CN105960811A - User terminal device and secured communication method thereof - Google Patents

User terminal device and secured communication method thereof Download PDF

Info

Publication number
CN105960811A
CN105960811A CN201580006388.9A CN201580006388A CN105960811A CN 105960811 A CN105960811 A CN 105960811A CN 201580006388 A CN201580006388 A CN 201580006388A CN 105960811 A CN105960811 A CN 105960811A
Authority
CN
China
Prior art keywords
stream
voice
bit stream
encryption
subscriber terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201580006388.9A
Other languages
Chinese (zh)
Other versions
CN105960811B (en
Inventor
H-G.文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Samsung Electronics Co Ltd
Original Assignee
Samsung Electronics Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Samsung Electronics Co Ltd filed Critical Samsung Electronics Co Ltd
Priority claimed from PCT/KR2015/000912 external-priority patent/WO2015115798A1/en
Publication of CN105960811A publication Critical patent/CN105960811A/en
Application granted granted Critical
Publication of CN105960811B publication Critical patent/CN105960811B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/22Arrangements for preventing the taking of data from a data transmission channel without authorisation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephonic Communication Services (AREA)
  • Telephone Function (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

Provided are a user terminal device and a secured communication method thereof. The secured communication method includes: encrypting a voice bitstream including voice data corresponding to a user voice for a call in a security mode between the user terminal device and another user terminal device; inserting the encrypted voice bitstream into a video transmission stream; and transmitting the video transmission stream, into which the encrypted voice bitstream is inserted, to the other user terminal device.

Description

Subscriber terminal equipment and guarded communication method thereof
Technical field
The aspect of exemplary embodiment relates to subscriber terminal equipment and guarded communication method thereof, and more In particular it relates to by using video transmission stream to perform the use of the guarded communication for speech data Family terminal unit and guarded communication method thereof.
Background technology
Being widely used of smart phone causes WCDMA (WCDMA) 3G and Long Term Evolution (LTE) The user of 4G mobile communication increases suddenly.Using these to communicate, user often pays close attention to safety and privacy. Especially since such as communication intercept (such as, eavesdropping) or the social problem that monitors and cause increasingly Many concerns, and user is consequently increased for the demand of secure communication.Therefore, logical with shielded The market that letter is relevant has the biggest growth in terms of public sector and private sector.
According to correlation technique, when performing for the guarded communication of speech data, installed by use Speech coder (vocoder) in modem or by formed the agreement end of transmission packet come right Speech data is encrypted.
If by using the speech coder of modem that speech data is encrypted, then modulatedemodulate Adjust device can include supporting the speech coder of the guarded communication for speech data.But, if Modem does not include the speech coder supporting the guarded communication for speech data, then voice Encoder must be updated in modem.In this case, if modem supply is public Department does not provide the development environment for updating modem, then possibly cannot provide guarded communication ring Border.
If it addition, speech data is encrypted by the protocol terminal forming transmission packet, and system quilt Change (such as, be changed between 3G and 4G if Virtual network operator is changed or communicates), then The system being changed is difficult to encrypted packet.Accordingly, it is difficult to maintenance guarded communication.
Summary of the invention
Technical scheme
Exemplary embodiment solve at least the above and/or shortcoming and be not described above other lack Point.Furthermore, it is not required that exemplary embodiment overcomes disadvantages mentioned above, and exemplary embodiment can be unable to Take any of above problem.
The aspect of one or more exemplary embodiments provides for the voice bit stream of encryption being inserted into Video transmission stream and send the voice bit stream of video transmission stream and encryption to perform guarded communication Subscriber terminal equipment, and guarded communication method.
One side according to exemplary embodiment, it is provided that one is performed shielded by subscriber terminal equipment The method of communication, described method includes: encryption includes and for whole at subscriber terminal equipment and another user First speech bits of the speech data that the user speech of call is corresponding under safe mode between end equipment Stream;First voice bit stream of encryption is inserted into the first video transmission stream;And encryption will be inserted First video transmission stream of the first voice bit stream is sent to other subscriber terminal equipment.
Encrypt the first voice bit stream and may include that the coding speech data corresponding with user speech is with life Become the first voice bit stream;Encrypt at least some of data of the first voice bit stream;And will be used for adding The close confidential information that adds is inserted into the first voice bit stream.
First voice bit stream may include that header area, is included in the first language including instruction speech data Information in sound bit stream;And payload district, including being coded of speech data.
Encrypt at least some of data and can include encrypting the payload district of the first voice bit stream.
First voice bit stream can also include auxiliary region;And add confidential information and can be inserted into the first language At least one in the header area of sound bit stream, payload district and auxiliary region.
Add confidential information and can include the position of encryption section and the encryption of encryption key, the first voice bit stream At least one in algorithm types.
Method can also include: generates the voice transfer stream including silence data;And the language that will be generated Sound transmission stream is sent to other subscriber terminal equipment.
Method can also include: generates the voice transfer stream adding confidential information included for encryption;And will The voice transfer stream generated is sent to other subscriber terminal equipment.
Method can also include: inserts encryption in response to receiving when performing call in the secure mode The second video transmission stream of the second voice bit stream, connect by using safe mode speech coder to process The second video transmission stream received.
Process the second video transmission stream received and may include that the second video transmission stream from receiving carries Take the second voice bit stream of encryption;Obtain from second voice bit stream extracted and encrypted for deciphering Second voice bit stream add confidential information;The second voice encrypted is deciphered based on the confidential information that adds obtained Bit stream;And the second voice bit stream that decoding has been deciphered is to export speech data.
Method can also include: in response to the call performed in the secure mode, closes subscriber terminal equipment Camera model and video calling output unit, and use normal talking output unit to export to receive The speech data of the second video transmission stream.
For the call under safe mode, the communication modulation of subscriber terminal equipment can be different from by use The application processor of demodulator processes speech data, the communication modem of described subscriber terminal equipment It is used for processing the speech data for conversing in the normal mode.
One side according to another exemplary embodiment, it is provided that subscriber terminal equipment, including: safe mould Block, is configured to encrypt and includes and for the peace between subscriber terminal equipment and another subscriber terminal equipment First voice bit stream of the speech data that the user speech of call is corresponding under syntype, and will encryption The first voice bit stream be inserted into the first video transmission stream;And communication module, it is configured to insert First video transmission stream of the first voice bit stream of encryption is sent to other subscriber terminal equipment.
Security module may include that encoder, is configured to encode the voice number corresponding with user speech Generate the first voice bit stream according to this;Encryption equipment, is configured to encrypt at least the one of the first voice bit stream Part data;And encryption information inserters, it is configured to the confidential information that adds being used for encryption is inserted into the One voice bit stream.
First voice bit stream may include that header area, is included in the first language including instruction speech data Information in sound bit stream;And payload district, including being coded of speech data
Encryption equipment can be configured to encrypt the payload district of the first voice bit stream.
First voice bit stream can also include auxiliary region;And encrypt information inserters and can be configured to It is inserted into adding confidential information in the header area of the first voice bit stream, payload district and auxiliary region at least One.
Add confidential information and can include the position of encryption section and the encryption of encryption key, the first voice bit stream At least one in algorithm types.
Security module can also include silence data maker, and this silence data maker is configurable to generate Voice transfer stream including silence data;And communication module can be configured to pass the voice generated Defeated stream is sent to other subscriber terminal equipment.
Communication module can be configured to will include that the voice transfer stream adding confidential information for encryption is sent to Other subscriber terminal equipment.
In response to receiving the second voice bit stream inserting encryption when performing call in the secure mode The second video transmission stream, security module can be configured to use at safe mode speech coder The second video transmission stream that reason receives.
Subscriber terminal equipment can also include: output module, and wherein security module can also include: extracts Device, is configured to extract the second voice bit stream of encryption from the second video transmission stream received;Encryption Information acquirer, be configured to obtain for deciphering encrypted the second voice bit stream add confidential information; And decryption unit, it is configured to the confidential information that adds based on obtaining and deciphers the second speech bits encrypted Stream, wherein, output module can be configured to decode the second voice bit stream deciphered to export voice Data.
Subscriber terminal equipment can also include: camera model, is configured to respond to the video being carrying out Conversing and capture the image of user, wherein, output module includes video calling output unit and normal talking Output unit, and wherein in response to the call performed the most in the secure mode, subscriber terminal equipment is closed Camera model and video calling output unit, and by using normal talking output unit to export reception The speech data of the second video transmission stream arrived.
One side according to another exemplary embodiment, it is provided that perform the shielded of subscriber terminal equipment The method of communication, the method includes: added from the reception of external user terminal unit by the first voice transfer stream The first close voice bit stream;Determine whether it is likely that identification is from adding that external user terminal unit receives The first close voice bit stream;Recognizable the first voice bit stream encrypted is determined in response to according to described, With outside under sent first safe mode of the second voice bit stream of encryption by the second voice transfer stream Subscriber terminal equipment is conversed;And in response to according to described the first voice that cannot not determine recognizablely encryption Bit stream, by video transmission stream send encryption the second voice bit stream the second safe mode under with External user terminal unit is conversed.
Carry out call in the second safe mode to may include that and cannot not determine recognizablely encryption in response to according to described The first voice bit stream, output is for carrying out the user interface (UI) conversed under the second safe mode; And in response to by the UI inputting user command of output, with external user under the second safe mode Terminal unit is conversed.
Under the second safe mode, carry out call can include opening speech capturing function and closing Video Capture Function.
Carrying out under the second safe mode converses may include that the user speech encrypted and input is corresponding Second voice bit stream;The port being used for exporting the second voice bit stream of encryption is changed into video port; Second voice bit stream of encryption is inserted into video transmission stream;And video transmission stream is sent to outside Subscriber terminal equipment.
Under the second safe mode, carry out call can also include: by space division group with add in confidential information at least One is inserted into the 3rd voice transfer stream;And the 3rd voice transfer stream is sent to external user terminal sets Standby.
The transmission of video transmission stream can reach the default time relative to the 3rd voice transfer flow delay.
Insertion can include inserting the information indicating the second voice bit stream encrypted as adding confidential information Enter.
Insertion can include encryption key, the position of the encrypted area of the second voice bit stream and AES Type at least one insert as adding confidential information.
One side according to another exemplary embodiment, it is provided that a kind of subscriber terminal equipment, including: logical Letter module, is configured to the first voice transfer stream and receives the first of encryption from external user terminal unit Voice bit stream;And control module, it is configured to determine whether likely to identify the first voice of encryption Bit stream, with in response to according to described the first voice bit stream determining recognizable encryption, by second Set with external user terminal under first safe mode of the second voice bit stream that voice transfer stream sends encryption Standby converse, and with in response to according to described the first voice bit stream not determining recognizable and encrypting, With external user under sent second safe mode of the second voice bit stream of encryption by video transmission stream Terminal unit is conversed.
Subscriber terminal equipment can also include that pattern arranges module, and wherein, control module can be configured to Control model arranges module, with in response to according to described cannot not determine recognizablely encryption the first voice bit stream, Output is used for the UI carrying out conversing under the second safe mode, and with in response to by output UI inputting user command, converses with external user terminal unit under the second safe mode.
Conversing in response under the second safe mode, control module can be configured to open voice and catch Obtain function and close Video Capture function.
Subscriber terminal equipment can also include: security module, is configured to respond in the second safe mode Converse with exterior terminal equipment down, encrypt second speech bits corresponding with the user speech inputted Stream, changes into video port by the port being used for exporting the second voice bit stream of encryption, and will encryption The second voice bit stream be inserted into video transmission stream, wherein communication module can be configured to by video pass Defeated stream is sent to external user terminal unit.
Security module can be configured to just space division group and be inserted into the 3rd with at least one added in confidential information Voice transfer stream;And communication module can be configured to the 3rd voice transfer stream is sent to external user Terminal unit.
Communication module can be configured to reach the transmission of transmission of video relative to the 3rd voice transfer flow delay The time preset.
Security module can be configured to the encrypted information of the second voice bit stream will be indicated as adding secret letter Breath inserts.
Security module can be configured to by encryption key, the position of the encrypted area of the second voice bit stream and At least one in the type of AES is inserted as adding confidential information.
One side according to another exemplary embodiment, it is provided that performed shielded by subscriber terminal equipment The method of communication, the method includes: receives when performing voice call in the secure mode and includes encryption The video transmission stream of voice bit stream;With in response to receiving video transmission stream, process the video received and pass Defeated stream is to export speech data.
Method can also include receiving the language being different from video transmission stream when performing call in the secure mode Sound transmission stream.
Voice transfer stream can include silence data and at least one added in confidential information.
Voice transfer stream can include that the information indicating voice bit stream encrypted is as adding confidential information.
Voice transfer stream can include position and the AES of the encrypted area of encryption key, voice bit stream At least one in type is as adding confidential information.
Process the video transmission stream received can include being input to for language the video transmission stream received Speech coder that sound processes rather than be used for processing the user of the video transmission stream for video calling eventually The video processor of end equipment.
Process the second video transmission stream received and may include that the video transmission stream extraction from receiving adds Close voice bit stream;Obtain for deciphering encrypted the second voice bit stream add confidential information;Based on The confidential information that adds obtained deciphers the voice bit stream encrypted;And the voice bit stream that decoding has been deciphered, To export speech data.
Acquisition can include obtaining from the voice bit stream extracted adding confidential information.
Acquisition can include obtaining from the voice transfer stream being different from video transmission stream adding confidential information.
Method can also include, when performing voice call in the secure mode, closes subscriber terminal equipment Camera model and video calling output unit, and use the output of normal talking output unit to receive The speech data of video transmission stream.
Method can also include: when performing call in the normal mode, receives and includes unencrypted voice ratio The voice transfer stream of special stream.
When method is additionally may included under another safe mode execution call, receive the voice including having encrypted The voice transfer stream of bit stream.
One side according to another exemplary embodiment, it is provided that a kind of on it record have and can be transported by computer Row is for the non-transitory computer readable recording medium storing program for performing of the program performing any of above method.
Technique effect
According to various exemplary embodiments as above, user can be included in eventually not changing or updating Send and receive the speech data of encryption in the case of communication modem in end equipment.
Accompanying drawing explanation
Describing some exemplary embodiment by referring to accompanying drawing, above-mentioned and/or other side will be apparent from, In the accompanying drawings:
Fig. 1 is the figure illustrating the guarded communication method according to exemplary embodiment;
Fig. 2 is the block diagram of the structure illustrating the subscriber terminal equipment according to exemplary embodiment;
Fig. 3 is the block diagram of the structure of the security module illustrating the Fig. 2 according to exemplary embodiment;
Fig. 4 is the figure illustrating the voice bit stream according to exemplary embodiment;
Fig. 5 is the block diagram of the structure of the stream maker illustrating the Fig. 3 according to exemplary embodiment;
Fig. 6 A to Fig. 6 C is the figure of the output module illustrating the Fig. 2 according to exemplary embodiment;
Fig. 7 is the guarded communication of the subscriber terminal equipment illustrating the sender according to exemplary embodiment The flow chart of method;
Fig. 8 is the flow chart of the method illustrating the encryption voice bit stream according to exemplary embodiment;
Fig. 9 is the guarded communication of the subscriber terminal equipment illustrating the recipient according to exemplary embodiment The flow chart of method;
Figure 10 is the sequence chart illustrating the guarded communication method according to exemplary embodiment;
Figure 11 is the guarded communication side illustrating the subscriber terminal equipment according to another exemplary embodiment The flow chart of method;
Figure 12 be illustrate according to another exemplary embodiment perform under the second safe mode shielded The flow chart of the method for communication;
Figure 13 be illustrate according to exemplary embodiment for be arranged under the second safe mode execution protected The figure of the user interface (UI) of the communication protected;
Figure 14 A and Figure 14 B, Figure 15 A and Figure 15 B and Figure 16 A and Figure 16 B are to illustrate according to showing The transmission voice transfer stream of example embodiment and the figure of the method for video transmission stream;
Figure 17 A and Figure 17 B is to illustrate to be inserted into voice in normal talking according to exemplary embodiment Transmission flows the data with video transmission stream and when performing shielded call under the second safe mode It is inserted into the figure of the data of voice transfer stream and video transmission stream;And
Figure 18 A and Figure 18 B be illustrate according to another exemplary embodiment be inserted into voice transfer stream and The figure of the data in video transmission stream.
Detailed description of the invention
Exemplary embodiment is described in detail with reference to the attached drawings.
In the following description, even if in different drawings, the reference marker of phase diagram is used for identical Element.Item defined in description, such as detailed construction and element is provided for contributing to comprehensively Understand exemplary embodiment.It is therefore evident that, exemplary embodiment can not have these concrete It is implemented in the case of the item of definition.Additionally, be not described in known function or structure, because They can obscure exemplary embodiment with unnecessary details.
Although various element can be described with term first, second used herein etc., but these yuan Part should be not limited by these terms.These terms are only used for separating an element with another element region.
Terms used herein is only used to describe certain exemplary embodiments, is not intended to limit example Property embodiment.As used herein, singulative " ", " one " and " being somebody's turn to do " are also intended to include again Number form formula, unless the context clearly dictates otherwise.It will also be understood that term ought be used in this manual " include " and/or time " comprising ", show to exist described feature, entirety, step, operation, unit Part and/or assembly, but do not preclude the presence or addition of one or more further feature, entirety, step, operation, Element, assembly and/or combinations thereof.When the statement of such as " at least one " occurs in the row of element Time after table, the whole list of its modified elements rather than modify the discrete component of this list.
In the exemplary embodiment, " module " or " unit " can perform at least one function or operation, And the combination of hardware or software or hardware and software can be embodied as.It addition, unless " module " Or " unit " can be embodied as specific hardware, the most multiple " modules " or multiple " unit " At least one module can be integrated into be embodied as at least one processor.
According to exemplary embodiment, subscriber terminal equipment can be referred to as mobile or fixed user terminal and set Standby, such as subscriber equipment (UE), movement station (MS), advanced mobile station (AMS), equipment etc..
Hereinafter, exemplary embodiment be will be described in detail with reference to the accompanying drawings.In the accompanying drawings, identical reference mark Note represents identical element.
Fig. 1 is the guarded communication method illustrating the guarded communication system according to exemplary embodiment Figure.With reference in Fig. 1, guarded communication system includes first user terminal unit 100-1 and second Subscriber terminal equipment 100-2.
When performing normal video call, first user terminal unit 100-1 is included in communication by use (such as, Long Term Evolution (LTE) modem, code division are many for communication modem in processor Location (CDMA) modem or WCDMA multiple access (WCDMA) modem) come Process speech data is to generate voice transfer stream, and the voice transfer stream generated is sent to the second use Family terminal unit 100-2.First user terminal unit 100-1 processes also by use application processor and regards Frequency generates video transmission stream according to this, and the video transmission stream generated is sent to the second user terminal Equipment 100-2.
Specifically, first user terminal unit 100-1 and the second subscriber terminal equipment 100-2 can pass through The flow process (such as, operating process) using video calling as above is come in guarded communication pattern Voice call is performed under (hereinafter referred to as safe mode).That is, under the second communication pattern, can pass through By application processor processes speech data for generating video transmission stream, sending language in video transmission stream Sound data and via the port for exporting video transmission stream (i.e. rather than be used for exporting voice transfer The port of stream) export at least one in speech data to perform voice call.In detail, if pacified Syntype be arranged on first subscriber terminal equipment 100-1 as transmitter and as receptor Between two subscriber terminal equipment 100-2, then first user terminal unit 100-1 generates and encrypts and includes voice The voice bit stream of data, is inserted video transmission stream by the voice bit stream of encryption, and is believed by communication The video transmission stream inserting the voice bit stream of encryption is sent to the second subscriber terminal equipment 100-2 by road. Additionally, first user terminal unit 100-1 generates the voice including silence data (such as, empty data) Transmission stream, and by communication channel, voice transfer stream is sent to the second subscriber terminal equipment 100-2.Root According to another exemplary embodiment, first user terminal unit 100-1 can generate and include silence data, refers to Show that the information of safe mode (such as, adds confidential information or instruction voice bit stream is included in video transmission stream In and/or the encryption indicator that is included of voice bit stream of instruction encryption) and be used for encrypting or deciphering The voice transfer stream of at least one added in confidential information (such as, encryption key) of voice bit stream.This Outward, according to another exemplary embodiment, the transmission of video transmission stream can be with the transmission phase of voice transfer stream It is delayed by with closing.
Second subscriber terminal equipment 100-2 can extract the voice bit stream of encryption from video transmission stream, and And process the voice bit stream of encryption speech data to be supplied to the second subscriber terminal equipment 100-2's User.If first user terminal unit 100-1 performs call in the secure mode, then the second user is eventually Video transmission stream can be input to structure (such as, the voice coder for speech processes by end equipment 100-2 Code device) rather than it is used for the structure of Video processing to process video transmission stream.Second subscriber terminal equipment 100-2 can also bypass (such as, abandon, ignore or ignore) and include the voice transfer stream of silence data.
In the secure mode, another programmable processor (such as, application processor, Digital Signal Processing Device etc.) rather than communication modem or the communication processor of communication modem, can perform Decode to realize the voice communication of safety.
According to exemplary embodiment, when performing call in the secure mode, voice bit stream is inserted into Video transmission stream.Therefore, it can send and connect in the case of not changing or updating communication modem Receive the speech data of encryption, and be possible to prevent to change due to the code in various communication environments and cause Encryption information dropout.Furthermore it is possible in the case of the most more new communication system, at subscriber terminal equipment Between provide for the guarded communication of speech data.
It is described more fully according to exemplary enforcement now with reference to Fig. 2 to Fig. 5 and Fig. 6 A to Fig. 6 C The subscriber terminal equipment 100 of example.With reference to Fig. 2, subscriber terminal equipment 100 includes security module 110, leads to Letter module 120, camera model 130, pattern arrange module 140, output module 150 and control module 160.
Fig. 2 shows the subscriber terminal equipment 100 with various function (that is, operation), such as video Call function, security communication function (SCF) etc., as various types of elements in figure are exemplarily implemented.Can To be understood by, according to other exemplary embodiments one or more, some elements in Fig. 2 can be by Omit or change, or other type of element can also be added.
In the secure mode, security module 110 can be encrypted and be constituted the voice ratio corresponding with user speech The data of special stream at least some of, and the information relevant with encryption is inserted into voice bit stream, with Generate the voice bit stream of encryption.The voice bit stream of encryption can also be inserted into and regard by security module 110 Keep pouring in defeated stream, and the voice ratio of encryption being inserted in video transmission stream by communication module 120 Special stream is sent to external user terminal unit or server.In detail, security module 110 can encrypt quilt The speech data being included at least one in the payload district of voice bit stream and header area, and Confidential information will be added be inserted in auxiliary region.Here, security module 110 can be inserted into auxiliary by adding confidential information Help district, it should be appreciated that, other exemplary embodiments one or more are not limited to this.That is, respectively Planting in exemplary embodiment, security module 110 can be inserted into payload district, head by adding confidential information At least one in district and auxiliary region.Add confidential information to include encryption key, the position of encrypted area and add At least one in close algorithm types.Encryption key can be key data, the index of key data or The pointer value of key data.If encryption key is divided and is inserted in bit stream, then division information Can be included.
In the secure mode, security module 110 can generate silence data, and is generated by using Silence data generate voice transfer stream.The voice transfer stream generated can be carried by security module 110 Supply communication module 120.
If the video transmission stream received by communication module 120 includes the voice bit stream of encryption, then pacify Full module 110 can extract the voice bit stream of encryption from video transmission stream, and from the voice ratio of encryption Special stream obtains and adds confidential information to decode or the voice bit stream of deciphering encryption.Here, security module 110 can Video transmission stream be inserted into for the safe mode speech coder of speech processes rather than to be used for regarding Frequency processes to process the structure of video transmission stream.
In the normal mode, security module 110 can be by using in the case of not encrypting input signal Input speech data generates voice bit stream, and the voice bit stream generated is supplied to the mould that communicates Block 120.If the packet received by communication module 120 does not include the voice bit stream of encryption, then Security module 110 can not decoded or in the case of decrypted bitstream from bit stream decoding primary signal.
Security module 110 can generate voice bit stream, described encoding and decoding by using encoding and decoding algorithm Algorithm is installed in subscriber terminal equipment 100, be stored in and can remove from subscriber terminal equipment 100 It is downloaded in hardware or from network.Security module 110 can be arranged on subscriber terminal equipment by use In 100, be stored in can from the hardware that subscriber terminal equipment 100 removes or from network download adding Close algorithm performs encryption or decodes.Here, AES can include the number by using encryption key According to replacement or various operation.
Communication module 120 can include at least one antenna or communication terminal, by using from security module 110 video transmission streams provided or voice transfer stream generate the packet corresponding with the communication protocol preset, And send packet by wired or wireless communication channel.Communication module 120 can be from by wired Or the packet parsing video transmission stream that arrives of wireless communication receiver or voice transfer stream, and by video transmission stream It is supplied to security module 110 with voice transfer stream.
Here, communication channel can be 2G network, 3G network, 4G network, super 4G (B4G) net Directly leading between network, 5G network, Wi-Fi network, Internet Protocol (IP) network, terminal unit Communication network, other next generation network or heterogeneous network etc..Communication channel can be referred to as speech network, Data network, circuit-switched network, packet switching network or IP Multimedia System (IMS) network.
When performing video calling, camera model 130 is unlocked to catch the image of user.But, as Fruit performs voice communication in the secure mode by the flow process (such as, operating process) using video calling, The electric power being then supplied to camera model 130 is disconnected, thus does not allow camera model 130 to catch user's Image.
Pattern arranges module 140 can arrange the operator scheme relevant to guarded communication.Pattern is arranged Module 140 can include at least one button, and it is mounted or is included in user interface (UI), figure is used In interface, family (GUI) or terminal unit.Operator scheme can include safe mode setting, Cipher Strength With at least one in guarded communication object, it will be appreciated that one or more, other is exemplary Embodiment is not limited to this.But, if need not the user input relevant to guarded communication, then Pattern arranges module 140 and can be not included in subscriber terminal equipment 100.
Output module 150 exports user speech.Here, as shown in Figure 6A, output module 150 is permissible Including normal talking output unit 151 (such as, normal talking follower) and video calling output unit 153 (such as, video calling followers).Here, if subscriber terminal equipment 100 is smart phone, Then normal talking output unit 151 can be to be mounted or provide the front table at smart phone as shown in Figure 6B On the speaker in face, in order to be placed on the ear of user when performing telephone relation and export voice Data.Video calling output unit 153 can be to be mounted or provided smart phone as shown in Figure 6 C The speaker of rear surface, in order to the output speech data when performing video calling.Here, video calling is defeated Go out unit 153 to be mounted or provided the rear surface of smart phone and be merely exemplary embodiment, and should Working as understanding, other exemplary embodiments one or more are not limited to this.Such as, video calling output is single Unit 153 can be mounted or be placed on any corner or the marginal zone of smart phone.
If performing normal video call, then output module 150 can pass through video calling output unit 153 Export speech data.But, if performing in the secure mode to lead to by the flow process using video calling Words, then output module 150 exports speech data by normal talking output unit 151.In this feelings Under condition, output module 150 can disconnect the electric power of video calling output unit 153.
Control module 160 (such as, controller) can control the integrated operation of subscriber terminal equipment 100. Control module 160 can control the element of subscriber terminal equipment 100 to grasp under by the pattern of user setup Make, or can operate in the way of default to control the element of subscriber terminal equipment 100.
Control module 160 can determine communication in the secure mode by the subscriber terminal equipment of receptor Whether it is possible.In detail, control module 160 can obtain receptor in communications connection procedure The information of subscriber terminal equipment, logical with determine in the secure mode by the subscriber terminal equipment of receptor Whether letter may.
Whether safe mode can be by arranging safe mould from user's query before or after conversing at receptor Formula, is set.According to exemplary embodiment, arranging of safe mode can include guarded communication Start and/or the setting of end time.The beginning of guarded communication or end time can open equal to call Begin or the end time, or can be set when performing call.The safe mode of principal set up can root It is automatically dismissed according to network condition or resets.
Cipher Strength can be set changeably according to receptor or the group of receptor or according to network condition Put, and single encryption mode, double-encryption pattern and triple encryption mode can be included.If terminal Equipment includes multiple AES or multiple key generation method, then Cipher Strength can be according to AES Or key generation method is arranged changeably.The length of encryption key can be adjusted arranging changeably and add Close intensity.
Guarded communication object can ask user to check the setting of safe mode according to receptor, or Person's safe mode can be automatically set the receptor group for additionally specifying.Alternately, safe mode The receptor for having performed guarded communication can be set automatically, or can be with re-request User checks the setting of safe mode.Here, Cipher Strength and guarded communication object can phases each other Close or link each other.Such as, corresponding with higher Cipher Strength encryption key can be assigned to spy Determine receptor or receptor group.
According to exemplary embodiment, the motion of user, gesture or voice can be identified, to arrange safety Pattern.The example of the motion of user can include the concrete activity on terminal unit, on such as terminal unit Multi-hit input, terminal unit specific part on friction (rubbing) etc..The example of the gesture of user Son can be included in the concrete motion etc. of the user being performed when gripping terminal unit.According to another exemplary Embodiment, the bio information including the instruction content of the user relevant with safe mode can be identified, with Safe mode is set.Such as, bio information can pass through Brain Computer Interface (BCI) or brain-machine Interface (BMI) is identified.Content and the identification activity of safe mode can be mapped to each other and quilt It is stored in advance in terminal unit.
Fig. 3 is the block diagram of the structure illustrating the security module 110 according to exemplary embodiment.With reference to Fig. 3, Security module 110 includes encoder 111, encryption equipment 112, encryption information inserters 113, stream maker 114, voice bit stream extractor 115, encryption information extractor 116, decoding unit 117 (such as, solve Close device) and decoder 118.
Encoder 111 carrys out the speech data of coding input, to generate voice ratio by using the algorithm preset Special stream.Here, encoding and decoding algorithm can include various types of encoding and decoding algorithm, such as by standardization (ISO) Standard encoding and decoding algorithm (such as, the motion that the international organization of/International Electrotechnical Commission (IEC) is proposed The most G.722, motion picture expert group version (MPEG) audio frequency etc., wait G series standard encoding and decoding algorithm, independent Or proprietary encoding and decoding algorithm etc..Voice bit stream can include the parameter for coding and coded data, And their long form can change according to encoding and decoding algorithm.
As shown in Figure 4, voice bit stream can include header area 410, payload district 420 and auxiliary District 430.Here, the district corresponding to auxiliary region 430 can be assigned to header area 410 and payload The ad-hoc location in district 420.Header area 410 can include the information (example relevant to payload district 420 As, whether the data that instruction is included in payload district 420 are the information of speech data, instruction volume The information etc. of decoding algorithm type).Payload district 420 can be included therein the voice number arranging coding According to the field with the parameter for being decoded the speech data encoded, and auxiliary region 430 can be wrapped Include as using the field retained in the future.It is arranged in the certain bits in header area 410 or payload district 420 The auxiliary region put can also include for using the field retained in the future.Header area 410, payload district 420 Can be restricted with the order of placement of each in auxiliary region 430 and maybe can be not limited.Additionally, Multiple header areas, multiple payload district and multiple auxiliary region can be included and other districts can be added Enter in voice bit stream, or the structure of voice bit stream can be according to the encoding and decoding algorithm of latest edition And be changed.
At least some of data of the encryption equipment 112 voice bit stream to being generated by encoder 111 or encrypted It is encrypted.It is included at least in the header area 410 of voice bit stream or payload district 420 Divided data can be encrypted, or at least some of data in header area and payload district can together with by Encryption.According to another exemplary embodiment, at least some of data being included in auxiliary region can be added Close.
Encryption equipment 112 can also generate or provide the encryption key for encryption.Here, encryption key can To include foundation key and to add strong encryption keys.Foundation key can be symmetric key, unsymmetrical key or mixing Key, and adding strong encryption keys can be the key to foundation key encryption, to the district encrypted by foundation key The key of re-encrypted, or enable decode in the subscriber terminal equipment of specific receptor or decipher close Key.
AES based on key can be used for encryption.It is right that the example of AES can include using Claim key or the algorithm of private cipher key, use unsymmetrical key or the algorithm of public keys, mix and use Symmetric key and the algorithm of unsymmetrical key, and quantum cryptography algorithm, it should be appreciated that one or many Other exemplary embodiment individual is not limited to this.The algorithm using symmetric key or unsymmetrical key can make Use stream encryption key, such as Rivest Cipher 4 (RC4), or block encryption key, such as Rivest Cipher 5 (RC5), IDEA (IDEA), data encryption standards (DES), senior Encryption standard (AES), ARIA, SEED, triple des (3DES) etc., it should be appreciated that, Other exemplary embodiments one or more are not limited to this.Use unsymmetrical key or the calculation of public keys Method can use Rivest, Shamir, Adleman (RSA) public keys, it will be appreciated that one Other exemplary embodiments individual or multiple are not limited to this.
The add confidential information relevant to the encryption performed by encryption equipment 112 is inserted by encryption information inserters 113 To voice bit stream, to generate the voice bit stream of encryption.By adding that encryption information inserters 113 generates Close voice bit stream can be provided to flow maker 114.Add confidential information and can be included in bit stream Auxiliary region in.According to another exemplary embodiment, add confidential information and can be included in another of bit stream Qu Zhong, such as, the district less on the quality impact recovering signal.Add confidential information and can include encryption key. If encryption key is divided and is inserted in bit stream, then the division information of encryption key can be entered One step is included.Add the encryption indicator that confidential information can also include that indication bit stream is the most encrypted.Add Secret mark will can use certain synchronization bit.Encryption indicator can be inserted into the start bit in encrypted district Put.Add confidential information and can also include the positional information of encrypted area.Positional information can include opening of encrypted area Beginning position and end position.It addition, certain synchronization bit can be inserted into coding region starting position and End position.If transmitters and receivers terminal unit is recognized in advance by the setting of safe mode Encryption starts, then can need not or not include the encryption indicator added.If transmitters and receivers are eventually End equipment recognizes the frame of predetermined number after encryption indicator being detected in advance and is encrypted by selectivity or preset District encrypted, then can need not or not include the positional information added.Add confidential information can be included In district in the bitstream, for example, it is possible to be included in auxiliary region, or can be distributed and inserted Enter to multiple districts.
When performing communication in the secure mode, stream maker 114 generates voice transfer stream and transmission of video Stream.Especially, the voice bit stream of encryption can be inserted into video transmission stream by stream maker 114.Existing Stream maker 114 will be described more fully with reference to Fig. 5.As it is shown in figure 5, stream maker 114 is permissible Including silence data maker 114-1, voice transfer stream maker 114-2, video transmission stream maker 114-3 and voice bit stream inserter 114-4.Silence data maker 114-1 generates language to be inserted into Silence data in sound transmission stream.Voice transfer stream maker 114-2 can be by using by silence data The silence data that maker 114-1 generates generates voice transfer stream, and is supplied to by voice transfer stream Communication module 120.Video transmission stream maker 114-3 can generate video transmission stream, and speech bits The voice bit stream of encryption can be inserted into video transmission stream by stream inserter 114-4, and to communication mould Block 120 provides the video transmission stream of the voice bit stream being inserted into encryption.Voice bit stream inserter 114-4 can add and send the index that the voice bit stream of instruction encryption is included in video transmission stream Information.
Here, stream maker 114 can send voice transfer stream and video transmission stream to communication module 120, However, it should be understood that this is exemplary embodiment.Stream maker 114 can be with multiplexing (MUX) voice Transmission stream and video transmission stream, to send integrated stream to communication module 120.
Referring again to Fig. 3, voice bit stream extractor 115 can be from regarding of being provided by communication module 120 Keep pouring in defeated stream and extract the voice bit stream of encryption.Here, voice bit stream extractor 115 can be by making Index of reference information or the information that is included in header area 410 are to extract the voice bit stream of encryption.
The encryption information extractor 116 speech bits from the encryption extracted by voice bit stream extractor 115 Stream extracts and adds confidential information.
Decode unit 117 by use by encryption information extractor 116 extract add confidential information decode or The voice bit stream of deciphering encryption.Here, decoding unit 117 can be included in by use and add confidential information In encryption key perform decoding.Decode unit 117 can according to used by encryption equipment 112 The AES that AES is identical operates.
Decoder 118 can decode by decoding the bit stream that unit 117 is decoded.Decoder 118 can root Operate according to the encoding and decoding algorithm identical with the encoding and decoding algorithm used by encoder 111.
The speech data of encryption can be sent and received by using security module 110 as above, Without changing or updating the communication modem being included in subscriber terminal equipment.Furthermore, it is possible to prevent The encryption information dropout changed due to the code in various communication environments and cause.
In above-mentioned exemplary embodiment, voice bit stream is encrypted after being encoded, but this is only Exemplary embodiment, and it is to be understood that other exemplary embodiment one or more is not limited to this. According to another exemplary embodiment, voice bit stream can be encrypted in the operation of default coded treatment. Such as, coding can perform with Linear Estimation operation or quantization operation.Here, adding confidential information can be by It is inserted into the auxiliary region 430 of voice bit stream, the reserved field of header area or untapped field.
It addition, in above-mentioned exemplary embodiment, voice bit stream is decoded afterwards being decrypted, but This is only exemplary embodiment, and it is to be understood that other exemplary embodiment one or more does not limit In this.According to another exemplary embodiment, decoding and the decoding of voice bit stream can perform simultaneously.Example As, the decoding of voice bit stream can be held with the quantization operation of Linear Estimation decoding operation or decoding process OK.
Additionally, in above-mentioned exemplary embodiment, add confidential information and can be inserted into voice bit stream then Being sent, but this is only exemplary embodiment, and it is to be understood that one or more, other is exemplary Embodiment is not limited to this.According to another exemplary embodiment, adding confidential information can be via additional packet Or other transmission stream is sent.
Now with reference to Fig. 7 to Figure 13, the guarded communication side according to various exemplary embodiments is described Method.
Fig. 7 is the guarded communication of the subscriber terminal equipment illustrating the transmitter according to exemplary embodiment The flow chart of method.
In operation S710, subscriber terminal equipment 100 determines call the most in the secure mode. Here, subscriber terminal equipment 100 can be by using another subscriber terminal equipment (that is, receiver user Terminal unit) information determine call the most in the secure mode, this information is in communication link Receive during receiving other subscriber terminal equipment.
If determining that call can not or will perform the most in the secure mode in operation S710, then behaviour Make in S760, subscriber terminal equipment 100 under normal mode (that is, not to speech bits stream encryption) with Other subscriber terminal equipment performs call.If determining that call may or will be in safety in operation S710 Under pattern perform, then operation S720 in, subscriber terminal equipment 100 by use mike receive or The voice of capture user.
Operation S730 in, subscriber terminal equipment 100 generate and encrypt include corresponding with user speech The voice bit stream of speech data.Now with reference to Fig. 8, the encryption voice according to exemplary embodiment is described The method of bit stream.
In operation S810, subscriber terminal equipment 100 coded voice data is to generate voice bit stream.This In, subscriber terminal equipment 100 can carry out coded voice data to generate voice by using the algorithm preset Bit stream.Such as, subscriber terminal equipment 100 can be compiled by using various types of encoding and decoding algorithms Code speech data, various types of encoding and decoding algorithms such as standard encoding and decoding algorithm is (such as, by ISO/IEC The mpeg audio etc. recommended), G.722 G series standard encoding and decoding algorithm (such as, recommended by ITU-T Deng), independent or proprietary encoding and decoding algorithm etc..
In operation S820, subscriber terminal equipment 100 encrypts at least some of voice bit stream.Here, At least some of data being included in the header area of voice bit stream or payload district can be encrypted, And at least some of data in header area and payload district can together with encrypted.According to another example Property embodiment, at least some of data being included in auxiliary region can be encrypted.Subscriber terminal equipment 100 Can also generate or provide and add confidential information (such as, encryption key) for encrypt.
In operation S830, subscriber terminal equipment 100 will add confidential information and be inserted into voice bit stream.Here, (such as, subscriber terminal equipment 100 can be inserted at least one district of voice bit stream by adding confidential information Header area, payload district and a part for auxiliary region).Subscriber terminal equipment 100 can be according to such as reference The method that Fig. 8 describes encrypts voice bit stream.
Referring again to Fig. 7, in operation S740, subscriber terminal equipment 100 is by the voice bit stream of encryption It is inserted into video transmission stream.Here, silence data can also be inserted into voice by subscriber terminal equipment 100 Transmission stream.Instruction encryption voice bit stream can also be inserted into transmission of video by subscriber terminal equipment 100 Index information in stream is included in video transmission stream (such as, in voice bit stream).
In operation S750, video transmission stream is sent to separately by subscriber terminal equipment 100 by communication channel One subscriber terminal equipment.
Fig. 9 is the guarded communication of the subscriber terminal equipment illustrating the receptor according to exemplary embodiment The flow chart of method.
In operation S910, subscriber terminal equipment 100 determines whether call performs in the secure mode. Here, subscriber terminal equipment 100 can be by using another subscriber terminal equipment (that is, accepter user Terminal unit) information determine call the most in the secure mode, this information is in communication link Receive during receiving other subscriber terminal equipment.
If determining that call performs the most in the secure mode in operation S910, then in operation S970, Subscriber terminal equipment 100 is in the normal mode (that is, not to speech bits stream encryption) with other user eventually End equipment performs call.If determining that call to perform in the secure mode in operation S910, then behaviour Making in S920, subscriber terminal equipment 100 receives the video transmission stream of the voice bit stream including encryption.
In operation S930, subscriber terminal equipment 100 extracts the voice bit stream of encryption from video transmission stream. Here, subscriber terminal equipment 100 by using index information or can be included in (example in video transmission stream As, in the header area of voice bit stream) information extract the voice bit stream of encryption.User terminal sets The voice bit stream of the encryption extracted from video transmission stream can be exported for 100 and be used for speech processes Structure (such as, speech coder) rather than the structure for Video processing.
In operation S940, the voice bit stream of encryption is decoded or deciphered to subscriber terminal equipment 100.Here, Subscriber terminal equipment 100 can carry out decrypted voice bit by using the decoding algorithm identical with AES Stream.
In operation S950, subscriber terminal equipment 100 decodes the voice bit stream being decrypted.Here, use Family terminal unit 100 can come by using the encoding and decoding algorithm identical with the encoding and decoding algorithm for coding Decoded speech bit stream.
In operation S960, subscriber terminal equipment 100 exports speech data.Here, although user terminal Equipment 100 performs guarded communication by the flow process (such as, operating process) using video calling, But subscriber terminal equipment 100 can lead to by using normal talking output unit 151 rather than video Words output unit 153, exports speech data.
Figure 10 is the precedence diagram illustrating the guarded communication method according to exemplary embodiment.
In operation S1005, first user terminal unit 100-1 and the second subscriber terminal equipment 100-2 Perform communication connection in the secure mode.Here, first user terminal unit 100-1 and the second user are eventually End equipment 100-2 can check call the most in the secure mode in communications connection procedure, so After perform communication connection the most in the secure mode.
In operation S1010, first user terminal unit 100-1 receives speech data.Here, voice Data can be inputted by mike, but this is only exemplary embodiment, and it is to be understood that Other exemplary embodiments one or more are not limited to this.Such as, speech data can be stored in and deposit In storage media, it is then fed into.
In operation S1015, first user terminal unit 100-1 coded voice data is to generate voice ratio Special stream.
In operation S1020, first user terminal unit 100-1 encrypts voice bit stream.In detail, First user terminal unit 100-1 can encrypt at least be included in generated voice bit stream Divided data, generates and adds confidential information, and insertion adds confidential information to encrypt voice bit stream.
In operation S1025, voice bit stream is inserted into video and passes by first user terminal unit 100-1 Defeated stream.
In operation S1030, video transmission stream is sent to the second use by first user terminal unit 100-1 Family terminal unit 100-2.
In operation S1035, the second subscriber terminal equipment 100-2 extracts the language of encryption from video transmission stream Sound bit stream.
In operation S1040, the second subscriber terminal equipment 100-2 decodes or the speech bits of deciphering encryption Stream.In detail, the second subscriber terminal equipment 100-2 can extract from the voice bit stream of encryption and add secret letter Breath, and by using the confidential information that adds extracted to decode voice bit stream.
In operation S1045, the second subscriber terminal equipment 100-2 decoded speech bit stream is to obtain voice Data.
Speech data in operation S1050, acquired in the second subscriber terminal equipment 100-2 output.This In, although perform to use during call the flow process (such as, operating process) of video calling in the secure mode, But acquired speech data can be exported normal talking output by the second subscriber terminal equipment 100-2 Unit 151 rather than video calling output unit 153.
According to various example embodiment as above, the speech data of encryption can be sent and received, Without changing or updating the communication modem being included in subscriber terminal equipment.At various communication environments In, it is possible to prevent the encryption information dropout caused due to code conversion, and can be in the most more new traffic Guarded communication for speech data is provided in the case of system between subscriber terminal equipment.
In above-mentioned exemplary embodiment, if the speech coder being included in communication modem is not Support safe mode, then other structure (such as, application processor etc.) can encrypt speech bits Stream, and the voice bit stream of encryption is inserted into video transmission stream.But, this is only an example Property embodiment, and it is to be understood that other exemplary embodiment one or more is not limited to this.If The speech coder being included in communication modem supports safe mode, the then voice bit stream encrypted Voice transfer stream can be inserted into, be then communicated to another subscriber terminal equipment.
Now with reference to Figure 11, the protected of the subscriber terminal equipment according to another exemplary embodiment is described The method of communication.
With reference to Figure 11, in operation S1110, first user terminal unit 100-1 is from the second user terminal Equipment 100-2 receives the voice bit stream of encryption, and wherein, voice bit stream is added by voice transfer stream Close.Here, voice transfer stream can include the flag information indicating voice bit stream encrypted.
In operation S1120, first user terminal unit 100-1 determines whether it is likely that and identifies encryption Voice bit stream.Here, if it is indicated that the encrypted flag information of voice bit stream is identified or generation Code conversion is supported for identifying the voice bit stream of encryption, then first user terminal unit 100-1 on network May determine that the voice bit stream likely identifying encryption.
If determining the voice bit stream likely identifying encryption in operation S1120, then at operation S1130 In, first user terminal unit 100-1 under the first safe mode with the second subscriber terminal equipment 100-2 Converse.If determining the voice bit stream that can not identify encryption in operation S1120, then behaviour Making in S1140, first user terminal unit 100-1 sets with the second user terminal under the second safe mode Standby 100-2 converses.Here, the first safe mode refers to that the voice bit stream encrypted wherein is passed through The safe mode that voice transfer stream is sent, and the second safe mode refers to the voice ratio encrypted wherein The safe mode that special stream is sent by video transmission stream.
Now with reference to Figure 12 describe as described in the operation S1140 of Figure 11 in the second safe mode The lower method carrying out conversing with the second subscriber terminal equipment 100-2.
If determining in operation S1120 and can not identifying to be inserted into and connect from the second user terminal 100-2 The voice bit stream of the encryption in the voice transfer stream received, then, in operation S1210, first user is eventually End equipment 100-1 shows the user interface (UI) for carrying out conversing in the second safe mode, and passes through UI receives the user command for selecting the second safe mode.Such as, first user terminal unit 100-1 The icon 1310 selecting the UI for performing guarded communication under the second safe mode can be received User command, as shown in figure 13.Here, first user terminal unit can show and includes that instruction can not The UI of the message of the voice bit stream of encryption can be identified.
In operation S1220, first user terminal unit 100-1 is switched to the second safe mode.Here, Second safe mode refers to that the voice bit stream encrypted wherein is inserted into video transmission stream to carry out being protected The pattern of the call protected.
In operation S1230, first user terminal unit 100-1 opens speech capturing function and closes Video Capture function.In other words, although first user terminal unit 100-1 uses video transmission stream, But need not capture video.Therefore, first user terminal unit 100-1 can close camera model 130 To close Video Capture function.
In operation S1240, first user terminal unit 100-1 is by using safe mode voice coding Device compresses the user speech of input.This has been described above being described in detail with reference to Fig. 3, therefore below Omit its repetitive description.
In operation S1250, first user terminal unit 100-1 changes the voice bit stream of output encryption Port.In detail, first user terminal unit 100-1 can be by the voice bit stream of output encryption Port changes to video port from voice port.
In operation S1260, the voice bit stream of encryption is inserted into by first user terminal unit 100-1 Video transmission stream.
In operation S1270, video transmission stream is sent to the second use by first user terminal unit 100-1 Family terminal unit 100-2.
Therefore, if encryption voice bit stream due to system change (such as, the change of network, from 3G change arrive 4G etc.) and cannot be identified, then the voice bit stream encrypted is sent out by video transmission stream Send, in order to not the change of guard system and continue executing with guarded communication.
Retouch now with reference to Figure 14 A and Figure 14 B, Figure 15 A and Figure 15 B and Figure 16 A and Figure 16 B State transmission voice transfer stream and the method for video transmission stream.
It is said that in general, as shown in Figure 14 A, subscriber terminal equipment 100 can be sent out within the 100ms time period Send five voice transfer stream s1 to s5 and three video transmission stream Bt1 to Bt3.But, according to exemplary Embodiment, as shown in Figure 14B, (such as, subscriber terminal equipment 100 can arrange one section of Preset Time For 13.33ms) buffer space, thus relative to voice transfer flow delay and send video transmission stream and reach pre- If the time.
In detail, as shown in fig. 15, if transmitter subscriber terminal equipment send voice transfer stream and Video transmission stream, then initial buffer can be set to 100ms by the subscriber terminal equipment of receptor, With simultaneous voice transmission stream and video transmission stream.
But, according to exemplary embodiment, as shown in fig. 15b, if the subscriber terminal equipment of transmitter Postpone and send video transmission stream to reach Preset Time (such as, reach 13.33ms), then after voice transfer stream Buffer space can be set to be shorter than the 46.66ms of 100ms by the subscriber terminal equipment of receptor, with same Step voice transfer stream and video transmission stream.
In other words, as it has been described above, the subscriber terminal equipment of transmitter can postpone after voice transfer stream And send video transmission stream and reach Preset Time.Therefore, the subscriber terminal equipment of receptor can reduce and is used for Simultaneous voice transmission stream and the initial buffer interval of video transmission stream.
In more detail, the subscriber terminal equipment of transmitter can postpone after voice transfer stream and send video Transmission stream reaches 13.33ms.Here, voice transfer stream s1 and s2 is Tong Bu with video transmission stream Bt1, voice Stream s3 and s4 is Tong Bu with video transmission stream Bt2 in transmission, and voice transfer stream s5 and video transmission stream Bt3 Synchronize.
Additionally, the subscriber terminal equipment of receptor can postpone and receive video transmission stream and voice transfer stream Reach 46.66ms, in order to synchronization video transmission stream and voice transfer stream.Here, when receiving video transmission stream During Br1, a part (that is, the part of 6.66ms) of voice transfer stream s2 can retain.When reception regards When keeping pouring in defeated stream Br2, a part (such as, the part of 13.33ms) of voice transfer stream s4 can be protected Stay.But, when receiving video transmission stream Br3, the whole part of voice transfer stream s5 can be received. In other words, the subscriber terminal equipment of transmitter can postpone concurrent sending voice transmission stream and video transmission stream Reach 13.33, and the subscriber terminal equipment of therefore receptor can have minimum initial buffer interval 46.66ms。
Figure 17 A is to illustrate to be inserted into voice transfer according to exemplary embodiment when carrying out normal talking The figure of the data of stream and video transmission stream.As shown in Figure 17 A, when carrying out normal talking, speech bits Stream can be inserted into voice transfer stream, and video bit stream can be inserted into video transmission stream.Change Sentence is talked about, and when carrying out normal talking, does not include the flag information indicating voice bit stream encrypted.
Figure 17 B is to illustrate being inserted when conversing under the second safe mode according to exemplary embodiment Enter to voice transfer stream and the figure of the data of video transmission stream.As seen in this fig. 17b, instruction voice bit stream Flag information that is encrypted and/or that be included in video transmission stream can be inserted into voice transfer stream, and And encrypted voice bit stream can be inserted into video transmission stream.In other words, receiver terminal sets For sensing, detect or obtain the flag information being inserted in voice transfer stream, with in the second safety The communication with another subscriber terminal equipment is performed under pattern.
Figure 18 A is to illustrate that the video that high quality audio data is inserted into according to another exemplary embodiment passes Defeated stream is to send the figure of the method for high quality audio data.As shown in Figure 18 A, voice bit stream can be by It is inserted into voice transfer stream, and video bit stream and audio bitstream can be inserted into video transmission stream. In other words, as in related art method, user speech can send by using voice transfer stream, And video data and high quality audio data (such as, background music etc.) can pass by using video Defeated stream sends to enable high-quality session services together.
Figure 18 B be illustrate according to another exemplary embodiment control information is inserted into voice transfer stream with Send the figure of the method for control information.As shown in figure 18b, the control information (example of the voice bit stream of encryption As, add confidential information) can be inserted into voice transfer stream (individually or also have other data, such as Silence data), and the voice bit stream encrypted can be inserted into video transmission stream.In other words, when When conversing under the second safe mode, various types of information can be inserted into sky to be sent Video transmission stream.It is understood, however, that according to another exemplary embodiment, add confidential information permissible It is included in video transmission stream (such as, in voice bit stream).In this case, silence data or Person's sky data can be included in voice transfer flow of information.
Equipment according to exemplary embodiment can include the UI equipment of such as processor, stores and performs journey The memorizer of ordinal number evidence, the permanent storage of such as disk drive, with the communication ends of external device communication Mouthful, touch panel, key, button etc..The method being implemented as software module or algorithm etc. can be stored For the computer-readable code that can be performed by processor on computer readable recording medium storing program for performing or programmed instruction. Here, the example of computer readable recording medium storing program for performing includes magnetic storage medium (such as, read only memory (ROM), random access memory (RAM), floppy disk, hard disk etc.) and optical recording media (optical Reading medium) (such as CD-ROM, digital versatile disc (DVD) etc.) etc..Computer can Read record medium can store and perform the department of computer science being distributed to be connected to each other by network in a distributed fashion Computer-readable code on system, that read by computer.Medium can be read by computer, is stored in In memorizer, and run by processor.
Exemplary embodiment can be embodied as functional device structure and various process operation.Functional device can It is embodied as running software and/or the software configuration of the various numbers of specific function.Such as, exemplary Embodiment can use integrated circuit (IC) structure, such as, in the control of one or more microprocessors Down or run the memorizer of various function, treatment element, logic basis by other type of control equipment Part, look-up table etc..Similar element can be run as software programming or software element, exemplary enforcement Example can include various types of algorithm, and it utilizes data structure, process, routine and other programming structure Combination and realize, in order to be specifically implemented as such as C, C++, Java, assembly program etc. programming or Script.Function aspects can be typically embodied as the algorithm for being run by one or more processors.Show Example embodiment can use prior art to process for electronic environment setting, signal processing and/or data Deng.Such as the term of " machine-processed ", " element, " " equipment " and " structure " can be widely used, and And it is not limited to machinery and physical arrangement.Term can be linked to processor etc., a series of soft to include The implication of part routine.
The specific run described in the exemplary embodiment is exemplary, and is not intended to technical scope. For the convenience of this specification, for other of existing electronic structure, control system, software and system The explanation of function aspects can be omitted.It addition, the line between the element shown in figure or connection structure Part exemplarily indicates function to connect and/or physically or electrically road connects.Therefore, in actual equipment, even Line or connecting elements may indicate that the connection of the most various function, physical connection or circuit Connect.
The instruction terms such as the term " described " used in this specification (especially in claim) can With corresponding to odd number or plural number.If additionally, describe scope, then scope include individually being worth (if Explanation the most on the contrary).Therefore, each value of scope is illustrated in detailed description effectively.The behaviour of method The order made can be explicitly described, or without description, then operation can come in the proper sequence Perform.But, the order of these operations is not limited to this.All examples or exemplary term are (such as, Deng) use be to conceive just to description technique, and therefore, the scope of claims is not by this A little examples or the restriction of exemplary term, but be defined by the claims.
Foregoing example embodiment and advantage are merely exemplary, are not necessarily to be construed as limiting.This teaching Other type of device can be readily applied to.Additionally, the description of exemplary embodiment is intended to explanation Property rather than the scope that limits claim, and many replace, modifications and variations are to this area skill Will be apparent from for art personnel.

Claims (15)

1. the method being performed guarded communication by subscriber terminal equipment, described method includes:
Encryption includes and under the safe mode between subscriber terminal equipment and another subscriber terminal equipment The first voice bit stream of the corresponding speech data of the user speech of call;
First voice bit stream of encryption is inserted into the first video transmission stream;And
The first video transmission stream inserting the first voice bit stream of encryption is sent to other user terminal Equipment.
The most the method for claim 1, wherein encrypt the first voice bit stream to include:
Encode the speech data corresponding with user speech to generate the first voice bit stream;
Encrypt at least some of data of the first voice bit stream;And
The confidential information that adds being used for encryption is inserted into the first voice bit stream.
3. method as claimed in claim 2, wherein, the first voice bit stream includes:
Header area, is included in the information in the first voice bit stream including instruction speech data;And
Payload district, including being coded of speech data.
4. method as claimed in claim 3, wherein, encrypts at least some of data and includes encrypting first The payload district of voice bit stream.
5. method as claimed in claim 3, wherein:
First voice bit stream also includes auxiliary region;And
Add confidential information to be inserted in the header area of the first voice bit stream, payload district and auxiliary region At least one.
6. method as claimed in claim 2, wherein, described encrypted message packet include encryption key, first At least one in the position of the encryption section of voice bit stream and encryption algorithm type.
7. the method for claim 1, also includes:
Generate the voice transfer stream including silence data;And
The voice transfer stream generated is sent to other subscriber terminal equipment.
8. the method for claim 1, also includes:
Generate the voice transfer stream adding confidential information included for encryption;And
The voice transfer stream generated is sent to other subscriber terminal equipment.
9. the method for claim 1, also includes:
In response to receiving the second voice bit stream inserting encryption when performing call in the secure mode The second video transmission stream, by use safe mode speech coder process receive second video pass Defeated stream.
10. method as claimed in claim 9, wherein, processes the second video transmission stream bag received Include:
The second voice bit stream of encryption is extracted from the second video transmission stream received;
The encryption of the second voice bit stream encrypted for deciphering is obtained from the second voice bit stream extracted Information;
The second voice bit stream encrypted is deciphered based on the confidential information that adds obtained;And
The second voice bit stream that decoding has been deciphered is to export speech data.
11. methods as claimed in claim 10, also include, logical in response to perform in the secure mode Words, close camera model and the video calling output unit of subscriber terminal equipment, and use normal talking Output unit exports the speech data of the second video transmission stream received.
12. the method for claim 1, wherein for the call under safe mode, by making Speech data is processed, institute with the application processor of the communication modem being different from subscriber terminal equipment State the communication modem of subscriber terminal equipment for processing the voice number of the call under normal mode According to.
13. 1 kinds of subscriber terminal equipments, including:
Security module, be configured to encryption include with for setting at subscriber terminal equipment and another user terminal First speech bits of the speech data that the user speech of the call under safe mode between Bei is corresponding Stream, and the first voice bit stream of encryption is inserted into the first video transmission stream;And
Communication module, is configured to the first video transmission stream of the first voice bit stream by inserting encryption It is sent to other subscriber terminal equipment.
14. subscriber terminal equipments as claimed in claim 13, wherein, described security module includes:
Encoder, is configured to encode the speech data corresponding with user speech to generate the first voice ratio Special stream;
Encryption equipment, is configured to encrypt at least some of data of the first voice bit stream;And
Encryption information inserters, is configured to the confidential information that adds being used for encryption is inserted into the first speech bits Stream.
15. subscriber terminal equipments as claimed in claim 14, wherein, the first voice bit stream includes:
Header area, is included in the information in the first voice bit stream including instruction speech data;And
Payload district, including being coded of speech data.
CN201580006388.9A 2014-01-29 2015-01-28 Subscriber terminal equipment and its guarded communication method Expired - Fee Related CN105960811B (en)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
KR10-2014-0011479 2014-01-29
KR20140011479 2014-01-29
KR1020140138570A KR102092756B1 (en) 2014-01-29 2014-10-14 User terminal Device and Method for secured communication therof
KR10-2014-0138570 2014-10-14
PCT/KR2015/000912 WO2015115798A1 (en) 2014-01-29 2015-01-28 User terminal device and secured communication method thereof

Publications (2)

Publication Number Publication Date
CN105960811A true CN105960811A (en) 2016-09-21
CN105960811B CN105960811B (en) 2019-12-03

Family

ID=53885448

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201580006388.9A Expired - Fee Related CN105960811B (en) 2014-01-29 2015-01-28 Subscriber terminal equipment and its guarded communication method

Country Status (3)

Country Link
KR (1) KR102092756B1 (en)
CN (1) CN105960811B (en)
GB (1) GB2545529A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106412312A (en) * 2016-10-19 2017-02-15 北京奇虎科技有限公司 Method and system for automatically awakening camera shooting function of intelligent terminal, and intelligent terminal
CN107659400A (en) * 2017-09-29 2018-02-02 厦门科华恒盛股份有限公司 A kind of quantum secret communication method and device based on mark identification

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101909700B1 (en) * 2017-10-11 2018-10-18 한국전자통신연구원 VoLTE TERMINAL AND VOICE COMMUNICATION PROTECTION METHOD USING THE SAME
KR102555680B1 (en) * 2020-11-06 2023-07-17 카페24 주식회사 Method, Apparatus and System for Image Processing For Protecting Portrait Rights

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6256491B1 (en) * 1997-12-31 2001-07-03 Transcript International, Inc. Voice security between a composite channel telephone communications link and a telephone
CN201197180Y (en) * 2008-02-21 2009-02-18 上海迅特电子科技有限公司 Network video processing apparatus
US20090259460A1 (en) * 2008-04-10 2009-10-15 City University Of Hong Kong Silence-based adaptive real-time voice and video transmission methods and system
US20110293021A1 (en) * 2010-05-28 2011-12-01 Jayant Kotalwar Prevent audio loss in the spliced content generated by the packet level video splicer
CN102857341A (en) * 2011-06-28 2013-01-02 联芯科技有限公司 Communication method for encrypted call
CN102882831A (en) * 2011-07-11 2013-01-16 联芯科技有限公司 Method for controlling terminal to enter secret communication, secret communication method and terminal
CN202818616U (en) * 2012-08-14 2013-03-20 福建伊时代信息科技股份有限公司 Voice communication device and system

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100417125B1 (en) * 2002-08-07 2004-02-05 주식회사 팬택앤큐리텔 Method for Automatically Entering Secured Voice Communication Mode of Wireless Communication Terminal
FR2862835B1 (en) * 2003-11-24 2006-04-14 Medialive SECURED AND CUSTOMIZED DIFFUSION OF AUDIOVISUAL FLOWS BY A UNICAST / MULTICAST HYBRID SYSTEM
KR100763464B1 (en) * 2003-12-16 2007-10-04 김기호 Method of exchanging secret key for secured communication
US9172493B2 (en) * 2006-12-18 2015-10-27 International Business Machines Corporation Caller-identity based security
KR20100007738A (en) * 2008-07-14 2010-01-22 한국전자통신연구원 Apparatus for encoding and decoding of integrated voice and music
KR101297936B1 (en) * 2012-06-08 2013-08-19 가톨릭대학교 산학협력단 Method for security communication between mobile terminals and apparatus for thereof

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6256491B1 (en) * 1997-12-31 2001-07-03 Transcript International, Inc. Voice security between a composite channel telephone communications link and a telephone
CN201197180Y (en) * 2008-02-21 2009-02-18 上海迅特电子科技有限公司 Network video processing apparatus
US20090259460A1 (en) * 2008-04-10 2009-10-15 City University Of Hong Kong Silence-based adaptive real-time voice and video transmission methods and system
US20110293021A1 (en) * 2010-05-28 2011-12-01 Jayant Kotalwar Prevent audio loss in the spliced content generated by the packet level video splicer
CN102857341A (en) * 2011-06-28 2013-01-02 联芯科技有限公司 Communication method for encrypted call
CN102882831A (en) * 2011-07-11 2013-01-16 联芯科技有限公司 Method for controlling terminal to enter secret communication, secret communication method and terminal
CN202818616U (en) * 2012-08-14 2013-03-20 福建伊时代信息科技股份有限公司 Voice communication device and system

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106412312A (en) * 2016-10-19 2017-02-15 北京奇虎科技有限公司 Method and system for automatically awakening camera shooting function of intelligent terminal, and intelligent terminal
CN107659400A (en) * 2017-09-29 2018-02-02 厦门科华恒盛股份有限公司 A kind of quantum secret communication method and device based on mark identification
CN107659400B (en) * 2017-09-29 2020-08-28 科华恒盛股份有限公司 Quantum secret communication method and device based on identification recognition

Also Published As

Publication number Publication date
GB2545529A (en) 2017-06-21
KR102092756B1 (en) 2020-03-24
KR20150090817A (en) 2015-08-06
CN105960811B (en) 2019-12-03

Similar Documents

Publication Publication Date Title
JP6592570B2 (en) Transmitter
CN105981327B (en) Safety communicating method and equipment and the multimedia device for using this method and equipment
CN102438241B (en) To NAS signaling decryption device and method in a kind of LTE protocol monitoring analysis
US20150215112A1 (en) User terminal device and secured communication method thereof
CN105960811A (en) User terminal device and secured communication method thereof
EP3082291B1 (en) Secure communication method and apparatus and multimedia device employing same
CN109561056B (en) Secret communication method, system, mobile terminal and wearable device
JP6596131B2 (en) Transmitting apparatus, receiving apparatus and conditional access system
CN104581714A (en) Method for encrypting speech on basis of TD-SCDMA (time division-synchronization code division multiple access) circuit domains
CN101242453B (en) A transmission method and system for dual-audio multi-frequency signal
KR20150071958A (en) Method and apparatus for secure voice call
JP6539388B2 (en) Transmitter, receiver and conditional access system
JP6543396B2 (en) Transmitter, receiver and conditional access system
CN101924905A (en) Method and system for encrypting and decrypting in video telephone communication
EP4362515A1 (en) Authentication method and apparatus
JP6596130B2 (en) Transmitting apparatus, receiving apparatus and conditional access system
CN106533686A (en) Encryption communication method and system, communication unit and client
TWI287767B (en) Encryption device and method, decryption device and method, integrity authentication code generation device and method, integrity authentication code auxiliary device, integrity recognition device, and wireless communication device
CN115643014A (en) Voice secret transmission method in earphone set and encryption earphone
CN115604033A (en) Micro service system access control method, device, equipment and storage medium
CN113438142A (en) Communication method, communication system and storage system
Zhang et al. Research on end-to-end encryption of TETRA

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20191203