

The operation of the security control in the configuration of the second embodiment will be described. When the concealment button is pressed on the input / output unit 12 of the issuing device 1, the child device unit 4 of the issuing device 1 installed on the line side of the exchange replaces the concealment control unit 11 of the issuing device 1, and the receiving terminal 60 on the opposite side is switched. The secret synchronization is established by exchanging information such as the protocol number, the random number generation start position, and the like, and the parameters are notified to the secret devices of the receiving terminals 60 to 62. The connection between the issuing device and the child device is made by an exchange, and a telephone number is assigned to the concealing device of each exchange, and the connection is exchanged according to the destination of the broadcast.

The slave unit 4 of the exchange 2A includes an exchange 2B directly connected to the exchange 2A and a receiving terminal 6 of the exchange 2D.
The confidential synchronization is executed in opposition to the confidential information 1 and 62. The receiving terminal 60 of the exchange 2C connected to the exchange 2B performs confidential synchronization in opposition to the child device 44 of the exchange 2B.

When confidential synchronization between the child device and the receiving terminal is established, each child device sends a synchronization establishment node response to the issuing device, and
The issuing terminal transmits a voice signal of a simultaneous command to a plurality of receiving terminals.

The receiving terminal decodes the concealed broadcast signal from the issuing terminal to the original signal based on the result of the confidential synchronization with the child device, and receives the broadcast. Can be.

[0033]

According to the present invention, since the time required for confidential synchronization between the concealing device of the broadcast source and the concealing devices of a large number of broadcast destinations can be shortened, the operation of the confidential communication is simplified. Furthermore, if a slave device for confidential synchronization is installed at the relay exchange station, a multi-branch concealed broadcast communication system can be constructed, and it is not necessary to have an independent trunk line at each station. Can be used for

[Brief description of the drawings]

FIG. 1 is a diagram showing a principle configuration of the present invention.

FIG. 2 is a diagram illustrating a configuration of a first embodiment.

FIG. 3 is a diagram illustrating an operation flow according to the configuration of the first embodiment.

FIG. 4 is a diagram illustrating a configuration (part 1) of a second embodiment;

FIG. 5 is a diagram illustrating a configuration (part 2) of a second embodiment;

FIG. 6 is an explanatory diagram (part 1) of a conventional encryption method.

FIG. 7 is an explanatory diagram (part 2) of a conventional encryption method.

FIG. 8 is a diagram showing an operation sequence for synchronizing confidentiality from selection of a rule.

FIG. 9 is a diagram showing a principle configuration of a conventional broadcast confidential synchronization.

FIG. 10 is a diagram showing a specific configuration for performing broadcast confidential communication.

[Explanation of symbols]

 1 Issuing device including parent device of concealment device 2 Switching device 3 Branch device 4-1 to 4-5 Child device 5-1 to 5-5 Line 6-1 to 6-5 Receiving device including concealment device

Claims (3)

[Claims] 1. A broadcast system for a secret telephone in a network for disaster prevention, defense, etc., wherein an exchange has an issuing device provided with a parent device of a secret device connected to a telephone, and a parent device in accordance with an instruction from the issuing device. A branching device for forming a path for branching the connection with the device to a plurality of broadcast destinations, and a child device of a secret device provided at each branch destination of the branching device and connected to each broadcast line; Each of the child devices is connected to a confidential device for receiving a call including a telephone via a line, and concealed from the concealing device of the receiving device via a line under control of a parent device of the concealing device. A broadcast method for confidential telephones, which controls synchronization. 2. The receiving device of claim 1, wherein said receiving device including a parent device of said concealing device is provided to a plurality of different exchanges via a trunk line including a relay exchange, with respect to said issuing device including a parent device;
A branching device for branching the line of the issuing device to child devices of a plurality of concealment devices is provided in the relay exchange, and the child device is connected to a receiving device of another exchange via the relay line, and the concealment device of the parent device is provided. A private telephone of the relay exchange via a trunk line to control the secret synchronization. 3. The concealment device according to claim 2, wherein a child device connected to a line branched from said branch device is connected to another exchange via a trunk line multiplexed by a multiplexer. Broadcast method of telephone.