WO2000067409A2 - Procede pour la transmission protegee de signaux de modem de donnees et de fac-simile - Google Patents

Procede pour la transmission protegee de signaux de modem de donnees et de fac-simile Download PDF

Info

Publication number
WO2000067409A2
WO2000067409A2 PCT/US2000/011573 US0011573W WO0067409A2 WO 2000067409 A2 WO2000067409 A2 WO 2000067409A2 US 0011573 W US0011573 W US 0011573W WO 0067409 A2 WO0067409 A2 WO 0067409A2
Authority
WO
WIPO (PCT)
Prior art keywords
predetermined
modem
frequency
facsimile
data
Prior art date
Application number
PCT/US2000/011573
Other languages
English (en)
Other versions
WO2000067409A3 (fr
Inventor
Gordon C. Collett
Gary A. Gale
Original Assignee
Amik, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Amik, Inc. filed Critical Amik, Inc.
Priority to AU49770/00A priority Critical patent/AU4977000A/en
Publication of WO2000067409A2 publication Critical patent/WO2000067409A2/fr
Publication of WO2000067409A3 publication Critical patent/WO2000067409A3/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K1/00Secret communication
    • H04K1/04Secret communication by frequency scrambling, i.e. by transposing or inverting parts of the frequency band or by inverting the whole band
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/44Secrecy systems
    • H04N1/448Rendering the image unintelligible, e.g. scrambling

Definitions

  • the present invention is generally related to the protection of facsimile and data transmissions sent via modem over wireless and land- line telephone networks and, in particular, to a method of scrambling the modem signal, utilizing a scrambling and key coding technique, prior to transmission in a manner that requires a correspondingly keyed signal descrambling at the remote before the signal can be provided to the remote end modem and correct reception of the facsimile and data can be obtained.
  • the conventional approach to protecting such data is to use a digital data encryption device or system software to encode the data before being sent to the modem. Reasonable to very high levels of security can be achieved in this manner.
  • a necessary limitation, particularly for software- based encryption systems like Pretty Good PrivacyTM (PGP), is that user software applications, such as e-mail and facsimile applications, have to be explicitly designed to accommodate the specific implementations of the encryption software used. Maintaining version compatibility between user and encryption software applications at one end of a communications link is annoyingly complex. Ensuring compatibility at the local end and all reasonably potential remote ends quickly approaches the impractical.
  • Stand-alone digital data encryption devices are conventionally dedicated micro-controller systems and, as such, are conventionally quite expensive. Although autonomous in their fundamental operation, these devices also still require user intervention, physically or through a control application, to manage the function of the encryption device and periodically to upgrade the embedded firmware encryption and communication control application.
  • the conventionally desired location for the stand-alone encryption device is between the computer system and telecommunications network, particularly now as most modems are now internal to their host computers.
  • the encryption device must have an internal modem to demodulate the modem signal from the host computer to acquire the data in a digital format suitable for encryption.
  • a single modem can be used provided the micro-controller has sufficient processing capabilities and a sufficiently large enough digital store- and -forward buffer memory space to allow a single modem to be switched between receiver and transmitter roles and simultaneously between the host and network communications links. In either event, the requirement for multiple modems or large data spaces results in higher complexity and cost.
  • a general purpose of this invention is to inexpensively provide for the transparent security of transmitted facsimile and data signals that otherwise may be subject to interception by undesired persons or organizations.
  • o security device thgt operates to secure the transmission of data between authorized modems and against interception by an unauthorized modem.
  • the modems each implement a defined protocol that includes negotiation and data transport portions of a communications session that is conducted over a network utilizing signals selectively occurring in a plurality of frequency channels.
  • the security device includes a first interface coupleable to a modem to exchange first predetermined signals occurring in a first plurality of frequency channels, a second interface coupleable to a network to exchange second predetermined signals occurring in a second plurality of frequency channels, and a signal processor, coupled between the first and second interfaces, implementing a bi-directional conversion of signals between the first and second plurality of frequency channels by frequency shifting the first and second predetermined signals between the first and second pluralities of frequency channels. Further, the security device can provide for a first frequency shift of greater than a predetermined frequency tolerance specified by the defined protocol for a first portion of the communications session and a second frequency shift for a second portion of the communications session.
  • an advantage of the present invention is that conventional modems, if used in an attempt to intercept modem data signals as transmitted over the network, will fail to properly recognize the frequency shifted signals as complying with any acceptable modem data transfer protocol.
  • Another advantage of the present invention is that facsimile data transmissions are effectively obscured in their entirety due to the inherent complexity any attempt by an intercepting modem to adjust or compensate for the frequency shift introduced by the present invention.
  • the initial facsimile system negotiation process would have, at least in part, been completed, rendering the remaining portion of the facsimile transmission essentially undecipherable.
  • the resolution of the facsimile data into a final image is extremely compromised and essentially impractical.
  • a further advantage of the present invention is that the frequency shift implemented in the preferred embodiments of the present invention is variable, particularly in that the magnitude of the shift may be changed at different points in the data transmission.
  • the resulting complexity of meaningfully intercepting the modem data not only directly increases with the number of changes made in transmitting the data, but also due to the requirement of precisely locating each frequency shift change within the data.
  • An additional advantgge of the present invention is that the techniques embodied in the present invention may be incorporated and combined with other security mechanisms and methods, including for example, inversion and other forms of transmitted data scrambling and encryption.
  • Yet another advantage of the present invention is that fully effective embodiments of the present invention are quite inexpensive to manufacture and essentially automatic in their operation.
  • Still another advantage of the present invention is that the determination of the frequency shift magnitude and the timing of subsequent changes can be performed through a pseudo-random keyed data exchange between embodiments of the present invention, so that every data transmission session will be automatically varied and therefore unpredictable by a potential interceptor.
  • Figure 1 is a general illustration of the network communication between facsimile machines, including an interceptor and two authorized facsimile machines protected by an embodiment of the present invention
  • Figures 2a, 2b, and 2c provide frequency/time diagrams that illustrate the operation of a preferred embodiment of the present invention
  • Figures 3 ⁇ and 3b provide general block diagrams showing an analog embodiment of the present invention that implements a frequency band inversion process in the analog domain;
  • Figures 4a, 4b, and 4c illustrate the effect of the frequency shifting implemented by a preferred embodiment of the present invention relative to the defined requirements of facsimile and data modem protocols;
  • Figure 5 provides a general block diagram showing a preferred embodiment of the present invention that implements frequency shifting and inversion in the digital domain
  • Figure 6 provides a block diagram of a complete digital security system, incorporating a scrambler signal processor and analog interfaces for respective connection to a facsimile machine and a telephone network
  • Figure 7 is a process diagram illustrating alternate process paths in the operation of a preferred embodiment of the present invention.
  • Conventional facsimile machines utilize a modem operating according to an established ITU-T standard protocol known as V. l 7, which defines 14,400 baud to 2400 baud protocol modes and the ITU-T V.29 standard protocol, which defines a different 9600 baud to 2400 baud protocol mode.
  • V. l 7 protocol the primary carrier frequency is 1800 Hz using a Quadrature Amplitude Modulation (QAM) frequency encoding scheme while the V.29 protocol specifies a carrier frequency of 1 700 Hz using QAM.
  • QAM Quadrature Amplitude Modulation
  • Conventional facsimile machines will usually recognize either of these operational modes to provide a "universal" facsimile transmission compatibility.
  • the answering facsimile When ⁇ facsimile machine calls another facsimile, the answering facsimile will sense the phone ringing, answer the phone and activate a 2100Hz tone sent out the phone line.
  • the originating facsimile upon sensing this 2100Hz signal, activates a line-train session with the answer facsimile.
  • This signaling configuration in effect, compensates for the particular line conditions encountered by the facsimile machines, such as line-noise, nonlinear group phase-delay, non-linear frequency-based time-delay, and other such aspects of the network. Since, at the desired high baud rates, the network data channel is carrying a data-bit for every 1 .5Hz of available bandwidth, the training variables are extensive and require exact agreement between the communicating facsimile machines in order to accomplish any meaningful data transmission.
  • the modems will step-down to the next highest mutually supported rate, usually 4800 baud.
  • the line-training which is less critical but still requires a close interaction between the communicating facsimile machines, will then be re-initiated. Subsequent baud rate step-downs may be required until an adequately usable baud rate is mutually agreed to by the facsimile machines. If, for any reason, these initial facsimile modem training sessions all fail, the facsimile transmission cannot take place.
  • the facsimile machines independently timeout and disconnect.
  • the first or second training session will enable the facsimile modems to adequately adapt to the line conditions.
  • the facsimiles progress, in accordance with the elected communications protocol, to define the facsimile transmission session.
  • Numerous parameters such as header data blocks, frame lengths, error- correction encoding, and other characterizing information, is exchanged between the facsimile machines. This information is required by the receiving facsimile machine in order to fully and correctly reconstruct the transmitted facsimile page image.
  • an agreed to set of these facsimile parameters is effectively negotiated between the facsimile machines.
  • the elapsed time between a call being answered by a facsimile machine, a successful training session, and the facsimile parameter negotiation being completed is less than 60 seconds and often less than 30 seconds.
  • the originating facsimile machine begins the transfer of the facsimile data. If a short-term noise-burst compromises this data transfer, or if either modem elects at protocol defined points during the data transfer, the facsimile modems may re-initiate a line-training session. This allows the facsimile machines to preserve the integrity of the data being transmitted despite the length of the transmission.
  • the negotiation of facsimile parameters is, however, not repeated, since variations in line-quality and minor compensating corrections do not affect the capabilities of the facsimile machines themselves.
  • a conventional facsimile machine 12 is connected through a security device 14 to the public switched telephone network (PSTN) 16. Calls to and from other conventional facsimile machines, such as potentially the facsimile machine 1 8, are routed and handled conventionally with respect to the security device 14. That is, preferably, the security device 14 operates in a pass-through mode where a non-security enhanced transmission occurs, particularly in the case where a remote security device 14 is not present or not enabled.
  • PSTN public switched telephone network
  • a secure transmission protocol is preferably imposed on top of the conventional protocols and operation implemented by the conventional facsimile machines 12, 26.
  • This secure transmission protocol and other operational aspects of the security devices 14' are preferably transparent to that of the facsimile machines 1 2, 26.
  • Figure 2a illustrates the conventional operation of the facsimile machines 12, 26 in establishing a usable network connection and transmitting facsimile data.
  • a call is made and answered and the line-training session completed.
  • the protocols implemented by the facsimile machines 1 2, 28 determine the frequency, Cf l 7 of the initial tone transmitted by the answering facsimile machine. Typically, C ⁇ is 2100Hz.
  • a facsimile parameter negotiation phase 34 then ensues, with the facsimile data being transferred during a data phase 36, 40.
  • a line-retraining session 38 may occur and even re-occur during the data phase 36, 40.
  • an initial-tone frequency, Cf 2 is issued in a preferred embodiment of the present invention by the answering facsimile machine through the security device 14', which is initially operating in a pass-through mode. Therefore, the frequency Cf 2 is preferably 2100Hz for this embodiment.
  • the security device 14' preferably isolates the facsimile machine 26 from the PSTN 16, and initiates a security negotiation phase 42 by transmitting selected DTMF tones over the PSTN 1 6 network to the originating facsimile machine 1 2. These DTMF tones are intended to initiate and negotiate a secure key that the security devices
  • the security device 14' then use to select a frequency offset value from the frequency Cf 2 , yielding a new frequency, Cf 3 , or to directly select the frequency Cf 3 . If there is no appropriate answer to these tones, indicating that the security device 14 is absent or not enabled to respond, the security device 14' preferably reverts to either operating in a transparent pass-through mode or forces the call to be terminated if set to require a secure mode exchange. If continued, the further operation of the facsimile machines, in this instance, is then consistent with Figure 2a.
  • the initial tone Cf 2 is monitored for and detected by the security device 14.
  • the facsimile machine 12 is isolated from the PSTN 16.
  • the security device 14 then waits for and then begins exchanging DTMF tones to select the frequency Cf 3 . Once this frequency is selected, both security devices 14, 14' preferably implement a corresponding shift in frequency and begin signal inversion scrambling.
  • Both facsimile machines 1 2, 26 are then reconnected transparently through the security devices 14, 14' and PSTN 16 and the negotiation phase 42 ends.
  • Line-trainings phase 44, 50, facsimile parameter negotiation phase 46, and data transfer phases 48, 52 all proceed as before, except that they occur relative to the offset frequency Cf 3 .
  • the frequency Cf 3 is 2250Hz.
  • multiple different frequency shifts can be implemented in or between the different communications phases that occur between the facsimile machines 1 2, 26.
  • An initial security device negotiation phase 54 occurs at a frequency Cf 4 , again preferably at
  • a frequency shift to Cf 5 at 2250Hz is made before the start of the line-training phase 56.
  • a second frequency shift is implemented by the security devices 14, 14'.
  • the timing is such that the frequency shift occurs at the end of the facsimile parameter negotiation phase 58.
  • the resulting line compensation mutually implemented by the facsimile machines 1 2, 26 is correct for optimum transfer of facsimile data during the data phases 64, 68, as may be further tuned by subsequent retraining phases 66.
  • the frequency Cf 3 is preferably 2000Hz.
  • the security devices 14, 14' are constructed, as shown in Figure 1 , to include a facsimile machine interface 20, converter circuit 22, and line interface 24.
  • the facsimile machine 26 being of conventional design and implementation, typically includes a facsimile modem 28 and facsimile machine hardware 30, typically including a page scanner and printer.
  • the facsimile machine 26 can be either a stand-alone machine or a personal computer equipped with separate facsimile modem 28 and hardware 30.
  • the two interfaces 20, 24 are preferably analog circuits capable of supporting or simulating an off hook line condition as appropriate to being able to isolate the PSTN 1 6 and facsimile machine 26 from one another.
  • the converter circuit 22 preferably implements a variable or programmable frequency shift and a signal inversion capability. As indicated in Figure 3a, the converter circuit 22 can be implemented as an analog circuit 70 that performs frequency band inversion.
  • An audio input signal typically having a frequency range of 150 to 2700Hz as determined by the PSTN 16, is input 72 to a balanced mixer 74 operating from, in this example, a tone of 3000Hz provided by an oscillator 76.
  • the resultant mixer product includes a lower and upper sidebands centered around the 3000Hz injection frequency.
  • a low pass filter 78 set preferably to have a cut-off frequency at the upper edge of the audio input frequency range or
  • 2700Hz in this example is chosen to filter out the upper sideband.
  • the remaining lower sideband has all of the frequencies of the input signal 72 inverted.
  • 150Hz is inverted to (3000Hz - 150Hz) or 2850Hz.
  • 2700Hz is shifted to (3000Hz - 2700Hz) or 300Hz.
  • the resulting frequency band is now shifted to 300Hz to 2850Hz.
  • the conversion circuit 22 would include a complementary frequency shift circuit 82, as shown in Figure 3b.
  • the received audio signal 84 corresponding to the signal 82, is received and mixed through a second b ⁇ l ⁇ nced mixer 86 operated from an oscillator 88 set to the same frequency as the oscillator 76.
  • the lower sideband is now the restored audio signal with the frequencies restored through re-inversion to their original values.
  • the lower sideband is isolated again by passing the mixer output through a low pass filter 90 chosen to have an upper cut-off frequency of 2700Hz.
  • the effectiveness of the present invention in creating a secure communications channel over a PSTN network 16 particularly for facsimile transmissions is shown in Figure 4.
  • the facsimile protocols define specific frequency windows for the different tones exchanged during at least the facsimile protocol negotiation.
  • defined negotiation phase tones f Q and f ⁇ are required to occur within a frequency window 100.
  • the size of the window 100 is such that a frequency shift of just 20Hz is sufficient to cause recognition failures. Since such frequency shifts are conventionally due to bad line conditions, these failures are essentially construed by conventional facsimile machines as being fundamental failures, which in-turn terminates further negotiation of the current protocol.
  • a baud rate step-down is executed, so as to obtain an increased frequency tolerance to line distortions, and a corresponding baud rate level protocol is then negotiated.
  • an interceptor facsimile machine 18 there are a number of requirements that an interceptor facsimile machine 18 must conventionally meet.
  • the interceptor 1 8 must line-train with the originating and gnswering fgcsimile machines. This line-training must be receive-only so as not to interfere or be noticed by the originating and answering facsimile machines.
  • a necessary predicate for this requirement is that the line conditions at the interceptor facsimile machine 18 must be similar to those of either, if not both, of the originating and answering facsimile machines.
  • the interceptor facsimile machine 1 8 must, in a receive-only mode, follow the facsimile parameter negotiation. Again unfortunately, conventional interceptor facsimile machines exist that can meet these second and third requirements.
  • the present invention in addition to providing signal inversion based scrambling of the facsimile data signal transmitted through the PSTN network 1 6, also operates to preclude an interceptor facsimile machine from being able to line-train and from being able to obtain the negotiated facsimile parameters. By frequency shifting the line-training and facsimile parameter negotiation phase signals by more than 20Hz, and preferably by well more such as shown in Figure 4b, the facsimile modem of the interceptor machine 1 8 will be unable to recognize that a facsimile transmission is even occurring.
  • a preferred embodiment 1 10 of the present invention implements the frequency shift and signal inversion in the digital domain.
  • a facsimile input signal 1 12 as passed through the interface 20 of a security device 14', is sent through an analog-to-digital converter 1 14 that changes the analog input signal to a digital bit stream.
  • the input signal 1 12 is sampled at a defined frequency, F , based on a sample clock signal 1 16.
  • the resulting digital stream is then converted back to the analog domain through a digital-to-analog converter 1 22 and output as a facsimile signal 1 24 through the line interface 22.
  • the selective sign bit complementing results in a digital inversion of the input frequencies.
  • the choice of sampling rate, F determines the frequency shift imparted to the data stream.
  • a second converter circuit 1 10 is utilized to provide bi-directional conversion.
  • a preferred micro-controller based embodiment 130 of the present invention is shown in Figure 6.
  • the facsimile line interface 20 includes a connector 1 32 that connects through a switch 1 34 to a conventional two- to-four wire telco converter 138.
  • the switch 1 34 allows selection between a passive pass-through operating mode and an active mode that involves the operation of the converter circuit 22.
  • a phone line simulator 136 is provided to support a connected facsimile machine in an off-hook state in the active operating mode.
  • the PSTN network interface 24 includes a connector 140 that connects through a switch 142, preferably commonly controlled with the switch 1 34, and a conventional phone line interface block, or data access adapter (DAA), to another conventional two-to-four wire telco converter 146.
  • the phone line interface 144 provides the electrical isolation required of devices that connect to the PSTN network 1 6 and further supports the line in an off-hook state.
  • a system micro-controller 150 preferably implemented using a National SemiconductorTM COP-8TM single-chip micro-controller operating at a clock speed of 8MHz, is used to implement the signal processing control and protocol processing operations of the converter circuit 22.
  • Other low-cost processors such as almost any of the many different IntelTM
  • the executable program memory is stored in the micro-controller 150 in an on-chip PROM memory or an equivalent separate memory chip. Technologies such as flash, electrically-erasable, and others may be used. However, UVEPROM and one-time programmable EPROM are preferred as readily available, low-cost technologies.
  • a tone monitor 152 used to detect the initial facsimile answering tone of 2100Hz and, in alternate embodiments, other initial-tone frequencies as well, is connected in common with a DTMF transceiver 154 by lines 156 to the phone line connector 140 side of the switch 142. By this connection location, the tone monitor 1 52 can detect a tone, both inbound and out-bound, regardless of the common state of the switches 1 34, 142.
  • a detection signal is passed to the micro-controller 150 when an appropriate tone is received.
  • the DTMF transceiver 154 is used by the micro-controller 150 to encode and decode messages exchanged with other security devices 130. These messages are used for the basic transport of the security protocol negotiation implemented in accordance with the present invention. Digital representations of the DTMF signals both sent and received are exchanged between the transceiver 154 and micro-controller 150.
  • the micro-controller uses a control line 158 to digitally manage the state of the switches 134, 142. In correspondence with the state of these switches, 134, 142, the micro-controller 150 also digitally manages the state of a secure/clear indicator 1 60.
  • a manual switch bank or, in an alternate embodiment, a computer programmable register of switch-state bits, is provided as a code selector 164.
  • the micro-controller 150 preferably accesses the state of the various switches maintained by the code selector 1 64 to obtain initialization and configuration information that is ultimately user provided.
  • manual switches are set by the user to establish for the security device 130, (1 ) whether the device is enabled to selectively switch to the active mode or disabled and held in the passive pass-through mode;
  • the code selector 1 64 may also be used to specify whether the security device 130 should, (1 ) answer telephone calls autonomously and issue the initial facsimile answer tone at an alternate frequency; (2) negotiate use of any of several alternate key generation algorithms and variants of the security protocol; and (3) enable training, on a statistical basis, with the remote security device to compensate for relative time-base drift.
  • These switch settings are preferably examined during the power-on cycle of the micro-controller, but may be examined anytime in the execution of the micro-controller program.
  • the micro-controller preferably operates from a fixed frequency- master oscillator 166.
  • This clock frequency is also preferably provided to paired sets of analog-to-digital and digital-to-analog converters 168, 1 70 via a shared clock line 1 72.
  • These converters 168, 1 70 are preferably implemented using two Texas Instruments TM TI- 1054 CODECs, which are capable of operating at sample rates of up to l OKHz.
  • the sample frequency is preferably determined by a clock signal, f , provided on a sample clock line 1 74 to the converters 168, 1 70.
  • This clock signal, f s is preferably generated by the micro-controller 150 through the execution of a timing-loop.
  • a second clock signal, f j is also preferably generated by the microcontroller 150 and provided on a separate clock line 1 76 to two sign-bit inverters 1 78, 180.
  • the two clock signals, f s and are frequency related, with f s being twice the frequency of .
  • the f j signal is also generated by the execution of the timing-loop by the micro-controller 150.
  • an programmable-logic-device (PLD) external to the micro-controller 150, or a cascade of programmable counter-timer units, often provided on-chip with the micro-controller 150, could also be used to generate the clock signals, f s and .
  • the sign-bit inverters access the digital value sample registers in the converters 1 68, 1 70, bit-mask select and complement the respective sign-bits, and restore the modified bits to the sample registers.
  • conventional digital logic circuits implement the function of the inverters 168, 1 70.
  • the sampling process need not be halted or even slowed. Rather, the inverter logic operates preferably at a speed limited only by the read/write access time of the digital sample registers of the converters 168, 1 70. Given that these access times are quite fast relative to the sample rate clock f s , there is no interruption in the sampling process.
  • High and low-security process paths can be supported in a preferred method of operation in accordance with the present invention.
  • the low-security process path preferably uses a fixed security key, while the high-security process path includes a key exchange.
  • the high-security device is not interoperable with low-security devices unless pre-preemptively set to emulate a low-security device by a manual switch setting.
  • Both high and low-security process paths assume that security devices 1 30 are located between conventional facsimile machines and the PSTN network 16. The processes, however, allow for the possibility that one security device is either disabled or altogether absent.
  • the processes 190 are initiated when a call is answered by a called or answer-end facsimile machine, which then issues an initial facsimile tone 1 92. Where either security device 1 30 is disabled and thereby forced to maintain a passive state, the normal process 194 of connection between facsimile machines is passively allowed to continue.
  • tone detection 192 potentially at both ends of the call will occur and the active security devices will both act to isolate 1 98 their respective facsimile machines, yet maintain a supporting electrically an off-hook condition on the connections to the respective facsimile machines.
  • the calling-end security device 1 30 can essentially determine that there is no answering-end security device 1 30. In this event, the calling security device 130 may determine 200 whether a secure connection is required, as set by a code selection switch, whereupon the call will be dropped 202.
  • each security device 1 30 will determine 206 from the code selection switches whether to attempt to connect in a high or low-security mode. If either is set to select a low-security mode, that security device 1 30 will use the locally programmed key, as set on the code selector 1 64, to determine 208 a sequence of frequency shift levels to be used during the facsimile data transfer.
  • the key can directly define the set of frequency shifts or can be used as a seed for a pre-defined numerical permutation 208, such as a sequence of bit-shifting ond masking, that provides for the selection.
  • This permutation is identically implemented by all low-security embodiments of the present invention.
  • a security device 130 If a security device 130 is present at the answer-end of the call and has the high security mode selected, that security device 1 30 will issue a DTMF-based inquiry 208 to the calling-end of the PSTN network 16. Where a calling-end security device 1 30 is not present, disabled, or not also set to select the high-security mode, the determination of whether secure fax reception is required 200 is made. The call is either dropped 202 or the called-end security device falls-back to a passive mode 204 and the facsimile machine negotiation is allowed to proceed.
  • a DTMF response 210 is issued when the DTMF inquiry is received. If not received, the called-end security device 130 is either not set for high-security or is absent. In either event, again a determination is then made 200 as to whether continue the facsimile data transmission.
  • the security devices 1 30 may use caller-ID, for example, to non- authoritatively identify a calling-end facsimile machine and adopt different security levels or key codes for the potential data transaction.
  • the inquiry/response exchange may be expanded to allow for adaptive transitions between different high and low-security levels and, potentially, the use of different key exchange and permutation algorithms.
  • Non-standard DTMF tones, or other tones altogether can also be utilized in the inquiry/response to prevent meaningful interception.
  • a key exchange is performed 212 following a successful DTMF inquiry/response 200.
  • additional aspects of the facsimile data transfer can be negotiated, including selection or confirmation of a common version of a key generation algorithm, the type and length of keys to be exchanged, whether and to what frequency to shift the remainder of the key negotiation phase, including specifically the phase portion where keys or key parts are to be exchanged, and the choice of an alternate ratio of sample-to-inversion clock frequencies.
  • the exchanged keys are then used by each of the security devices 130 in conjunction with their preset keys, as set by the code selectors 164 on each of the security devices 130, to each produce 214 a session key that, as before selects the set of frequency shifts to be used in the facsimile data transfer.
  • the fixed code key seed is preferably used as an input to a seeded, pseudo-random key generation operation as part of the beginning key generation process 214. Therefore, the frequency shift set change for every session, effectively preventing prediction of the frequency shift by any interceptor facsimile machine.
  • the number of available frequency shift levels is limited, however, by the telephone line bandwidth and the frequency spacing between the levels. If a shift converted frequency becomes too high, or approaches 2700Hz in the case of the preferred embodiments of the present invention, the signals begin to degrade as the bandwidth slope increases. Conventionally, telephone network bandwidth is specified as 300Hz to 3000Hz. Problems occur, however, particularly with QAM modems if (1 ) the primary modem frequencies approach the high-pass band edge; and (2) if the modem signaling frequencies are too low, which directly acts to distort the QAM modulated data at these low frequencies to the point where demodulation is not possible.
  • the number and range of shifted frequency levels is constrained and preferably selected such that the frequency shift induced distortion is less than what will cause conventional facsimile modems to down-grade transmission rates from their mutual maximum rates or, as a preferred alternate, to no less than 9600 baud.
  • the frequency shift spacing is chosen as a uniform 20Hz. This spacing ensures that even a single frequency shift level away from the conventional protocol defined frequency levels will place the signals outside the defined tolerances of those protocols.
  • the spacing may be chosen to be non-linear, provided the first level of shift is again sufficient to ensure that the relocated facsimile frequencies are at least 20 Hz away from their protocol defined locations, thus precluding an intercepting facsimile modem from recognizing them.
  • the number of shift frequencies, and therefore the number of codes defining the same is preferably set at 24.
  • the security devices implement the shift 21 6. This shift alone creates a substantial degree of security for the remaining facsimile data transfer. Without complete knowledge of the keys and key generation algorithms, an interceptor modem/facsimile machine would need to quickly analyze and determine the offset to the shifted frequency after the shift occurs. Then, the interceptor would have to operate to reverse the shift. Since this analysis only begins after the shift occurs, the interceptor facsimile will likely miss some portion of the facsimile parameter negotiation and all of the facsimile modem line training. Even if only a small portion of the line training is missed, the facsimile interceptor will not effectively be able to recover the facsimile transmission data. Missing any of the facsimile parameter negotiation and the added presence of the signal inversion process further complicates any attempt at recovering meaningful data.
  • the security devices 130 could now mutually determine an alternate ratio of sample to inversion clock frequencies. The frequency shift and quick selection and switch to a different inversion frequency ratio would be impossible to follow, as a practical matter, by an interceptor modem.
  • the security devices 1 30 next act 21 8 to reconnect their respective facsimile machines. The called-end facsimile machine, still issuing the initial facsimile tone, connects through the PSTN network 1 6 to the calling facsimile machine.
  • the conventional facsimile protocol negotiations and line training then ensues 220.
  • the frequency shift implemented by the security devices 1 30 is transparent to the facsimile machines.
  • the line training is or will be performed through the security devices 1 30 and subject to the frequency shift, thus automatically accommodating the line quality variances, if any, introduced by the security devices 130.
  • the security devices 130 preferably wait 222 for expiration of the predetermined or negotiated period of time to implement a second frequency shift 224.
  • This shift is preferably chosen to occur some five or six seconds into the facsimile machine negotiation session.
  • the facsimile machines will typically have completed or nearly completed selection of the facsimile transmission parameters and before or near the beginning of the line training session.
  • this frequency shift is chosen to occur at a point in the overall facsimile negotiations where no actual facsimile data will be lost and where the facsimile modem protocols will be capable of healing or restarting whatever negotiations were in progress.
  • the transitional impact of the frequency shift is much like a noise-burst, which the conventional facsimile modem protocols were designed to accommodate. If the frequency shift occurs in the line tr ⁇ ining, for example, the resulting effective noise burst is preferably short enough to be considered by the line training protocol as being recoverable if such a burst were to occur during the transmission of facsimile data. Finally then, following the implementation of the frequency shift 224, the remainder of the facsimile transmission session continues 226 to completion.
  • a particular advantage of implementing the second frequency shift 224 is to effectively increase the number of frequency shift codes available for use, thus making embodiments of the present invention substantially more secure.
  • the total number of code combinations becomes, using the preferred uniform 20Hz spacing, 24 , or 576.
  • the spatial distribution of the frequency shifts results in the facsimile parameter negotiations being, in effect, secured with one code and the actual line training and facsimile data transmission secured with a second, independent code.
  • the present invention provides a facsimile security system that is both quite effective in implementing a substantial level of security for facsimile transmissions and is also relatively inexpensive to manufacture and simple to operate. Multiple levels of secure operation are possible and a substantial degree of flexibility in operation and essentially transparent compatibility with existing facsimile machines is provided.

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Multimedia (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Facsimile Transmission Control (AREA)
  • Communication Control (AREA)
  • Facsimiles In General (AREA)
  • Telephonic Communication Services (AREA)

Abstract

L'invention concerne un procédé d'exploitation d'un dispositif de sécurité conçu pour protéger la transmission de données entre des modems autorisés et pour empêcher l'interception par un modem non autorisé. Les modems mettent en oeuvre chacun un protocole qui comprend des parties de négociation et de transport de données d'une session de communications menée à bien sur un réseau utilisant des signaux apparaissant sélectivement dans plusieurs voies de fréquence. Le dispositif de sécurité comporte une première interface pouvant être couplée à un modem pour l'échange de premiers signaux prédéterminés apparaissant dans une première pluralité de voies de fréquence, et une seconde interface pouvant être couplée à un réseau pour l'échange de seconds signaux prédéterminés apparaissant dans une seconde pluralité de voies de fréquence. Un processeur de signal est couplé entre les première et seconde interfaces, de sorte qu'il assure un conversion bidirectionnelle des signaux entre la pluralité de voies de fréquence, par déplacement de la fréquence des premiers et seconds signaux prédéterminés entre les première et seconde pluralités de voies de fréquence. Par ailleurs, le dispositif de sécurité peut permettre un premier déplacement de fréquence supérieur à une tolérance de fréquence prédéterminée spécifiée par le protocole pour une première partie de ladite session de communication, et un deuxième déplacement de fréquence pour une deuxième partie de la session de communication.
PCT/US2000/011573 1999-04-30 2000-04-28 Procede pour la transmission protegee de signaux de modem de donnees et de fac-simile WO2000067409A2 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU49770/00A AU4977000A (en) 1999-04-30 2000-04-28 A method of providing secure transmission for facsimile data modem signals

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US30352199A 1999-04-30 1999-04-30
US09/303,521 1999-04-30

Publications (2)

Publication Number Publication Date
WO2000067409A2 true WO2000067409A2 (fr) 2000-11-09
WO2000067409A3 WO2000067409A3 (fr) 2001-01-25

Family

ID=23172502

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2000/011573 WO2000067409A2 (fr) 1999-04-30 2000-04-28 Procede pour la transmission protegee de signaux de modem de donnees et de fac-simile

Country Status (2)

Country Link
AU (1) AU4977000A (fr)
WO (1) WO2000067409A2 (fr)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0295580A2 (fr) * 1987-06-19 1988-12-21 Motorola, Inc. Brouilleur analogique fonctionnant en duplex
EP0457602A2 (fr) * 1990-05-17 1991-11-21 Fujitsu Limited Sécurité de données dans des systèmes de communication à plusieurs porteuses
EP0516451A2 (fr) * 1991-05-31 1992-12-02 Encryptco, Inc Interface pour un système sûr de transmission de fac-similé avec encryption et décryption
US5796838A (en) * 1996-08-02 1998-08-18 Transcrypt International, Inc. Method and apparatus for performing frequency spectrum inversion

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0295580A2 (fr) * 1987-06-19 1988-12-21 Motorola, Inc. Brouilleur analogique fonctionnant en duplex
EP0457602A2 (fr) * 1990-05-17 1991-11-21 Fujitsu Limited Sécurité de données dans des systèmes de communication à plusieurs porteuses
EP0516451A2 (fr) * 1991-05-31 1992-12-02 Encryptco, Inc Interface pour un système sûr de transmission de fac-similé avec encryption et décryption
US5796838A (en) * 1996-08-02 1998-08-18 Transcrypt International, Inc. Method and apparatus for performing frequency spectrum inversion

Also Published As

Publication number Publication date
WO2000067409A3 (fr) 2001-01-25
AU4977000A (en) 2000-11-17

Similar Documents

Publication Publication Date Title
US5613005A (en) Cipher communication method and device
JPH06204998A (ja) データ通信装置およびデータ通信方法
JP2002208923A (ja) 間欠信号の暗号化伝送システム
US20070116275A1 (en) Method for the secure transmission of data, via networks, by exchange of encryption information, and corresponding encryption/decryption device
KR100287674B1 (ko) 통신방법
US5742679A (en) Optimized simultaneous audio and data transmission using QADM with phase randomization
WO2000067466A1 (fr) Systeme de transmission securisee pour signaux modem de donnees de telecopie
WO2000067409A2 (fr) Procede pour la transmission protegee de signaux de modem de donnees et de fac-simile
WO2000067467A1 (fr) Appareil assurant une transmission securisee de signaux de fac-simile sur des modems de donnees
JPH02134940A (ja) データ暗号化アダプタ装置、データ復号化アダプタ装置、およびこれらを用いたデータ通信システム
JP3300375B2 (ja) 暗号機能を有する送信装置
US6693972B1 (en) Data apparatus for maintaining analog line signal during a data sample underrun condition
CN107172318B (zh) 一种专用无线传真方法、系统及装置
JP2650705B2 (ja) 通信データ暗号化アダプタ装置、通信データ復号化アダプタ装置、およびこれらを用いた通信データ暗号化・復号化方式
JP3394329B2 (ja) ファクシミリモデムの盗聴防止方式およびファクシミリ装置
KR100249849B1 (ko) 실시간 데이터의 암호화/복호화용 정보 보안 장치
JP3016686U (ja) ファクシミリ装置及びファクシミリ通信システム
JP3121981B2 (ja) 暗号通信のための端末装置
JPH03184477A (ja) ファクシミリ装置
JP2000196897A (ja) ファクシミリ用秘話装置
JPH01245765A (ja) ファクシミリ装置
KR100324207B1 (ko) 디지털 휴대전화기와 공중망의 정합장치 및 이를 이용한공중망 전화통신방법
JP2793807B2 (ja) 画像通信装置
JP2913815B2 (ja) ファクシミリにおける受信方法
JP2746288B2 (ja) 通信装置

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AU CA IN MX

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

121 Ep: the epo has been informed by wipo that ep was designated in this application
AK Designated states

Kind code of ref document: A3

Designated state(s): AU CA IN MX

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
122 Ep: pct application non-entry in european phase