CN101902734B - End-to-end self-synchronization voice encryption transmission implementation method for digital trunking communication system - Google Patents
End-to-end self-synchronization voice encryption transmission implementation method for digital trunking communication system Download PDFInfo
- Publication number
- CN101902734B CN101902734B CN201010257399A CN201010257399A CN101902734B CN 101902734 B CN101902734 B CN 101902734B CN 201010257399 A CN201010257399 A CN 201010257399A CN 201010257399 A CN201010257399 A CN 201010257399A CN 101902734 B CN101902734 B CN 101902734B
- Authority
- CN
- China
- Prior art keywords
- crypto
- voice
- communication
- encryption
- encrypted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention relates to an end-to-end self-synchronization voice encryption transmission implementation method for a digital trunking communication system, which is characterized by comprising the following steps: firstly setting an encryption machine at a terminal needs to carry out encryption communication and simultaneously taking the encryption machine as a communication terminal; secondly leading the encryption machine at a communication initiator to carry out key distribution to the encryption machine at a receiver in the user signaling way; thirdly leading all trunked base stations which correspond to receiving terminals involved in the communication to carry out key storage, leading a mobile station for being late to access to obtain a call key at this time, and adding the mobile stable for being late to access into a group call group carrying out the voice encryption communication under the control of the system; and fourthly using the encryption machine to carry out the voice encryption and embedding a serial number of a sequence of encrypted voice into a data frame of sound code voice, sending the encrypted voice and the serial numbers thereof according to the numbers of the frames together, and using the encryption machine at the receiver to carry out decryption on the encrypted voice, thereby completing the encryption communication. The method is not applicable to point-to-point trunk encrypted voice single call, but also applicable to point-to-multi-point trunk encrypted voice group call, as well as off-line through encrypted voice call of the mobile station, and the method has the advantages of simpleness, reliability and good confidentiality.
Description
Technical field
The present invention relates to a kind of digital cluster communication technology, especially a kind of secret communication method of digital clustering communication system, specifically a kind of digital clustering communication system end-to-end self-synchronization voice encryption transmission implementation method.
Background technology
As everyone knows, digital clustering communication system is a kind of dedicated mobile communications subsystem, and its main users is public safety, national defence, government department, large-scale enterprises and institutions, communications and transportation etc.These users have some specific (special) requirements for the voice service that trunking communication provided, and voice security communication is exactly wherein of paramount importance one.
In voice security communication, dual mode is arranged: air-interface encryption and End to End Encryption.
Air-interface encryption is the mode that the digital voice that travelling carriage transmits on the air interface radio between the base station is encrypted, and what on the cluster core net, transmit is non-encrypted unencryped word voice data.
End to End Encryption is to encrypt through the digital voice that carries out between the terminal of group system communication, encrypts the terminal and comprises: travelling carriage, telephone interface, line relay interface etc.During End to End Encryption, what transmit on the cluster core net is the encrypted word voice data of encrypting.
No matter be end-to-end voice encryption or air-interface encryption, all need use crypto, the effect of crypto is encryption and decryption.The so-called encryption is to convert the unencryped word digital voice data to the encrypted word digital voice data, and so-called deciphering is to convert the encrypted word voice data to the unencryped word digital voice data.
The difference of two kinds of cipher modes is:
(1) when carrying out End to End Encryption, crypto is positioned on portable terminal and the mobile core network wireline interface.And during air-interface encryption, crypto is positioned on portable terminal and the BTS channel machine.Because the BTS channel machine is distributed in each wireless coverage point, be difficult to management and control, the wireline interface of core net then is easy to administer and maintain, because these interfaces usually are placed in the core net machine room.
(2) if adopt the air-interface encryption scheme, what transmit on the cluster core net is unencryped word, and owing to core net is carried on the IP network, and IP network is a public network, and speech information is by eavesdropping and intercepting.When adopting End to End Encryption, speech is an encrypted word when IP network transmits, and can effectively prevent eavesdropping.
(3) End to End Encryption has lower cost.Because, if worrying, the user on core net, carries out the unencryped word transmission, then encrypt once more for unencryped word, will increase the cost of core net privacy device like this.Then privacy device need be do not increased when adopting End to End Encryption, the investment of privacy device can be reduced.
The wireless transmission channel of existing digital clustering communication system; When handling Speech Communication; Usually wireless channel time slot voice-over section data is called payload (pay load); What user terminal was placed among the payload is unencryped word or encrypted word on earth, and by user terminal oneself decision, the user can indication be to encrypt or non-encrypted data in " payload type " field of carrying time slot.
Digital colony network and what be indifferent to that user terminal transmits is unencryped word or encrypted word.Digital clustering communication system is that " payload " is sent to the purpose terminal from a source terminal.In other words, digital clustering communication system provides numeral " transparent " connection end to end.
The modern digital GSM is without exception the speech information of use digital sound sign indicating number technology transfer compression almost; Typical voice compression algorithm has: be used for the AMR speech coding of 3G PLMN PLMN, code rate is 4.75kbits/s-12.2kbits/s.Be used for TETRA Digital Clustering ACELP speech coding, code rate is 4.567kbits/s.And the AMBE of DMR Digital Clustering use or the coding of other types, code rate is 2.4kbits/s.
Above-mentioned sound sign indicating numberization speech coding has common characteristic: speech is split into the regular hour section and encodes, and the voice data of every section coding has identical bit number.
Suppose that the voice data speed behind the coding is S bit/s, the time of every section speech coding is Ts, and the data bit that speech packet P comprises is:
P=S×Ts (1)
Transmitting with frame F at the enterprising line data of wireless channel is unit of transfer, and a frame comprises K speech packet.
F=K×P (2)
=K×S×Ts
Speech coding speed S=2.4kbit/s involved in the present invention, speech coding time T s=20ms.According to formula (1), then the data bit that comprises of speech packet is:
P=S×Ts=2.4×10
3×20×10
-3=48?(bits)
When on wireless channel, transmitting, a frame comprises 3 speech packet, according to formula (2),
F=K×P=3×48=144?(bits)
Travelling carriage designs for satisfying the transmission of coded speech data to the bearing capacity of the air interface radio of base station.Say for sending of speech, adopted every 60ms to load the load mode of 144 bits.
When carrying out the encrypted voice transmission, need to solve following three problems:
(1) how air interface carries encrypted voice
When communicating pair need carry out voice encryption when transmission,, thereby cause producing encrypted voice can't carry transmission on original wireless channel problem because voice encryption can make the frame data after the encryption surpass frame length 144 bits on the air interface radio.
(2) how to the travelling carriage distributed key
When two travelling carriages carry out the cluster individual calling, when perhaps a plurality of travelling carriages carry out cluster multi call, need send the short data of a kind of being called " key " to all terminal security machines of participating in secure communication, be used for crypto and carry out the encryption and decryption use.
(3) how to make the crypto maintenance data sync of sending and receiving
Encrypted data be a frame one frame be sent to the recipient from transmit leg, recipient's crypto is in when deciphering, need keep consistently with the frame sequential of transmit leg crypto, just can carry out correct decryption oprerations.
In existing digital clustering communication system, increase the voice encryption function and exist like limit:
(1) travelling carriage has used the wireless channel of limited bandwidth; This channel has guaranteed transparent end to end connection; But the user transmits the payload size of voice data can not be changed with sending at interval, if the user adopts former sound sign indicating number speech coding speed, then data encrypted speed just can not change; Otherwise wireless channel can't carry.
(2) because digital clustering communication system, be not thought of as the travelling carriage distributed key, lack and obtain key at every turn when air interface signaling is used to assist the travelling carriage crypto to converse, become the problem that must solve for setting up the key signaling between the travelling carriage crypto.
(3) under the situation of cluster multi call, fashionable late when a new start travelling carriage, existing system is not considered to cause going into late travelling carriage and can't carry out secure voice communication how to its distributed key.
(4) existing system is not thought of as the travelling carriage that carries out secure communication the encrypted word method for synchronous is provided.
Summary of the invention
The objective of the invention is to be difficult to manage and the core net conversation is prone to divulge a secret and End to End Encryption receives limit on transmission bandwidth and be difficult to carry the synchronous problem of encrypted word, invent a kind of digital clustering communication system end-to-end self-synchronization voice encryption transmission implementation method to aerial interface ciphering base station crypto in the present digital clustering communication system.
Technical scheme of the present invention is:
A kind of digital clustering communication system end-to-end self-synchronization voice encryption transmission implementation method is characterized in that it may further comprise the steps:
At first, the terminal of carrying out coded communication at needs is provided with crypto, simultaneously with crypto also as a communication terminal, adopt of the voice encryption transmission of crypto terminal to the crypto terminal;
Secondly; After digital cluster communication net completion mobile terminal calling continues; Carry out key distribution with the mode of subscriber signaling to recipient's crypto by communication initiator's crypto, thereby make the Digital Clustering core net not need signaling to get involved, and then need not to revise and the increase and decrease core network signalling;
The 3rd; Communication initiator's crypto with the mode of subscriber signaling when recipient's crypto carries out key distribution; The pairing trunked base station of the receiving terminal that all communications relate to all carries out the key storage; The travelling carriage that is used for going into late obtains this and calls out key, the travelling carriage of going into is late added immediately carry out the group calling group that encrypted word is conversed;
The 4th, carry out voice encryption and the sequence number of encrypted voice sequence is embedded in the sound sign indicating number words Frame by crypto, transmit in the lump with encrypted word and by the sequence number of frame number, recipient's crypto carries out the encrypted word deciphering can accomplish secure communication.
During described crypto voice encryption vocoder coding speed is adjusted downward to 2.15kbits/s from 2.4kbits/s, every 20ms speech packet produces 43 bits; Crypto is under the control of processor system; Speech frame to continuous three total 129 bits that divide into groups is encrypted, and produces number of frames 15 bits by crypto after encrypting, and amounts to 144 bits and gives back processor system; If travelling carriage; Processor system is then given Base Band Unit with the encrypted word frame, delivers to radio frequency unit after the Base Band Unit completion chnnel coding and mails to the base station through air interface again, mails to other base stations or wireline interface by the base station through IP network; If wireline interface, processor system then is packaged into the encrypted word frame IP grouping and mails to other base stations or wireline interface through IP network.
Beneficial effect of the present invention:
The present invention is under the prerequisite that does not change the Digital Clustering core network architecture; Only to base station access system with control mode make amendment; Through increasing the mode of terminal security machine; For the mobile subscriber provides digital voice encryption function end to end, both be applicable to point-to-point cluster encrypted word individual calling calling, be applicable to that again the cluster encrypted word group calling of point-to-multipoint also is suitable for the calling of travelling carriage network-off direct-passing encrypted word.
Digital Clustering individual calling and group calling; Transmit key with the mode of subscriber signaling to recipient's crypto by initiator's terminal security machine; The Digital Clustering core net does not need signaling to get involved; Make core net need not increase the control signaling that encrypted voice is transmitted, as handling common clear call, core net need not to be concerned about that the user adopts unencryped word or encrypted word communication.
The key storage of this calling is carried out in the Digital Clustering base station, and the travelling carriage that is used for going into late obtains the group calling key, makes it add the group calling group of having carried out the encrypted word conversation, carries out the encrypted word group calling communication.
The sequence number of encrypted voice sequence is embedded in the sound sign indicating number words Frame; Digital cluster system was the transmission channel that unencryped word provided originally; Need not to carry out the modification of any bearing capacity, just can transmit in the lump, effectively improved the net synchronization capability of encrypted word communication with encrypted word and by the sequence number of frame number.It is convenient and reliable to make recipient's crypto carry out the encrypted word deciphering.
The sequence number of encrypted voice sequence is embedded in the sound sign indicating number words Frame, and when the travelling carriage handover, digital cluster system need not encrypted voice is carried out extra to the synchronous processing of encrypted word, has kept the same treatment flow process with original unencryped word handover.
The travelling carriage that is in network-off direct-passing can directly be realized encrypted word individual calling and encrypted word group calling.
Description of drawings
Fig. 1 is the embedded crypto structure of cluster portable terminal of the present invention.
Fig. 2 is a secure voice communication structure between the cluster portable terminal of the present invention.
Fig. 3 is the embedded crypto structure of wireline interface of the present invention.
Fig. 4 is that encrypted word of the present invention is called out and the slow fashionable key distribution of group calling.
Fig. 5 is a travelling carriage voice encryption flow process of the present invention.
Fig. 6 is a travelling carriage speech deciphering flow process of the present invention.
Embodiment
Below in conjunction with accompanying drawing and embodiment the present invention is further described.
Shown in Fig. 1-6.
A kind of digital clustering communication system end-to-end self-synchronization voice encryption transmission implementation method, it may further comprise the steps:
(1) crypto is set.Adopt voice encryption method end to end, the terminal that needs to encrypt increases the crypto functional module.These terminals comprise: travelling carriage, telephone interface, line relay interface, wired dispatching desk interface etc.Except that travelling carriage, other interfaces can be referred to as wireline interface, on wireline interface, just need carry out the conversion of sound sign indicating number and pcm encoder originally, and the method to set up and the travelling carriage of crypto are similar.Different is, wireline interface possibly comprise a plurality of duplexing speech channels, and a travelling carriage has only a duplex or half-duplex speech channel.So the wireline interface crypto is a multichannel crypto.
It is as shown in Figure 1 that travelling carriage is provided with the method for crypto.It is as shown in Figure 3 that wireline interface is provided with the method for crypto.
All kinds of wireline interfaces on the Digital Clustering core net, an end is connected on the IP network, and the other end connects all kinds of catv terminal phones or digital junction link.With travelling carriage crypto interface class seemingly, the crypto on the wireline interface all links to each other with a processor system as peripheral hardware with sound sign indicating number modular converter with PCM, connecting interface is respectively A and B.The operation principle and the portable terminal of processor system intervention voice encryption and deciphering are similar.
(2) crypto key distribution.The crypto of distributed key is the call initiator crypto, and call initiator both can be a portable terminal, also can be a calling that comes from wireline interface.Both calling out can point-to-point individual calling, also can the point-to-multipoint group calling.
No matter be cluster individual calling or cluster multi call; The signaling stage that makes a call does not relate to key distribution; Call out the same with ordinary clusters; Calling out connection foundation is to pass through IP network and the mutual signaling of cluster core net at portable terminal again through the base station, and perhaps a wireline interface is through IP network and the mutual signaling of cluster core net.Base station and core network signalling passage are as shown in Figure 2, and wireline interface and cluster core network signalling passage are as shown in Figure 3.
When the cluster core net is passed through signaling, for call has distributed the base station to the base station, perhaps after the medium drive access of base station to wireline interface, before getting into voice conversation, key distribution is carried out between between the base station or base station and wireline interface.The key distribution passage is not to be carried on to the signalling path of core net, but is carried on the media channel, two sides that participate in to call out or carry out between base station or the wireline interface in many ways.
Key distribution is by the one-way transmission of originating party crypto key distribution entity to all-calls participant crypto speech encryption and decryption entity.The key transitive relation is as shown in Figure 4.
Owing to two entities are arranged: key distribution and speech encryption and decryption entity in the originating party crypto; Originating party crypto key distribution is carried out in own inside; The crypto speech encryption and decryption entity of every other participant all need obtain the key that originating party crypto key distribution entity sends, and is used for this conversation and chooses the encryption and decryption random sequence.
(3) the slow fashionable key distribution of travelling carriage.The key of this group calling or individual calling all need be stored in all conversation participant base stations, is used for containing calling and group calling and goes into late.To initiate travelling carriage crypto distributed key.
In Fig. 4, call out initiation travelling carriage A and be positioned at base station 1, group calling called mobile station B and called mobile station C lay respectively at base station 2 and base station 3.When travelling carriage A crypto key distribution entity during to travelling carriage B and travelling carriage C crypto distributed key, this secondary key also need be stored in base station 1, base station 2 and base station 3.
Travelling carriage D is that travelling carriage is gone in group calling late, is positioned at base station 3, and fashionable late when travelling carriage D application, base station 3 is responsible for going into to admit late and to travelling carriage D distributed key.
(4) crypto voice encryption.Carrying out secure voice when communication, each calls out the participant terminal, no matter is travelling carriage or wireline interface, all with vocoder coding speed from 2.4kbits/s, be adjusted downward to 2.15kbits/s.Every 20ms speech packet produces 43 bits (being 48 bits during unencryped word).Each crypto is under the control of processor system; Speech frame to continuous three total 129 bits that divide into groups is encrypted, and produces number of frames 15 bits by crypto after encrypting, and amounts to 144 bits and gives back processor system; If travelling carriage; Processor system is then given Base Band Unit with the encrypted word frame, delivers to radio frequency unit after the Base Band Unit completion chnnel coding and mails to the base station through air interface again, mails to other base stations or wireline interface by the base station through IP network.If wireline interface, processor system then is packaged into the encrypted word frame IP grouping and mails to other base stations or wireline interface through IP network.Travelling carriage voice encryption flow process is as shown in Figure 5.
(5) crypto speech deciphering.At the travelling carriage receive direction; The base band Return Reception Dept. divides the channel separation that realizes the encrypted voice frame; A gives processor system through interface, and processor system is received the voice encryption frame that a length is 144 bits, and this frame has comprised the sequence number of one 15 bit and the encrypted voice data of 129 bits.Processor system is given crypto deciphering through interface B, and crypto is confirmed the position of decrypted random sequence pursue bit and decipher according to sequence number; Form the reduction Speech frame of 129 bits after the deciphering; Give processor system through interface B again, processor system is isolated speech packet from Speech frame, and each block length is 43 bits; Give Base Band Unit with speech packet through interface A again, carry out the decoding of speech sound sign indicating number.Travelling carriage speech deciphering flow process is as shown in Figure 6.
(6) travelling carriage handover.During once conversing, no matter be individual calling or group calling, a travelling carriage is transformed into another base station from a base station, and the continual this service of once conversing is called handover.Handover when handover during the encrypted word conversation and unencryped word for the trunking communication net, has no difference, and the trunking communication net need not revised the handover flow process to encrypted word.Because when encrypted word is conversed; Each encrypted voice frame; All stamped the sequence number label by crypto oneself; There is not corresponding relation in the tdma slot of this sequence number label and group system, though travelling carriage between two asynchronism(-nization)s base station in step during handover, debit's crypto also can have no to discover carries out the speech deciphering.
Details are as follows:
Inner AES and its implementation of crypto involved in the present invention can be identical with existing digital clustering communication system or similar; For the present invention; Crypto is counted as a communication terminal, and the communication between the crypto also must comprise following three partial information contents:
(1) transmits as the key message between the terminal security machine of group system subscriber signaling.
(2) transmit as encrypted voice professional between the terminal.
(3) go into the travelling carriage key distribution late as the terminal access signaling.
Portable terminal with voice encryption function can be expressed as structure shown in Figure 1.In this structure, crypto and travelling carriage Base Band Unit all use as the peripheral hardware of terminal processor system, accept the management of processor system and carry out information interaction through processor system.
The interface A of processor system and Base Band Unit realizes following three functions:
(1) transmits unencrypted digital voice between processor system and the voice codec.
(2) transmit encryption/unencrypted digital voice between processor system and Base-Band Processing and the wireless channel codec.
(3) transmit key message between processor system and Base-Band Processing and the wireless channel codec as subscriber signaling.
The interface B of processor system and crypto realizes following four functions:
(1) the processor system unencryped word voice data that will come from voice encryption device passes to crypto and carries out encryption, and crypto passes to processor system with the voice data of deciphering.Being used for processor system gives voice decoder and decodes.
(2) the processor system encrypted voice data that will come from the wireless receiving of Base-Band Processing and wireless channel codec passes to crypto and deciphers, and crypto passes to processor system with the digital voice of encrypting, and the encrypted word that is used for wireless transmit transmits.
(3) processor system transmits the key message that wireless receiving obtained to crypto, and crypto transmits the key message of wireless transmit direction to processor system.
(4) the relevant signaling of processor system control crypto as opening, close, enable and other control informations, even comprises that crypto is distant and ruins etc.
When the non-encrypted transmission of speech, the analogue voice signal that comes from microphone gets into Base Band Unit, and Base Band Unit at first carries out mould/number conversion; Formation linear PCM coding carries out the conversion of sound sign indicating number then, converts every 20ms to; The speech packet of 48 bits, A gives processor system through interface.Processor system amounts to continuous three speech packet to 144 bits and forms a frame, gives Base Band Unit through interface A again and carries out the wireless channel coding, after Base Band Unit is modulated, is sent to radio frequency unit.
When voice encryption transmitted, microphone was sent simulated voice into Base Band Unit, and Base Band Unit at first carries out mould/number conversion; Formation linear PCM coding carries out the conversion of sound sign indicating number then, converts every 20ms to; The speech packet of 48-k bit, A gives processor system through interface.Processor system forms a frame with the bit that continuous three speech packet amount to 144-3k; B gives crypto through interface; Crypto is encrypted the speech bit of 144-3k length, the frame of encrypting is added the sequence number of 3k bit after encrypting again, and B gives processor system through interface.Processor system will be given Base Band Unit with isometric encrypted frame 144 bits of non-encrypted Speech frame through interface A again and carry out the wireless channel coding, after Base Band Unit is modulated, be sent to radio frequency unit.
When non-encrypted speech received, the wireless signal that the travelling carriage radio frequency unit receives the base station carried out frequency translation to intermediate frequency, and gives Base Band Unit with intermediate-freuqncy signal; Base Band Unit carries out the signal demodulation and forms baseband signal; Carry out channel-decoding again and extract Speech frame, A hands to processor system through interface, and processor system extracts three speech packet among the frame respectively; Exchange to Base Band Unit through interface A again and carry out the decoding of sound sign indicating number; Form the linear PCM speech after the decoding and receive signal,, form simulated voice and on loudspeaker, play through D/A switch.
When encrypted voice received, the wireless signal that the travelling carriage radio frequency unit receives the base station carried out frequency translation to intermediate frequency, and gives Base Band Unit with intermediate-freuqncy signal; Base Band Unit carries out the signal demodulation and forms baseband signal; Carry out channel-decoding again and extract the encrypted voice frame, A hands to processor system through interface, and processor system is handed to crypto through interface B with Speech frame; Crypto is deciphered, and exchanges to processor system through interface B again.Three speech packet among the frame that processor system will be deciphered are extracted respectively, exchange to Base Band Unit through interface A and carry out the decoding of sound sign indicating number, form the linear PCM speech after the decoding and receive signal, through D/A switch, form simulated voice and on loudspeaker, play.
On the sound sign indicating number coding of encrypted voice and non-encrypted speech, the encrypted voice block length is lacked the k bit than non-encrypted speech packet length, and continuous three speech packet can be practiced thrift 3k bit altogether, and it is that encrypted frame is provided with sequence number that these bits are used for crypto.Therefore, the k value is big more, and the ciphering sequence number cycle is long more, but big more for the sound-reducing quality influence of speech coding.Table 1 has provided the relation of value k and encryption period.
The relation of table 1 value k and encryption period
| Value k | Encrypted frame sequence number length | The Speech frame time (ms) | Encrypted voice cycle time (S) |
| 1 | 2 3=8 | 60 | 0.48 |
| 2 | 2 6=64 | 60 | 3.84 |
| 3 | 2 9=512 | 60 | 30.72 |
| 4 | 2 12=4096 | 60 | (245.76 4 minutes) |
| 5 | 2 15=32769 | 60 | (1966.08 32.7 minutes) |
| 6 | 2 18=262144 | 60 | (15728.64 262 minutes) |
| 7 | 2 21=2097152 | 60 | (125829.12 34.9 hours) |
Visible through table 1, longer cycle time for guaranteeing encrypted voice, value k should when k=5, can guarantee the halfhour encrypted word cycle more than or equal to 5.
It is to be noted: value k and crypto AES are irrelevant, and AES can form any macrocyclic ciphering sequence, and value k then can regard a brachymemma window of the formed ciphering sequence of AES as; The time cycle of this window is relevant with k, surpasses this cycle, still can encrypt; Just a ciphering sequence is once conversed and has been reused; According to the conversation characteristic of speech, the halfhour time cycle is more reasonable, and it is very little that a cluster conversation surpasses halfhour probability; Even surpass, the part that surpasses also is in the encrypted word state in fact.
When value k=5, speech sound sign indicating number code rate S=P/Ts=(48-5)/(20 * 10
-3)=2.15kbits/s.
When value k=6, speech sound sign indicating number code rate S=P/Ts=(48-6)/(20 * 10
-3)=2.1kbits/s.
When value k=7, speech sound sign indicating number code rate S=P/Ts=(48-7)/(20 * 10
-3)=2.05kbits/s.
Generally speaking; The voice security machine adopts the sequential encryption method; The operation of execution voice encryption; Its basic principle is that the transmitting-receiving crypto uses an identical random sequence voice data code flow to pursue the xor operation of bit; Encrypted speech is that random data code stream that original speech vocoder data bit stream and crypto are used to encrypt pursues the bit XOR and the encryption code stream that produces, and recipient's crypto then uses the random sequence identical with transmit leg that the encrypted voice code stream is pursued the bit XOR, thereby deciphering restores original speech sound sign indicating number bit stream.
Voice encryption adopts the one-time pad mode, and so-called one-time pad is meant that each cluster conversation crypto all uses a new encryption random sequence, pushes over out the encryption random sequence to prevent the side of being stolen, and causes the situation of giving away secrets to take place.
In order to carry out the crypto cipher mode of one-time pad; Before each encrypted word conversation beginning, all need mutual key between the crypto, key is for communication system; Can regard one section short data as; Communication system need be transmitted this short data for two or more participant cryptos of once conversation, and the transmit leg of key is a crypto key distribution entity, and the recipient of key is the each side's crypto voice encryption and the decryption entity of participating in secure communication.Crypto uses key to decide the random sequence of the encrypt and decrypt of choosing a current conversation.
For digital clustering communication system, it is a requirement the most basic that the group-calling service function is provided, and cluster multi call is when once conversing, the call business that multi-party users is participated in.If group call initiator when initiating group calling, has transmitted key through the subscriber signaling mode to other users that participate in group calling, all group call member cryptos are all held a same key so, and everybody can carry out encrypted word communication.
Such a case may appear in group calling: a travelling carriage is started shooting after group calling begins, and when this travelling carriage of system discovery is user of this group calling of conversing, will notify this travelling carriage to add a group calling group of conversing.This mode is called " group calling is gone into late ".Something that group system must be done is exactly to submit the key of current conversation to for the travelling carriage of going into late.So; The key short data be not only group system be the data that crypto transmits as subscriber signaling; These data also need be carried out " storage " in trunked communication system, those are gone into travelling carriage late and must obtain correct key and can get into the encrypted word talking state.The control of this key and transfer mode are managed and are transmitted by the base station of participating in group calling, and the cluster core net should not interfered mobile subscriber's unencryped word or encrypted word communication signaling mutual.This method for designing makes the cluster core net more general and simple, and it should not change core network protocols because of user's specific demand.
The structure of carrying out encrypted transmission and control through digital clustering communication system is as shown in Figure 2.
Carrying out encrypted voice when communication, needing to set up, use and remove encrypted word communication and be connected through three phases.
Phase I: medium connect establishment stage.Travelling carriage makes a call to set up to the base station through air interface and asks, and the base station is submitted to the cluster core net correspondent entity that is carried on equally on the IP network through IP network with call signaling, and the mutual signaling information between cluster core network entity and the base station is a sip message.Mutual through signaling message set up one and connected from the residing base station of transmit leg travelling carriage to the medium that are carried on the IP the residing base station of recipient's travelling carriage.
Second stage: medium connect transfer phase.After the numeral that travelling carriage is set up an initiated end-to-end through air interface and IP network was connected, the originating party crypto used subscriber signaling, sent key data to recipient's crypto; Begin to send encrypted voice data then, the transmit leg crypto produces the Frame sequence number outside enciphered data; The receiving terminal crypto is deciphered with the encrypted word data that reception has sequence number through receiving key, is reduced into after the unencryped word, carries out the conversion of sound sign indicating number at receiving terminal; Form simulated voice, play through loudspeaker.Encrypted word communication also can be carried out duplex communication.
Phase III: medium connect the release stage.The travelling carriage talk-through; Initiate to discharge request through air interface; The base station is sent the request of release through IP network to the cluster core network entity, and core network entity sends disconnect command to the both sides base station, and the medium that air interface and IP network are removed in the both sides base station are connected; Travelling carriage returns the air interface signaling channel, gets into stand-by state.
The present invention does not relate to part and realizes like all identical with prior art prior aries that maybe can adopt such as processor system, crypto, Base Band Unit, radio frequency unit, cluster core net, base station, IP networks.
Claims (3)
1. a digital clustering communication system end-to-end self-synchronization voice encryption transmits implementation method, it is characterized in that it may further comprise the steps:
At first, the terminal of carrying out coded communication at needs is provided with crypto, simultaneously with crypto also as a communication terminal, adopt of the voice encryption transmission of crypto terminal to the crypto terminal;
Secondly; After digital cluster communication net completion mobile terminal calling continues; Carry out key distribution with the mode of subscriber signaling to recipient's crypto by communication initiator's crypto, thereby make the Digital Clustering core net not need signaling to get involved, and then need not to revise and the increase and decrease core network signalling;
The 3rd; Communication initiator's crypto with the mode of subscriber signaling when recipient's crypto carries out key distribution; The pairing trunked base station of the receiving terminal that all communications relate to all carries out the key storage; The travelling carriage that is used for going into late obtains this and calls out key, the travelling carriage of going into is late added immediately carry out the group calling group that encrypted word is conversed;
The 4th, carry out voice encryption and the sequence number of encrypted voice sequence is embedded in the sound sign indicating number words Frame by communication initiator's crypto, transmit in the lump with encrypted word and by the sequence number of frame number, recipient's crypto carries out the encrypted word deciphering can accomplish secure communication.
2. digital clustering communication system end-to-end self-synchronization voice encryption transmission implementation method according to claim 1; When it is characterized in that described crypto voice encryption vocoder coding speed is adjusted downward to 2.15kbits/s from 2.4kbits/s, every 20ms speech packet produces 43 bits; Crypto is under the control of processor system; Speech frame to continuous three total 129 bits that divide into groups is encrypted, and produces number of frames 15 bits by crypto after encrypting, and amounts to 144 bits and gives back processor system; If travelling carriage; Processor system is then given Base Band Unit with the encrypted word frame, delivers to radio frequency unit after the Base Band Unit completion chnnel coding and mails to the base station through air interface again, mails to other base stations or wireline interface by the base station through IP network; If wireline interface, processor system then is packaged into the encrypted word frame IP grouping and mails to other base stations or wireline interface through IP network.
3. digital clustering communication system end-to-end self-synchronization voice encryption transmission implementation method according to claim 1; It is characterized in that no matter being cluster individual calling or cluster multi call; The signaling stage that makes a call does not relate to key distribution; The same with the ordinary clusters calling, calling out connection foundation is to pass through IP network and the mutual signaling of cluster core net at portable terminal again through the base station, and perhaps a wireline interface is through IP network and the mutual signaling of cluster core net; When the cluster core net is passed through signaling, for call has distributed the base station to the base station, perhaps after the medium drive access of base station to wireline interface, before getting into voice conversation, key distribution is carried out between between the base station or base station and wireline interface; The key distribution passage is not to be carried on to the signalling path of core net, but is carried on the media channel, two sides that participate in to call out or carry out between base station or the wireline interface in many ways.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010257399A CN101902734B (en) | 2010-08-19 | 2010-08-19 | End-to-end self-synchronization voice encryption transmission implementation method for digital trunking communication system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010257399A CN101902734B (en) | 2010-08-19 | 2010-08-19 | End-to-end self-synchronization voice encryption transmission implementation method for digital trunking communication system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101902734A CN101902734A (en) | 2010-12-01 |
| CN101902734B true CN101902734B (en) | 2012-10-10 |
Family
ID=43227858
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010257399A Expired - Fee Related CN101902734B (en) | 2010-08-19 | 2010-08-19 | End-to-end self-synchronization voice encryption transmission implementation method for digital trunking communication system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101902734B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103596169B (en) * | 2012-08-16 | 2018-07-27 | 南京中兴软件有限责任公司 | The means of communication of group system ciphering terminal and encrypting module, system and terminal |
| CN102820942B (en) * | 2012-08-17 | 2015-09-30 | 广州海格天立通信息技术有限公司 | Based on the frame synchornization method of tdma system burst frame |
| CN106211091B (en) * | 2016-09-08 | 2020-04-24 | 宇龙计算机通信科技(深圳)有限公司 | Method and system for establishing cluster communication |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101651944B (en) * | 2009-06-16 | 2012-01-11 | 中兴通讯股份有限公司 | Cluster system and encrypted communication method |
-
2010
- 2010-08-19 CN CN201010257399A patent/CN101902734B/en not_active Expired - Fee Related
Non-Patent Citations (2)
| Title |
|---|
| 刘朋勋 等.TETRA系统的安全性.《军事通信技术》.2005,(第2期),第41-44页. * |
| 蒋帅 等.TETRA系统空中接口加密的研究.《现代电子技术》.2006,(第11期),第29-31页. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101902734A (en) | 2010-12-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101197674B (en) | Encrypted communication method, server and encrypted communication system | |
| CN101917711B (en) | A kind of method of mobile communication system and voice call encryption thereof | |
| US20150052360A1 (en) | Method and system for providing enhanced data encryption protocols in a mobile satellite communications system | |
| KR101482696B1 (en) | End-to-end encrypted communication | |
| CN106982419B (en) | Single call end-to-end encryption method and system for broadband cluster system | |
| CN106790281A (en) | A kind of end-to-end voice encryption device and encryption method towards intercom system | |
| CN101951601A (en) | Method and system for encrypting voice calls in mobile communication network, terminal and network side | |
| CN104219213A (en) | Android system oriented end-to-end speech encryption method | |
| CN102137393B (en) | Method and device for encrypting end-to-end | |
| CN102204303A (en) | Systems and methods for utilizing ims data security mechanisms in a circuit switched network | |
| CN101287274B (en) | Voice encryption system for mobile communication and encryption method thereof | |
| CN1115924C (en) | Encryption method for mobile telephone | |
| CN103096304A (en) | Method for encryption and decryption of secure voice tendencies of internet protocol (IP) network communication terminal | |
| CN107517184A (en) | Message transmitting method, apparatus and system | |
| CN101902734B (en) | End-to-end self-synchronization voice encryption transmission implementation method for digital trunking communication system | |
| CN104581714A (en) | Method for encrypting speech on basis of TD-SCDMA (time division-synchronization code division multiple access) circuit domains | |
| CN109714295B (en) | Voice encryption and decryption synchronous processing method and device | |
| CN105025471A (en) | Called terminal, calling terminal, voice communication method and system | |
| EP2809045B1 (en) | Information security attachment device for voice communication and information security method for voice communication using the same | |
| CN106878277A (en) | A kind of method and device based on DMR standard implementation voice encryptions | |
| CN203537408U (en) | End-to-end voice communication privacy device with assignable secret key | |
| CN105120457A (en) | Mobile communication circuit domain voice processing apparatus, method and system | |
| CN104581711A (en) | Mobile terminal with communication encryption function as well as communication encryption method thereof | |
| WO2012024904A1 (en) | Method and system for pre-accessing conference telephone and network side device | |
| CN100388659C (en) | Equipment, system and method for implementing encryption communication between heterogeneity network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20121010 Termination date: 20190819 |