CN101159988A - Method and system of implementing different security level voice encryption - Google Patents
Method and system of implementing different security level voice encryption Download PDFInfo
- Publication number
- CN101159988A CN101159988A CNA2007101774546A CN200710177454A CN101159988A CN 101159988 A CN101159988 A CN 101159988A CN A2007101774546 A CNA2007101774546 A CN A2007101774546A CN 200710177454 A CN200710177454 A CN 200710177454A CN 101159988 A CN101159988 A CN 101159988A
- Authority
- CN
- China
- Prior art keywords
- called
- caller
- security level
- terminal
- base station
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention relates to a method of speech encryption realization with different encryption levels, which is used in speech encryption conversation between a calling terminal and/or a called terminal. The calling terminal and the called terminal have different encryption level, which includes: the calling terminal and the called terminal establishes clear speech conversation; the calling terminal and a calling encryption gateway establishes encryption conversation according to the calling terminal request; the calling encryption gateway after decryption carries out clear speech conversation with a called encryption gateway, or the calling encryption gateway after decryption carries out clear speech conversation with a called base station subsystem and the called encryption gateway or the called base station subsystem carries out clear speech conversation with the called terminal; and/or according to the calling terminal request, the called terminal and the called encryption gateway establish encryption conversation; the called encryption gateway after decryption carries out clear speech conversation with the called encryption gateway, or the called encryption gateway after decryption carries out clear speech conversation with the calling base station subsystem and the calling encryption gateway or the calling base station subsystem carries out clear speech conversation with the calling terminal.
Description
Technical field
The present invention relates to the voice encryption field, relate in particular to a kind of method and system that realize different security level voice encryption.
Background technology
Along with popularizing that mobile communication system is used in each field, the user is proposing more and more higher requirement to the voice communication of mobile communication system aspect fail safe and the confidentiality.Particularly, not only require system to have high security, also require system to have high reliability, high flexibility and high ease for use in the field that relates to information sensings such as national security, military communication.The effective measures that guarantee at present the moving speech communication fail safe are voice encryptions end to end.
Voice encryption is a kind of technology of voice being carried out encryption and decryption by mobile communication terminal (MS) end to end.This technical scheme mainly comprises following process, portable terminal by caller sends the key distribution request by mobile switching centre (MSC) to KDC (KDC), by KDC the calling terminal and the terminal called that participate in calling out are encrypted the qualification authentication and distributed encryption key respectively, by MSC the calling terminal of acquisition and the encryption key of terminal called are sent to calling terminal and terminal called respectively again, and by base station controller (BSC) the bypass speech coding format converter (TC) of MSC notice calling terminal and terminal called ownership, at last utilize encryption key to realize that voice carry out transparent transmission with the form of encrypting in channel and the core net network aloft, thereby guarantee the fail safe of voice communication by calling terminal and terminal called.
Present voice encryption communication implementation is existing some shortcomings aspect ease for use and the flexibility:
First, on the process of voice encryption communication realization, the realization technology that has all is directly to set up the link of coded communication in the process that communication traffic channel is set up basically, finishes the distribution of encryption key on the link of coded communication, thereby directly finishes the process of coded communication.Present implementation makes the user before initiating voice communication, must understand the other side's of communication terminal support voice encrypting and decrypting whether; Otherwise if the user initiates audio call in the mode of encrypted word communication, and the other side's of communication the terminal encrypting and decrypting of support voice not can cause conversation normally to carry out; Otherwise, if the user initiates audio call with the unencryped word communication mode, and the encrypting and decrypting of the other side's of communication terminal support voice, if the mode that the user needs to transfer to encrypted word with communication counterpart in unencryped word communication communicates, then must hang up current clear call, the mode with encrypted word communication makes a call again.This just uses voice encryption communication to bring very big inconvenience to the user.
Second; content aspect from voice encryption communication; existing technology all is to adopt unified Cipher Strength to encrypt to the voice that needs are encrypted basically; promptly regardless of the sensitivity of voice messaging; adopt in the process of coded communication with a kind of cryptographic algorithm with a kind of encryption key of intensity; voice encryption protection is lacked level, can't be neatly carry out adaptive voice encryption according to the different security requirement of the content of user speech communication.
The 3rd, encrypt the aspect of terminal from mobile communication, the encryption terminal of a certain grade of existing network can only be loaded corresponding to the relevant encrypting module of the cryptographic algorithm of this grade, can't realize same encoding and decoding requirement of encrypting the terminal cryptographic algorithm that compatible a plurality of upper-lower hierarchy are different simultaneously.Make when the High Security Level terminal when needs and Low Security Level terminal are carried out speech scrambling, be subject to the difference of terminal support cryptographic algorithm each other, and finally cause can only carrying out voice communication in the mode of unencryped word between High Security Level terminal and the Low Security Level terminal.If make the encryption terminal can support to load the cryptographic algorithm relevant encrypting module of while corresponding to High Security Level and Low Security Level, then certainly will make amendment to encrypting terminal and equipment of the core network, this will increase the cost of realizing.
Unencryped word is to the problem of the switching of encrypted word in can't realizing conversing at above-mentioned voice encryption communication, patent application " CN200510067118.7 " has provided a solution, promptly realize the method that the user is switched to encrypted word in the unencryped word conversation by short message service, its characteristics are need not existing mobile communication switching network is transformed, as long as system supports short message service and data penetration transmission business, under the support of particular terminal, can realize that unencryped word in the communication process is to the switching of encrypted word.But this patent does not propose to realize the terminal of different security level is set up enciphoring voice telecommunication and the method for the switching that realization different phonetic level of confidentiality is called out in conversation.
Summary of the invention
In order to solve above-mentioned technical problem, a kind of method and system that realize different security level voice encryption are provided, its purpose is, on the basis of supporting user's switching from the unencryped word to the encrypted word in conversation, do not need the call encryption framework of existing network is made under the prerequisite of any modification, realize the terminal of different security level is set up enciphoring voice telecommunication and realize the switching that the different phonetic level of confidentiality is called out in conversation.
The invention provides a kind of method that realizes different security level voice encryption, be used for calling terminal and/or terminal called and carry out the voice encryption conversation, described calling terminal has different encryption levels of confidentiality with described terminal called, comprising:
Step 1, described calling terminal and described terminal called are set up the unencryped word voice call;
Step 2, according to the request of described calling terminal, described calling terminal and caller voice encryption gateway are set up the encrypted speech conversation; Described caller voice encryption gateway deciphering back and described called voice encryption gateway carry out the unencryped word voice call, perhaps described caller voice encryption gateway deciphering back and called base station sub-system are carried out the unencryped word voice call, and described called voice encryption gateway or called base station sub-system and described terminal called carry out the unencryped word voice call;
And/or the request of the described terminal called of foundation, described terminal called and called voice encryption gateway are set up the encrypted speech conversation; Described called voice encryption gateway deciphering back and described caller voice encryption gateway carry out the unencryped word voice call, perhaps called voice encryption gateway deciphering back and caller base station sub-system are carried out the unencryped word voice call, and described caller voice encryption gateway or caller base station sub-system and described calling terminal carry out the unencryped word voice call.
If calling terminal is a calling mobile terminal, and terminal called is called mobile terminal, then sets up the unencryped word voice call in the step 1 and comprises:
Step 31, calling mobile terminal initiates to begin to call for to ask to the caller base station sub-system;
Step 32, caller base station sub-system make a call to set up to called base station sub-system by access switch, caller interface switch and called interface switchboard and ask;
Step 33, called base station sub-system is initiated final call request to called mobile terminal;
Step 34, the called mobile terminal off-hook is replied, and sends answer-notification message by called base station sub-system to called interface switchboard;
Step 35, called interface switchboard sends answer-notification message by access switch to the caller interface switch;
Step 36, the caller interface switch sends answer-notification message by the caller base station sub-system to calling mobile terminal.
Comprise also between step 32 and the step 33 that called interface switchboard sends unencryped word voice call notification message to called short message service center, and/or comprise also between step 35 and the step 36 that the caller interface switch sends unencryped word voice call notification message to caller short message service center.
If calling terminal is a calling mobile terminal, then in the step 2, according to the request of described calling terminal, described calling mobile terminal and caller voice encryption gateway are set up the encrypted speech conversation and are comprised:
Step 61, calling mobile terminal sends caller encrypted speech call request short message to the caller base station sub-system;
Step 62, the caller base station sub-system sends caller encrypted speech call request short message according to the calling mobile terminal sign to caller short message service center;
Step 63, caller short message service center sends caller key authentication request for allocation to caller KDC, and caller KDC returns the response of caller key authentication request for allocation, and this response is included as the caller key that calling mobile terminal distributes;
Step 64, caller short message service center returns the response of caller encrypted speech call request short message to the caller base station sub-system, and this response comprises the caller key; And caller short message service center notice caller base station sub-system bypass speech coding format converter;
Step 65, the caller base station sub-system is returned the response of caller encrypted speech call request short message to calling mobile terminal, and this response comprises the caller key;
Step 66, caller short message service center sends caller voice encryption gateway requests to caller voice encryption gateway, and issues the caller key;
Step 67, caller voice encryption gateway obtains senior key, and returns caller voice encryption gateways and starting to caller short message service center and finish message.
If terminal called is a called mobile terminal, then in the step 2, according to the request of described terminal called, described called mobile terminal and called voice encryption gateway are set up the encrypted speech conversation and are comprised:
Step 71, called mobile terminal sends called encrypted speech call request short message to called base station sub-system;
Step 72, called base station sub-system sends called encrypted speech call request short message according to the called mobile terminal sign to called short message service center;
Step 73, called short message service center sends called key authentication request for allocation to called KDC, and called KDC returns called key authentication request for allocation response, and this response is included as the called key that called mobile terminal distributes;
Step 74, called short message service center returns called encrypted speech call request short message response to called base station sub-system, and this response comprises called key; And called short message service center notifies called base station sub-system bypass speech coding format converter;
Step 75, called base station sub-system is returned called encrypted speech call request short message response to called mobile terminal, and this response comprises called key;
Step 76, called short message service center sends called voice encryption gateway requests to called voice encryption gateway, and issues called key;
Step 77, called voice encryption gateway obtains senior key, and returns called voice encryption gateways and starting to called short message service center and finish message.
The request of described calling terminal or the request of described terminal called comprise to fall level of confidentiality calling prefix or rise level of confidentiality calls out prefix, is used to initiate the voice encryption conversation.
The invention provides a kind of system that realizes different security level voice encryption, comprise calling terminal, terminal called, caller voice encryption gateway and/or called voice encryption gateway, and caller base station sub-system and/or called base station sub-system,
Calling terminal is used for setting up the unencryped word voice call with terminal called, sets up the encrypted speech conversation according to the request and the caller voice encryption gateway of described calling terminal;
Described caller voice encryption gateway is used for deciphering back and described called voice encryption gateway and carries out the unencryped word voice call, perhaps carries out the unencryped word voice call with called base station sub-system; Described called voice encryption gateway or called base station sub-system and described terminal called carry out the unencryped word voice call;
And/or terminal called, also be used for setting up the encrypted speech conversation according to the request and the called voice encryption gateway of described terminal called;
Described called voice encryption gateway deciphering back and described caller voice encryption gateway carry out the unencryped word voice call, perhaps called voice encryption gateway deciphering back and caller base station sub-system are carried out the unencryped word voice call, and described caller voice encryption gateway or caller base station sub-system and described calling terminal carry out the unencryped word voice call.
Described calling terminal is a calling mobile terminal, and/or described terminal called is a called mobile terminal.
Also comprise: caller KDC, be used to distribute the caller key, calling terminal carries out the encrypted speech conversation according to the caller key; Called KDC is used to distribute called key, and terminal called carries out the encrypted speech conversation according to called key.
Also comprise caller short message service center and/or called short message service center; Caller short message service center is used to receive the encrypted speech call request short message that the caller base station sub-system sends, and distributes the caller key to the request of caller KDC; Called short message service center is used to receive the encrypted speech call request short message that called base station sub-system sends, and distributes called key to the request of called KDC.
Implementation of the present invention is more flexible, and has better ease for use, can be under the prerequisite of not revising existing network encryption framework, convenient many levels of confidentiality terminal that realizes realizes from the unencryped word to the encrypted word switching from the Low Security Level voice call to the High Security Level voice call in voice communication; Because it is bigger that hot voice communication takies radio channel resource, so the present invention is realizing also having saved Internet resources effectively in the security requirement of many security level voices communication in different levels.
Description of drawings
Fig. 1 is a system construction drawing provided by the invention;
Fig. 2 is the flow chart of High Security Level terminal call Low Security Level terminal provided by the invention;
Fig. 3 is the flow chart of Low Security Level terminal call High Security Level terminal provided by the invention.
Embodiment
In the present invention, High Security Level is meant with the high algorithm of Cipher Strength (for example Triple DES algorithm) and carries out encryption and decryption that Low Security Level is meant that the low algorithm of the intensity that accesses to your password (for example DES algorithm) carries out encryption and decryption.Adopt the portable terminal of High Security Level algorithm to be called the High Security Level portable terminal, adopt the portable terminal of Low Security Level algorithm to be called the Low Security Level portable terminal.
Fig. 1 is a system construction drawing provided by the invention, comprise: the High Security Level portable terminal, the Low Security Level portable terminal, common mobile terminal, High Security Level KDC, Low Security Level KDC, High Security Level short message service center (SMSC), Low Security Level short message service center, High Security Level voice encryption gateway (VGW), Low Security Level voice encryption gateway inserts mobile switching centre, High Security Level interface mobile switching centre, Low Security Level interface mobile switching centre, base station sub-system (BSS), Public Switched Telephone Network, PSTN terminal.High Security Level portable terminal and Low Security Level portable terminal are embedded with encrypting module, the function that has storage user cipher device authentication information, voice is carried out scrambled and decoding according to key, the difference of High Security Level portable terminal and Low Security Level portable terminal only limits to the different of its embedded separately encrypting module, and the difference of High Security Level portable terminal, Low Security Level portable terminal and common unencryped word terminal is the not embedded encrypting module of common unencryped word terminal.In addition, High Security Level portable terminal, Low Security Level portable terminal and common unencryped word terminal indistinction on function.
In the present invention, during High Security Level mobile terminal calling Low Security Level portable terminal, need before called number, add as calling party's High Security Level portable terminal and to dial " fall level of confidentiality and call out prefix ".During Low Security Level mobile terminal calling High Security Level portable terminal, need before called number, add as calling party's Low Security Level portable terminal and to dial " rising level of confidentiality calling prefix ".The effect of " fall level of confidentiality call out to prefix " and " rises level of confidentiality and call out prefix " is to help access mobile switching centre, High Security Level interface mobile switching centre and Low Security Level interface mobile switching centre to carry out route to discern.If comprise " fall level of confidentiality call out to prefix " before the current called number then route the call to High Security Level interface mobile switching centre, High Security Level interface mobile switching centre will " fall level of confidentiality and call out prefix " and leave out, and route the call to Low Security Level interface mobile switching centre; If comprise " rise level of confidentiality call out to prefix " before the current called number then route the call to Low Security Level interface mobile switching centre, Low Security Level interface mobile switching centre will " rise level of confidentiality and call out prefix " leaves out, and routes the call to High Security Level interface mobile switching centre.
In the concrete realization, can in user's portable terminal, set High Security Level mobile phone users telephone directory and Low Security Level mobile phone users telephone directory, rises level of confidentiality and call out prefix or fall level of confidentiality calling prefix thereby when calling mobile terminal makes a call, before dialing, add automatically by terminal.
In the present invention, the function that possesses of High Security Level interface mobile switching centre, Low Security Level interface mobile switching centre and interface mobile switching centre and common mobile switching centre's indistinction.In the present invention, the effect of interface mobile switching centre is according to falling level of confidentiality calling prefix or rising level of confidentiality calling prefix route to be carried out in calling.The effect of High Security Level interface mobile switching centre is to cooperate High Security Level SMSC and High Security Level VGW to realize High Security Level voice encryption function.The effect of Low Security Level interface mobile switching centre is to cooperate Low Security Level SMSC and Low Security Level VGW to realize Low Security Level voice encryption function.Function that High Security Level SMSC and Low Security Level SMSC possess and common SMSC indistinction.In the present invention, High Security Level voice encryption gateway can carry out the encryption and decryption operation according to the High Security Level cryptographic algorithm to the speech data that receives according to the High Security Level key, and Low Security Level voice encryption gateway can carry out the encryption and decryption operation according to the Low Security Level cryptographic algorithm to the speech data that receives according to the Low Security Level key.
In the present invention, High Security Level interface mobile switching centre, Low Security Level interface mobile switching centre and interface mobile switching centre call out whole voice encryption and are divided into independently three sections, system can independently encrypt separately according to the call encryption demand of High Security Level portable terminal and Low Security Level portable terminal and initiate to handle, thereby makes the control of whole ciphering process more flexible.
Utilize system shown in Figure 1, High Security Level terminal call Low Security Level end method provided by the invention as shown in Figure 2, may further comprise the steps:
Step 301, High Security Level MS dial " fall level of confidentiality and call out prefix+called Low Security Level MS number ", initiate to begin to call for to ask;
Step 302, caller BSS make a call to set up to access MSC and ask;
Step 303, access MSC basis " are fallen level of confidentiality and are called out prefix ", make a call to set up to High Security Level interface MSC and ask;
Step 304, High Security Level interface MSC delete " fall level of confidentiality and call out prefix " before user's dialing numbers, make a call to set up to Low Security Level interface MSC and ask;
Step 305, Low Security Level interface MSC send setup requests to called BSS;
Step 306, called BSS initiate final call request to Low Security Level MS;
Step 307, call through, Low Security Level MS off-hook is replied, to sending answer-notification message by called BSS to Low Security Level interface MSC;
Step 308, Low Security Level interface MSC send the unencryped word notification message to Low Security Level SMSC;
Step 309, Low Security Level interface MSC send answer-notification message to inserting MSC;
Step 310, access MSC send answer-notification message to High Security Level MSC;
Step 311, High Security Level interface MSC send the unencryped word notification message to High Security Level SMSC;
Step 312, High Security Level interface MSC send answer-notification message by caller BSS to High Security Level MS;
Step 313, so far to the caller BSS, and enters the unencryped word voice call from called BSS to the Low Security Level MS from High Security Level MS;
Step 314, in the unencryped word voice call, High Security Level MS need initiate encrypted speech conversation, sends High Security Level encrypted word request short message to caller BSS;
Step 315, caller BSS send High Security Level encrypted word request short message according to the mobile station identification of High Security Level MS to High Security Level SMSC;
Step 316, High Security Level SMSC send High Security Level key authentication request for allocation to High Security Level KDC;
Step 317, High Security Level KDC carry out the encrypted word qualification authentication to High Security Level MS, distribute the High Security Level key by the back, return the response of High Security Level key authentication request for allocation to High Security Level SMSC, carry the High Security Level key that distributes into High Security Level MS;
Step 318, High Security Level SMSC return the response of High Security Level encrypted word request short message to caller BSS, carry the High Security Level key, notify caller BSS bypass speech coding format converter TC simultaneously;
Step 319, caller BSS carry out bypass operation to speech coding format converter TC, and return the response of High Security Level encrypted word request short message to High Security Level MS, carry the High Security Level key, are handed down to High Security Level MS;
Step 320, High Security Level SMSC send the request of High Security Level voice encryption gateways and starting to High Security Level VGW, and issue the High Security Level key;
Step 321, High Security Level VGW obtain the High Security Level key, and return High Security Level voice encryption gateways and starting to High Security Level SMSC and finish message;
Step 322, so far utilizes the High Security Level key to carry out the High Security Level coded communication between the High Security Level MS of caller and the High Security Level VGW, and High Security Level VGW keeps unencryped word communication between called BSS and the Low Security Level MS;
Step 323, Low Security Level MS need to initiate the encrypted speech conversation in the unencryped word voice call, send Low Security Level encrypted word request short message to called BSS;
Step 324, called BSS send Low Security Level encrypted word request short message according to the mobile station identification of Low Security Level MS to Low Security Level SMSC;
Step 325, Low Security Level SMSC send Low Security Level key authentication request for allocation to Low Security Level KDC;
Step 326, Low Security Level KDC carry out the encrypted word qualification authentication to Low Security Level MS, distribute the Low Security Level key by the back, return the response of Low Security Level key authentication request for allocation to Low Security Level SMSC, carry the Low Security Level key that distributes into Low Security Level MS;
Step 327, Low Security Level SMSC return the response of Low Security Level encrypted word request short message to called BSS, carry the Low Security Level key, notify called BSS bypass speech coding format converter TC simultaneously;
Step 328, called BSS bypass speech coding format converter TC, and return Low Security Level encrypted word request short message response to Low Security Level MS, carry the Low Security Level key, be handed down to Low Security Level MS;
Step 329, Low Security Level SMSC send the close gateways and starting request of Low Security Level voice to Low Security Level VGW, and issue the Low Security Level key;
Step 330, Low Security Level VGW obtain the Low Security Level key, and return the close gateways and starting of Low Security Level voice to Low Security Level SMSC and finish message;
Step 331, so far utilizes the High Security Level key to carry out the High Security Level coded communication between High Security Level MS and the High Security Level VGW, and High Security Level VGW is to keeping unencryped word communication between the Low Security Level VGW, and Low Security Level VGW enters the Low Security Level voice communication between the Low Security Level MS.
Fig. 3 is the flow chart of Low Security Level terminal call High Security Level terminal provided by the invention, may further comprise the steps:
Step 401, Low Security Level MS dial " rise level of confidentiality and call out prefix+called High Security Level MS number ", initiate to begin to call for to ask;
Step 402, caller BSS make a call to set up to access MSC and ask;
Step 403, access MSC basis " rise level of confidentiality and call out prefix ", make a call to set up to Low Security Level interface MSC and ask;
Step 404, Low Security Level interface MSC delete " rise level of confidentiality and call out prefix " before user's dialing numbers, make a call to set up to High Security Level interface MSC and ask;
Step 405, High Security Level interface MSC send setup requests to called BSS;
Step 406, called BSS initiate final call request to High Security Level MS;
Step 407, call through, called High Security Level MS off-hook is replied, and sends answer-notification message by BSS to High Security Level interface MSC;
Step 408, High Security Level interface MSC send the unencryped word notification message to High Security Level SMSC;
Step 409, High Security Level interface MSC send answer-notification message to inserting MSC;
Step 410, access MSC send answer-notification message to Low Security Level MSC;
Step 411, Low Security Level interface MSC send the unencryped word notification message to Low Security Level SMSC;
Step 412, Low Security Level interface MSC send answer-notification message by BSS to Low Security Level MS;
Step 413, so far to the caller BSS, and enters the unencryped word voice call from called BSS to the High Security Level MS from Low Security Level MS;
Step 414, in the unencryped word voice call, Low Security Level MS need initiate encrypted speech conversation, sends Low Security Level encrypted word request short message to caller BSS;
Step 415, caller BSS send Low Security Level encrypted word request short message according to the mobile station identification of Low Security Level MS to Low Security Level SMSC;
Step 416, Low Security Level SMSC send Low Security Level key authentication request for allocation to Low Security Level KDC;
Step 417, Low Security Level KDC carry out the encrypted word qualification authentication to Low Security Level MS, distribute the Low Security Level key by the back, return the response of Low Security Level key authentication request for allocation to Low Security Level SMSC, carry the Low Security Level key that distributes into Low Security Level MS;
Step 418, Low Security Level SMSC return the response of Low Security Level encrypted word request short message to caller BSS, carry the Low Security Level key, notify caller BSS bypass speech coding format converter TC simultaneously;
Step 419, caller BSS bypass speech coding format converter TC, and return Low Security Level encrypted word request short message response to Low Security Level MS, carry the Low Security Level key, be handed down to Low Security Level MS;
Step 420, Low Security Level SMSC send the close gateways and starting request of Low Security Level voice to Low Security Level VGW, and issue the Low Security Level key;
Step 421, Low Security Level VGW obtain the Low Security Level key, and return the close gateways and starting of Low Security Level voice to Low Security Level SMSC and finish message;
Step 422, so far utilizes the Low Security Level key to carry out the Low Security Level coded communication between the Low Security Level MS of caller and the Low Security Level VGW, and Low Security Level VGW keeps unencryped word communication between called BSS and the High Security Level MS;
Step 423, High Security Level MS need to initiate the encrypted speech conversation in the unencryped word voice call, send High Security Level encrypted word request short message to called BSS;
Step 424, called BSS send High Security Level encrypted word request short message according to the mobile station identification of High Security Level MS to High Security Level SMSC;
Step 425, High Security Level SMSC send High Security Level key authentication request for allocation to High Security Level KDC;
Step 426, High Security Level KDC carry out the encrypted word qualification authentication to High Security Level MS, distribute the High Security Level key by the back, return the response of High Security Level key authentication request for allocation to High Security Level SMSC, carry the High Security Level key that distributes into High Security Level MS;
Step 427, High Security Level SMSC return the response of High Security Level encrypted word request short message to BSS, carry the High Security Level key, notify called BSS bypass speech coding format converter TC simultaneously;
Step 428, called BSS bypass speech coding format converter TC, and return High Security Level encrypted word request short message response to Low Security Level MS, carry the High Security Level key, be handed down to High Security Level MS;
Step 429, High Security Level SMSC send the close gateways and starting request of High Security Level voice to High Security Level VGW, and issue the High Security Level key;
Step 430, High Security Level VGW obtain the High Security Level key, and return the close gateways and starting of High Security Level voice to High Security Level SMSC and finish message;
Step 431, so far utilizes the Low Security Level key to carry out the Low Security Level coded communication between Low Security Level MS and the Low Security Level VGW, and Low Security Level VGW is to keeping unencryped word communication between the High Security Level VGW, and High Security Level VGW enters the High Security Level voice communication between the High Security Level MS.
The technical scheme that provides among the present invention can also be applied in; Can also be used for caller is fixed terminal, and called for conversing between the portable terminal with encryption function, detailed technical scheme repeats no more.
Those skilled in the art can also carry out various modifications to above content under the condition that does not break away from the definite the spirit and scope of the present invention of claims.Therefore scope of the present invention is not limited in above explanation, but determine by the scope of claims.
Claims (10)
1. a method that realizes different security level voice encryption is used for calling terminal and/or terminal called and carries out the voice encryption conversation, and described calling terminal has different encryption levels of confidentiality with described terminal called, it is characterized in that, comprising:
Step 1, described calling terminal and described terminal called are set up the unencryped word voice call;
Step 2, according to the request of described calling terminal, described calling terminal and caller voice encryption gateway are set up the encrypted speech conversation; Described caller voice encryption gateway deciphering back and described called voice encryption gateway carry out the unencryped word voice call, perhaps described caller voice encryption gateway deciphering back and called base station sub-system are carried out the unencryped word voice call, and described called voice encryption gateway or called base station sub-system and described terminal called carry out the unencryped word voice call;
And/or the request of the described terminal called of foundation, described terminal called and called voice encryption gateway are set up the encrypted speech conversation; Described called voice encryption gateway deciphering back and described caller voice encryption gateway carry out the unencryped word voice call, perhaps called voice encryption gateway deciphering back and caller base station sub-system are carried out the unencryped word voice call, and described caller voice encryption gateway or caller base station sub-system and described calling terminal carry out the unencryped word voice call.
2. the method for realization different security level voice encryption as claimed in claim 1 is characterized in that, if calling terminal is a calling mobile terminal, and terminal called is called mobile terminal, then sets up the unencryped word voice call in the step 1 and comprises:
Step 31, calling mobile terminal initiates to begin to call for to ask to the caller base station sub-system;
Step 32, caller base station sub-system make a call to set up to called base station sub-system by access switch, caller interface switch and called interface switchboard and ask;
Step 33, called base station sub-system is initiated final call request to called mobile terminal;
Step 34, the called mobile terminal off-hook is replied, and sends answer-notification message by called base station sub-system to called interface switchboard;
Step 35, called interface switchboard sends answer-notification message by access switch to the caller interface switch;
Step 36, the caller interface switch sends answer-notification message by the caller base station sub-system to calling mobile terminal.
3. the method for realization different security level voice encryption as claimed in claim 2, it is characterized in that, comprise also between step 32 and the step 33 that called interface switchboard sends unencryped word voice call notification message to called short message service center, and/or comprise also between step 35 and the step 36 that the caller interface switch sends unencryped word voice call notification message to caller short message service center.
4. the method for realization different security level voice encryption as claimed in claim 1, it is characterized in that, if calling terminal is a calling mobile terminal, then in the step 2, according to the request of described calling terminal, described calling mobile terminal and caller voice encryption gateway are set up the encrypted speech conversation and are comprised:
Step 61, calling mobile terminal sends caller encrypted speech call request short message to the caller base station sub-system;
Step 62, the caller base station sub-system sends caller encrypted speech call request short message according to the calling mobile terminal sign to caller short message service center;
Step 63, caller short message service center sends caller key authentication request for allocation to caller KDC, and caller KDC returns the response of caller key authentication request for allocation, and this response is included as the caller key that calling mobile terminal distributes;
Step 64, caller short message service center returns the response of caller encrypted speech call request short message to the caller base station sub-system, and this response comprises the caller key; And caller short message service center notice caller base station sub-system bypass speech coding format converter;
Step 65, the caller base station sub-system is returned the response of caller encrypted speech call request short message to calling mobile terminal, and this response comprises the caller key;
Step 66, caller short message service center sends caller voice encryption gateway requests to caller voice encryption gateway, and issues the caller key;
Step 67, caller voice encryption gateway obtains senior key, and returns caller voice encryption gateways and starting to caller short message service center and finish message.
5. the method for realization different security level voice encryption as claimed in claim 1, it is characterized in that, if terminal called is a called mobile terminal, then in the step 2, according to the request of described terminal called, described called mobile terminal and called voice encryption gateway are set up the encrypted speech conversation and are comprised:
Step 71, called mobile terminal sends called encrypted speech call request short message to called base station sub-system;
Step 72, called base station sub-system sends called encrypted speech call request short message according to the called mobile terminal sign to called short message service center;
Step 73, called short message service center sends called key authentication request for allocation to called KDC, and called KDC returns called key authentication request for allocation response, and this response is included as the called key that called mobile terminal distributes;
Step 74, called short message service center returns called encrypted speech call request short message response to called base station sub-system, and this response comprises called key; And called short message service center notifies called base station sub-system bypass speech coding format converter;
Step 75, called base station sub-system is returned called encrypted speech call request short message response to called mobile terminal, and this response comprises called key;
Step 76, called short message service center sends called voice encryption gateway requests to called voice encryption gateway, and issues called key;
Step 77, called voice encryption gateway obtains senior key, and returns called voice encryption gateways and starting to called short message service center and finish message.
6. as the method for claim 1,2,3,4 or 5 described realization different security level voice encryptions, it is characterized in that, the request of described calling terminal or the request of described terminal called comprise to fall level of confidentiality calling prefix or rise level of confidentiality calls out prefix, is used to initiate the voice encryption conversation.
7. a system that realizes different security level voice encryption comprises calling terminal, terminal called, and caller voice encryption gateway and/or called voice encryption gateway, and caller base station sub-system and/or called base station sub-system is characterized in that,
Calling terminal is used for setting up the unencryped word voice call with terminal called, sets up the encrypted speech conversation according to the request and the caller voice encryption gateway of described calling terminal;
Described caller voice encryption gateway is used for deciphering back and described called voice encryption gateway and carries out the unencryped word voice call, perhaps carries out the unencryped word voice call with called base station sub-system; Described called voice encryption gateway or called base station sub-system and described terminal called carry out the unencryped word voice call;
And/or terminal called, also be used for setting up the encrypted speech conversation according to the request and the called voice encryption gateway of described terminal called;
Described called voice encryption gateway deciphering back and described caller voice encryption gateway carry out the unencryped word voice call, and perhaps called voice encryption gateway deciphering back and caller base station sub-system are carried out the unencryped word voice call; Described caller voice encryption gateway or caller base station sub-system and described calling terminal carry out the unencryped word voice call.
8. the system of realization different security level voice encryption as claimed in claim 7 is characterized in that, described calling terminal is a calling mobile terminal, and/or described terminal called is a called mobile terminal.
9. the system of realization different security level voice encryption as claimed in claim 8 is characterized in that, also comprises: caller KDC, be used to distribute the caller key, and calling terminal carries out the encrypted speech conversation according to the caller key; Called KDC is used to distribute called key, and terminal called carries out the encrypted speech conversation according to called key.
10. the system of realization different security level voice encryption as claimed in claim 9 is characterized in that, also comprises caller short message service center and/or called short message service center; Caller short message service center is used to receive the encrypted speech call request short message that the caller base station sub-system sends, and distributes the caller key to the request of caller KDC; Called short message service center is used to receive the encrypted speech call request short message that called base station sub-system sends, and distributes called key to the request of called KDC.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007101774546A CN101159988A (en) | 2007-11-15 | 2007-11-15 | Method and system of implementing different security level voice encryption |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007101774546A CN101159988A (en) | 2007-11-15 | 2007-11-15 | Method and system of implementing different security level voice encryption |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101159988A true CN101159988A (en) | 2008-04-09 |
Family
ID=39307873
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2007101774546A Pending CN101159988A (en) | 2007-11-15 | 2007-11-15 | Method and system of implementing different security level voice encryption |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101159988A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103501494A (en) * | 2013-10-14 | 2014-01-08 | 中国联合网络通信集团有限公司 | Mobile hotspot terminal access method, mobile hotspot terminal and MME (mobile management entity) |
| CN104796401A (en) * | 2015-03-12 | 2015-07-22 | 天翼电信终端有限公司 | A method and a system for realizing encryption speech communication over an intermediate platform |
| CN104796402A (en) * | 2015-03-12 | 2015-07-22 | 天翼电信终端有限公司 | Method and system for realizing encrypted short message communication through middle platform |
| CN105025475A (en) * | 2015-07-28 | 2015-11-04 | 东南大学常州研究院 | Andriod system-oriented implement method of mobile secure terminal |
| CN105812592A (en) * | 2014-12-30 | 2016-07-27 | 中国移动通信集团公司 | Voice service access method and device |
-
2007
- 2007-11-15 CN CNA2007101774546A patent/CN101159988A/en active Pending
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103501494A (en) * | 2013-10-14 | 2014-01-08 | 中国联合网络通信集团有限公司 | Mobile hotspot terminal access method, mobile hotspot terminal and MME (mobile management entity) |
| CN103501494B (en) * | 2013-10-14 | 2016-08-10 | 中国联合网络通信集团有限公司 | Mobile hot terminal cut-in method, mobile hot terminal and mobile management entity |
| CN105812592A (en) * | 2014-12-30 | 2016-07-27 | 中国移动通信集团公司 | Voice service access method and device |
| CN104796401A (en) * | 2015-03-12 | 2015-07-22 | 天翼电信终端有限公司 | A method and a system for realizing encryption speech communication over an intermediate platform |
| CN104796402A (en) * | 2015-03-12 | 2015-07-22 | 天翼电信终端有限公司 | Method and system for realizing encrypted short message communication through middle platform |
| CN104796401B (en) * | 2015-03-12 | 2017-11-03 | 天翼电信终端有限公司 | A kind of method and system that enciphoring voice telecommunication is realized by halfpace |
| CN104796402B (en) * | 2015-03-12 | 2018-01-12 | 天翼电信终端有限公司 | A kind of method and system that Encrypted short message communication is realized by halfpace |
| CN105025475A (en) * | 2015-07-28 | 2015-11-04 | 东南大学常州研究院 | Andriod system-oriented implement method of mobile secure terminal |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP1048181B1 (en) | Procedure and system for the processing of messages in a telecommunication system | |
| CN101442742B (en) | Method, system and equipment for implementing end-to-end encipher of mobile cluster set call | |
| DE60132591D1 (en) | ARRANGING OF DATA HANDLING IN A WIRELESS TELECOMMUNICATIONS SYSTEM | |
| CN104333455A (en) | Secrete communication system and method for smart phone | |
| CN101541006A (en) | Communication apparatus | |
| KR20070082179A (en) | Mutual authentication apparatus and method | |
| CN102811422B (en) | A kind of Trunked Radio System | |
| CN101917711A (en) | Mobile communication system and voice call encryption method thereof | |
| CN101909290A (en) | Method, system and mobile terminal for encrypting voice call | |
| CN103139769B (en) | A kind of wireless communications method and network subsystem | |
| CN101159988A (en) | Method and system of implementing different security level voice encryption | |
| CN102137393A (en) | Method and device for encrypting end-to-end | |
| CN102123361B (en) | Method and device for realizing encrypted message communication | |
| CN103002439B (en) | Confidential call communication method and user terminal | |
| CN101128061A (en) | Method and system for mobile management unit, evolving base station and identifying whether UI is encrypted | |
| CN103607706A (en) | NFC-technology based conversation method, NFC terminal and far-end server | |
| CN101437277A (en) | Business control method, system and apparatus | |
| CN100531425C (en) | Incoming call rejection method, mobile terminal, and telephone call message leaving method | |
| JP2006121335A (en) | Information communication terminal, communication management system and communication system | |
| CN102761409A (en) | Method for improving conversation security and conversation equipment | |
| CN100388659C (en) | Equipment, system and method for implementing encryption communication between heterogeneity network | |
| CN103108291A (en) | Short message sending method and mobile switching center and mobile communication system | |
| CN2845368Y (en) | Mobile terminal with public and unpublic communications | |
| CN105025476B (en) | A kind of mobile encrypted communication mechanism of space-time separation | |
| CN113132090A (en) | System for sharing quantum key and secret communication method based on system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Open date: 20080409 |