CN105960811A - User terminal device and secured communication method thereof - Google Patents
User terminal device and secured communication method thereof Download PDFInfo
- Publication number
- CN105960811A CN105960811A CN201580006388.9A CN201580006388A CN105960811A CN 105960811 A CN105960811 A CN 105960811A CN 201580006388 A CN201580006388 A CN 201580006388A CN 105960811 A CN105960811 A CN 105960811A
- Authority
- CN
- China
- Prior art keywords
- stream
- voice
- bit stream
- encryption
- subscriber terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000004891 communication Methods 0.000 title claims abstract description 111
- 238000000034 method Methods 0.000 title claims abstract description 97
- 230000005540 biological transmission Effects 0.000 claims abstract description 142
- 238000012546 transfer Methods 0.000 claims description 76
- 238000004422 calculation algorithm Methods 0.000 claims description 35
- 230000008569 process Effects 0.000 claims description 31
- 230000004044 response Effects 0.000 claims description 16
- 238000012545 processing Methods 0.000 claims description 7
- 230000006870 function Effects 0.000 description 18
- 239000000284 extract Substances 0.000 description 10
- 230000008859 change Effects 0.000 description 9
- 230000033001 locomotion Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 230000000694 effects Effects 0.000 description 3
- 238000003780 insertion Methods 0.000 description 3
- 230000037431 insertion Effects 0.000 description 3
- 238000006243 chemical reaction Methods 0.000 description 2
- 238000013478 data encryption standard Methods 0.000 description 2
- 230000007774 longterm Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000013139 quantization Methods 0.000 description 2
- 230000000717 retained effect Effects 0.000 description 2
- 108091026890 Coding region Proteins 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 210000004556 brain Anatomy 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000003111 delayed effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 239000003550 marker Substances 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 238000010587 phase diagram Methods 0.000 description 1
- 238000011112 process operation Methods 0.000 description 1
- 230000003252 repetitive effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/22—Arrangements for preventing the taking of data from a data transmission channel without authorisation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/02—Terminal devices
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Telephonic Communication Services (AREA)
- Telephone Function (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
Provided are a user terminal device and a secured communication method thereof. The secured communication method includes: encrypting a voice bitstream including voice data corresponding to a user voice for a call in a security mode between the user terminal device and another user terminal device; inserting the encrypted voice bitstream into a video transmission stream; and transmitting the video transmission stream, into which the encrypted voice bitstream is inserted, to the other user terminal device.
Description
Technical field
The aspect of exemplary embodiment relates to subscriber terminal equipment and guarded communication method thereof, and more
In particular it relates to by using video transmission stream to perform the use of the guarded communication for speech data
Family terminal unit and guarded communication method thereof.
Background technology
Being widely used of smart phone causes WCDMA (WCDMA) 3G and Long Term Evolution (LTE)
The user of 4G mobile communication increases suddenly.Using these to communicate, user often pays close attention to safety and privacy.
Especially since such as communication intercept (such as, eavesdropping) or the social problem that monitors and cause increasingly
Many concerns, and user is consequently increased for the demand of secure communication.Therefore, logical with shielded
The market that letter is relevant has the biggest growth in terms of public sector and private sector.
According to correlation technique, when performing for the guarded communication of speech data, installed by use
Speech coder (vocoder) in modem or by formed the agreement end of transmission packet come right
Speech data is encrypted.
If by using the speech coder of modem that speech data is encrypted, then modulatedemodulate
Adjust device can include supporting the speech coder of the guarded communication for speech data.But, if
Modem does not include the speech coder supporting the guarded communication for speech data, then voice
Encoder must be updated in modem.In this case, if modem supply is public
Department does not provide the development environment for updating modem, then possibly cannot provide guarded communication ring
Border.
If it addition, speech data is encrypted by the protocol terminal forming transmission packet, and system quilt
Change (such as, be changed between 3G and 4G if Virtual network operator is changed or communicates), then
The system being changed is difficult to encrypted packet.Accordingly, it is difficult to maintenance guarded communication.
Summary of the invention
Technical scheme
Exemplary embodiment solve at least the above and/or shortcoming and be not described above other lack
Point.Furthermore, it is not required that exemplary embodiment overcomes disadvantages mentioned above, and exemplary embodiment can be unable to
Take any of above problem.
The aspect of one or more exemplary embodiments provides for the voice bit stream of encryption being inserted into
Video transmission stream and send the voice bit stream of video transmission stream and encryption to perform guarded communication
Subscriber terminal equipment, and guarded communication method.
One side according to exemplary embodiment, it is provided that one is performed shielded by subscriber terminal equipment
The method of communication, described method includes: encryption includes and for whole at subscriber terminal equipment and another user
First speech bits of the speech data that the user speech of call is corresponding under safe mode between end equipment
Stream;First voice bit stream of encryption is inserted into the first video transmission stream;And encryption will be inserted
First video transmission stream of the first voice bit stream is sent to other subscriber terminal equipment.
Encrypt the first voice bit stream and may include that the coding speech data corresponding with user speech is with life
Become the first voice bit stream;Encrypt at least some of data of the first voice bit stream;And will be used for adding
The close confidential information that adds is inserted into the first voice bit stream.
First voice bit stream may include that header area, is included in the first language including instruction speech data
Information in sound bit stream;And payload district, including being coded of speech data.
Encrypt at least some of data and can include encrypting the payload district of the first voice bit stream.
First voice bit stream can also include auxiliary region;And add confidential information and can be inserted into the first language
At least one in the header area of sound bit stream, payload district and auxiliary region.
Add confidential information and can include the position of encryption section and the encryption of encryption key, the first voice bit stream
At least one in algorithm types.
Method can also include: generates the voice transfer stream including silence data;And the language that will be generated
Sound transmission stream is sent to other subscriber terminal equipment.
Method can also include: generates the voice transfer stream adding confidential information included for encryption;And will
The voice transfer stream generated is sent to other subscriber terminal equipment.
Method can also include: inserts encryption in response to receiving when performing call in the secure mode
The second video transmission stream of the second voice bit stream, connect by using safe mode speech coder to process
The second video transmission stream received.
Process the second video transmission stream received and may include that the second video transmission stream from receiving carries
Take the second voice bit stream of encryption;Obtain from second voice bit stream extracted and encrypted for deciphering
Second voice bit stream add confidential information;The second voice encrypted is deciphered based on the confidential information that adds obtained
Bit stream;And the second voice bit stream that decoding has been deciphered is to export speech data.
Method can also include: in response to the call performed in the secure mode, closes subscriber terminal equipment
Camera model and video calling output unit, and use normal talking output unit to export to receive
The speech data of the second video transmission stream.
For the call under safe mode, the communication modulation of subscriber terminal equipment can be different from by use
The application processor of demodulator processes speech data, the communication modem of described subscriber terminal equipment
It is used for processing the speech data for conversing in the normal mode.
One side according to another exemplary embodiment, it is provided that subscriber terminal equipment, including: safe mould
Block, is configured to encrypt and includes and for the peace between subscriber terminal equipment and another subscriber terminal equipment
First voice bit stream of the speech data that the user speech of call is corresponding under syntype, and will encryption
The first voice bit stream be inserted into the first video transmission stream;And communication module, it is configured to insert
First video transmission stream of the first voice bit stream of encryption is sent to other subscriber terminal equipment.
Security module may include that encoder, is configured to encode the voice number corresponding with user speech
Generate the first voice bit stream according to this;Encryption equipment, is configured to encrypt at least the one of the first voice bit stream
Part data;And encryption information inserters, it is configured to the confidential information that adds being used for encryption is inserted into the
One voice bit stream.
First voice bit stream may include that header area, is included in the first language including instruction speech data
Information in sound bit stream;And payload district, including being coded of speech data
Encryption equipment can be configured to encrypt the payload district of the first voice bit stream.
First voice bit stream can also include auxiliary region;And encrypt information inserters and can be configured to
It is inserted into adding confidential information in the header area of the first voice bit stream, payload district and auxiliary region at least
One.
Add confidential information and can include the position of encryption section and the encryption of encryption key, the first voice bit stream
At least one in algorithm types.
Security module can also include silence data maker, and this silence data maker is configurable to generate
Voice transfer stream including silence data;And communication module can be configured to pass the voice generated
Defeated stream is sent to other subscriber terminal equipment.
Communication module can be configured to will include that the voice transfer stream adding confidential information for encryption is sent to
Other subscriber terminal equipment.
In response to receiving the second voice bit stream inserting encryption when performing call in the secure mode
The second video transmission stream, security module can be configured to use at safe mode speech coder
The second video transmission stream that reason receives.
Subscriber terminal equipment can also include: output module, and wherein security module can also include: extracts
Device, is configured to extract the second voice bit stream of encryption from the second video transmission stream received;Encryption
Information acquirer, be configured to obtain for deciphering encrypted the second voice bit stream add confidential information;
And decryption unit, it is configured to the confidential information that adds based on obtaining and deciphers the second speech bits encrypted
Stream, wherein, output module can be configured to decode the second voice bit stream deciphered to export voice
Data.
Subscriber terminal equipment can also include: camera model, is configured to respond to the video being carrying out
Conversing and capture the image of user, wherein, output module includes video calling output unit and normal talking
Output unit, and wherein in response to the call performed the most in the secure mode, subscriber terminal equipment is closed
Camera model and video calling output unit, and by using normal talking output unit to export reception
The speech data of the second video transmission stream arrived.
One side according to another exemplary embodiment, it is provided that perform the shielded of subscriber terminal equipment
The method of communication, the method includes: added from the reception of external user terminal unit by the first voice transfer stream
The first close voice bit stream;Determine whether it is likely that identification is from adding that external user terminal unit receives
The first close voice bit stream;Recognizable the first voice bit stream encrypted is determined in response to according to described,
With outside under sent first safe mode of the second voice bit stream of encryption by the second voice transfer stream
Subscriber terminal equipment is conversed;And in response to according to described the first voice that cannot not determine recognizablely encryption
Bit stream, by video transmission stream send encryption the second voice bit stream the second safe mode under with
External user terminal unit is conversed.
Carry out call in the second safe mode to may include that and cannot not determine recognizablely encryption in response to according to described
The first voice bit stream, output is for carrying out the user interface (UI) conversed under the second safe mode;
And in response to by the UI inputting user command of output, with external user under the second safe mode
Terminal unit is conversed.
Under the second safe mode, carry out call can include opening speech capturing function and closing Video Capture
Function.
Carrying out under the second safe mode converses may include that the user speech encrypted and input is corresponding
Second voice bit stream;The port being used for exporting the second voice bit stream of encryption is changed into video port;
Second voice bit stream of encryption is inserted into video transmission stream;And video transmission stream is sent to outside
Subscriber terminal equipment.
Under the second safe mode, carry out call can also include: by space division group with add in confidential information at least
One is inserted into the 3rd voice transfer stream;And the 3rd voice transfer stream is sent to external user terminal sets
Standby.
The transmission of video transmission stream can reach the default time relative to the 3rd voice transfer flow delay.
Insertion can include inserting the information indicating the second voice bit stream encrypted as adding confidential information
Enter.
Insertion can include encryption key, the position of the encrypted area of the second voice bit stream and AES
Type at least one insert as adding confidential information.
One side according to another exemplary embodiment, it is provided that a kind of subscriber terminal equipment, including: logical
Letter module, is configured to the first voice transfer stream and receives the first of encryption from external user terminal unit
Voice bit stream;And control module, it is configured to determine whether likely to identify the first voice of encryption
Bit stream, with in response to according to described the first voice bit stream determining recognizable encryption, by second
Set with external user terminal under first safe mode of the second voice bit stream that voice transfer stream sends encryption
Standby converse, and with in response to according to described the first voice bit stream not determining recognizable and encrypting,
With external user under sent second safe mode of the second voice bit stream of encryption by video transmission stream
Terminal unit is conversed.
Subscriber terminal equipment can also include that pattern arranges module, and wherein, control module can be configured to
Control model arranges module, with in response to according to described cannot not determine recognizablely encryption the first voice bit stream,
Output is used for the UI carrying out conversing under the second safe mode, and with in response to by output
UI inputting user command, converses with external user terminal unit under the second safe mode.
Conversing in response under the second safe mode, control module can be configured to open voice and catch
Obtain function and close Video Capture function.
Subscriber terminal equipment can also include: security module, is configured to respond in the second safe mode
Converse with exterior terminal equipment down, encrypt second speech bits corresponding with the user speech inputted
Stream, changes into video port by the port being used for exporting the second voice bit stream of encryption, and will encryption
The second voice bit stream be inserted into video transmission stream, wherein communication module can be configured to by video pass
Defeated stream is sent to external user terminal unit.
Security module can be configured to just space division group and be inserted into the 3rd with at least one added in confidential information
Voice transfer stream;And communication module can be configured to the 3rd voice transfer stream is sent to external user
Terminal unit.
Communication module can be configured to reach the transmission of transmission of video relative to the 3rd voice transfer flow delay
The time preset.
Security module can be configured to the encrypted information of the second voice bit stream will be indicated as adding secret letter
Breath inserts.
Security module can be configured to by encryption key, the position of the encrypted area of the second voice bit stream and
At least one in the type of AES is inserted as adding confidential information.
One side according to another exemplary embodiment, it is provided that performed shielded by subscriber terminal equipment
The method of communication, the method includes: receives when performing voice call in the secure mode and includes encryption
The video transmission stream of voice bit stream;With in response to receiving video transmission stream, process the video received and pass
Defeated stream is to export speech data.
Method can also include receiving the language being different from video transmission stream when performing call in the secure mode
Sound transmission stream.
Voice transfer stream can include silence data and at least one added in confidential information.
Voice transfer stream can include that the information indicating voice bit stream encrypted is as adding confidential information.
Voice transfer stream can include position and the AES of the encrypted area of encryption key, voice bit stream
At least one in type is as adding confidential information.
Process the video transmission stream received can include being input to for language the video transmission stream received
Speech coder that sound processes rather than be used for processing the user of the video transmission stream for video calling eventually
The video processor of end equipment.
Process the second video transmission stream received and may include that the video transmission stream extraction from receiving adds
Close voice bit stream;Obtain for deciphering encrypted the second voice bit stream add confidential information;Based on
The confidential information that adds obtained deciphers the voice bit stream encrypted;And the voice bit stream that decoding has been deciphered,
To export speech data.
Acquisition can include obtaining from the voice bit stream extracted adding confidential information.
Acquisition can include obtaining from the voice transfer stream being different from video transmission stream adding confidential information.
Method can also include, when performing voice call in the secure mode, closes subscriber terminal equipment
Camera model and video calling output unit, and use the output of normal talking output unit to receive
The speech data of video transmission stream.
Method can also include: when performing call in the normal mode, receives and includes unencrypted voice ratio
The voice transfer stream of special stream.
When method is additionally may included under another safe mode execution call, receive the voice including having encrypted
The voice transfer stream of bit stream.
One side according to another exemplary embodiment, it is provided that a kind of on it record have and can be transported by computer
Row is for the non-transitory computer readable recording medium storing program for performing of the program performing any of above method.
Technique effect
According to various exemplary embodiments as above, user can be included in eventually not changing or updating
Send and receive the speech data of encryption in the case of communication modem in end equipment.
Accompanying drawing explanation
Describing some exemplary embodiment by referring to accompanying drawing, above-mentioned and/or other side will be apparent from,
In the accompanying drawings:
Fig. 1 is the figure illustrating the guarded communication method according to exemplary embodiment;
Fig. 2 is the block diagram of the structure illustrating the subscriber terminal equipment according to exemplary embodiment;
Fig. 3 is the block diagram of the structure of the security module illustrating the Fig. 2 according to exemplary embodiment;
Fig. 4 is the figure illustrating the voice bit stream according to exemplary embodiment;
Fig. 5 is the block diagram of the structure of the stream maker illustrating the Fig. 3 according to exemplary embodiment;
Fig. 6 A to Fig. 6 C is the figure of the output module illustrating the Fig. 2 according to exemplary embodiment;
Fig. 7 is the guarded communication of the subscriber terminal equipment illustrating the sender according to exemplary embodiment
The flow chart of method;
Fig. 8 is the flow chart of the method illustrating the encryption voice bit stream according to exemplary embodiment;
Fig. 9 is the guarded communication of the subscriber terminal equipment illustrating the recipient according to exemplary embodiment
The flow chart of method;
Figure 10 is the sequence chart illustrating the guarded communication method according to exemplary embodiment;
Figure 11 is the guarded communication side illustrating the subscriber terminal equipment according to another exemplary embodiment
The flow chart of method;
Figure 12 be illustrate according to another exemplary embodiment perform under the second safe mode shielded
The flow chart of the method for communication;
Figure 13 be illustrate according to exemplary embodiment for be arranged under the second safe mode execution protected
The figure of the user interface (UI) of the communication protected;
Figure 14 A and Figure 14 B, Figure 15 A and Figure 15 B and Figure 16 A and Figure 16 B are to illustrate according to showing
The transmission voice transfer stream of example embodiment and the figure of the method for video transmission stream;
Figure 17 A and Figure 17 B is to illustrate to be inserted into voice in normal talking according to exemplary embodiment
Transmission flows the data with video transmission stream and when performing shielded call under the second safe mode
It is inserted into the figure of the data of voice transfer stream and video transmission stream;And
Figure 18 A and Figure 18 B be illustrate according to another exemplary embodiment be inserted into voice transfer stream and
The figure of the data in video transmission stream.
Detailed description of the invention
Exemplary embodiment is described in detail with reference to the attached drawings.
In the following description, even if in different drawings, the reference marker of phase diagram is used for identical
Element.Item defined in description, such as detailed construction and element is provided for contributing to comprehensively
Understand exemplary embodiment.It is therefore evident that, exemplary embodiment can not have these concrete
It is implemented in the case of the item of definition.Additionally, be not described in known function or structure, because
They can obscure exemplary embodiment with unnecessary details.
Although various element can be described with term first, second used herein etc., but these yuan
Part should be not limited by these terms.These terms are only used for separating an element with another element region.
Terms used herein is only used to describe certain exemplary embodiments, is not intended to limit example
Property embodiment.As used herein, singulative " ", " one " and " being somebody's turn to do " are also intended to include again
Number form formula, unless the context clearly dictates otherwise.It will also be understood that term ought be used in this manual
" include " and/or time " comprising ", show to exist described feature, entirety, step, operation, unit
Part and/or assembly, but do not preclude the presence or addition of one or more further feature, entirety, step, operation,
Element, assembly and/or combinations thereof.When the statement of such as " at least one " occurs in the row of element
Time after table, the whole list of its modified elements rather than modify the discrete component of this list.
In the exemplary embodiment, " module " or " unit " can perform at least one function or operation,
And the combination of hardware or software or hardware and software can be embodied as.It addition, unless " module "
Or " unit " can be embodied as specific hardware, the most multiple " modules " or multiple " unit "
At least one module can be integrated into be embodied as at least one processor.
According to exemplary embodiment, subscriber terminal equipment can be referred to as mobile or fixed user terminal and set
Standby, such as subscriber equipment (UE), movement station (MS), advanced mobile station (AMS), equipment etc..
Hereinafter, exemplary embodiment be will be described in detail with reference to the accompanying drawings.In the accompanying drawings, identical reference mark
Note represents identical element.
Fig. 1 is the guarded communication method illustrating the guarded communication system according to exemplary embodiment
Figure.With reference in Fig. 1, guarded communication system includes first user terminal unit 100-1 and second
Subscriber terminal equipment 100-2.
When performing normal video call, first user terminal unit 100-1 is included in communication by use
(such as, Long Term Evolution (LTE) modem, code division are many for communication modem in processor
Location (CDMA) modem or WCDMA multiple access (WCDMA) modem) come
Process speech data is to generate voice transfer stream, and the voice transfer stream generated is sent to the second use
Family terminal unit 100-2.First user terminal unit 100-1 processes also by use application processor and regards
Frequency generates video transmission stream according to this, and the video transmission stream generated is sent to the second user terminal
Equipment 100-2.
Specifically, first user terminal unit 100-1 and the second subscriber terminal equipment 100-2 can pass through
The flow process (such as, operating process) using video calling as above is come in guarded communication pattern
Voice call is performed under (hereinafter referred to as safe mode).That is, under the second communication pattern, can pass through
By application processor processes speech data for generating video transmission stream, sending language in video transmission stream
Sound data and via the port for exporting video transmission stream (i.e. rather than be used for exporting voice transfer
The port of stream) export at least one in speech data to perform voice call.In detail, if pacified
Syntype be arranged on first subscriber terminal equipment 100-1 as transmitter and as receptor
Between two subscriber terminal equipment 100-2, then first user terminal unit 100-1 generates and encrypts and includes voice
The voice bit stream of data, is inserted video transmission stream by the voice bit stream of encryption, and is believed by communication
The video transmission stream inserting the voice bit stream of encryption is sent to the second subscriber terminal equipment 100-2 by road.
Additionally, first user terminal unit 100-1 generates the voice including silence data (such as, empty data)
Transmission stream, and by communication channel, voice transfer stream is sent to the second subscriber terminal equipment 100-2.Root
According to another exemplary embodiment, first user terminal unit 100-1 can generate and include silence data, refers to
Show that the information of safe mode (such as, adds confidential information or instruction voice bit stream is included in video transmission stream
In and/or the encryption indicator that is included of voice bit stream of instruction encryption) and be used for encrypting or deciphering
The voice transfer stream of at least one added in confidential information (such as, encryption key) of voice bit stream.This
Outward, according to another exemplary embodiment, the transmission of video transmission stream can be with the transmission phase of voice transfer stream
It is delayed by with closing.
Second subscriber terminal equipment 100-2 can extract the voice bit stream of encryption from video transmission stream, and
And process the voice bit stream of encryption speech data to be supplied to the second subscriber terminal equipment 100-2's
User.If first user terminal unit 100-1 performs call in the secure mode, then the second user is eventually
Video transmission stream can be input to structure (such as, the voice coder for speech processes by end equipment 100-2
Code device) rather than it is used for the structure of Video processing to process video transmission stream.Second subscriber terminal equipment
100-2 can also bypass (such as, abandon, ignore or ignore) and include the voice transfer stream of silence data.
In the secure mode, another programmable processor (such as, application processor, Digital Signal Processing
Device etc.) rather than communication modem or the communication processor of communication modem, can perform
Decode to realize the voice communication of safety.
According to exemplary embodiment, when performing call in the secure mode, voice bit stream is inserted into
Video transmission stream.Therefore, it can send and connect in the case of not changing or updating communication modem
Receive the speech data of encryption, and be possible to prevent to change due to the code in various communication environments and cause
Encryption information dropout.Furthermore it is possible in the case of the most more new communication system, at subscriber terminal equipment
Between provide for the guarded communication of speech data.
It is described more fully according to exemplary enforcement now with reference to Fig. 2 to Fig. 5 and Fig. 6 A to Fig. 6 C
The subscriber terminal equipment 100 of example.With reference to Fig. 2, subscriber terminal equipment 100 includes security module 110, leads to
Letter module 120, camera model 130, pattern arrange module 140, output module 150 and control module 160.
Fig. 2 shows the subscriber terminal equipment 100 with various function (that is, operation), such as video
Call function, security communication function (SCF) etc., as various types of elements in figure are exemplarily implemented.Can
To be understood by, according to other exemplary embodiments one or more, some elements in Fig. 2 can be by
Omit or change, or other type of element can also be added.
In the secure mode, security module 110 can be encrypted and be constituted the voice ratio corresponding with user speech
The data of special stream at least some of, and the information relevant with encryption is inserted into voice bit stream, with
Generate the voice bit stream of encryption.The voice bit stream of encryption can also be inserted into and regard by security module 110
Keep pouring in defeated stream, and the voice ratio of encryption being inserted in video transmission stream by communication module 120
Special stream is sent to external user terminal unit or server.In detail, security module 110 can encrypt quilt
The speech data being included at least one in the payload district of voice bit stream and header area, and
Confidential information will be added be inserted in auxiliary region.Here, security module 110 can be inserted into auxiliary by adding confidential information
Help district, it should be appreciated that, other exemplary embodiments one or more are not limited to this.That is, respectively
Planting in exemplary embodiment, security module 110 can be inserted into payload district, head by adding confidential information
At least one in district and auxiliary region.Add confidential information to include encryption key, the position of encrypted area and add
At least one in close algorithm types.Encryption key can be key data, the index of key data or
The pointer value of key data.If encryption key is divided and is inserted in bit stream, then division information
Can be included.
In the secure mode, security module 110 can generate silence data, and is generated by using
Silence data generate voice transfer stream.The voice transfer stream generated can be carried by security module 110
Supply communication module 120.
If the video transmission stream received by communication module 120 includes the voice bit stream of encryption, then pacify
Full module 110 can extract the voice bit stream of encryption from video transmission stream, and from the voice ratio of encryption
Special stream obtains and adds confidential information to decode or the voice bit stream of deciphering encryption.Here, security module 110 can
Video transmission stream be inserted into for the safe mode speech coder of speech processes rather than to be used for regarding
Frequency processes to process the structure of video transmission stream.
In the normal mode, security module 110 can be by using in the case of not encrypting input signal
Input speech data generates voice bit stream, and the voice bit stream generated is supplied to the mould that communicates
Block 120.If the packet received by communication module 120 does not include the voice bit stream of encryption, then
Security module 110 can not decoded or in the case of decrypted bitstream from bit stream decoding primary signal.
Security module 110 can generate voice bit stream, described encoding and decoding by using encoding and decoding algorithm
Algorithm is installed in subscriber terminal equipment 100, be stored in and can remove from subscriber terminal equipment 100
It is downloaded in hardware or from network.Security module 110 can be arranged on subscriber terminal equipment by use
In 100, be stored in can from the hardware that subscriber terminal equipment 100 removes or from network download adding
Close algorithm performs encryption or decodes.Here, AES can include the number by using encryption key
According to replacement or various operation.
Communication module 120 can include at least one antenna or communication terminal, by using from security module
110 video transmission streams provided or voice transfer stream generate the packet corresponding with the communication protocol preset,
And send packet by wired or wireless communication channel.Communication module 120 can be from by wired
Or the packet parsing video transmission stream that arrives of wireless communication receiver or voice transfer stream, and by video transmission stream
It is supplied to security module 110 with voice transfer stream.
Here, communication channel can be 2G network, 3G network, 4G network, super 4G (B4G) net
Directly leading between network, 5G network, Wi-Fi network, Internet Protocol (IP) network, terminal unit
Communication network, other next generation network or heterogeneous network etc..Communication channel can be referred to as speech network,
Data network, circuit-switched network, packet switching network or IP Multimedia System (IMS) network.
When performing video calling, camera model 130 is unlocked to catch the image of user.But, as
Fruit performs voice communication in the secure mode by the flow process (such as, operating process) using video calling,
The electric power being then supplied to camera model 130 is disconnected, thus does not allow camera model 130 to catch user's
Image.
Pattern arranges module 140 can arrange the operator scheme relevant to guarded communication.Pattern is arranged
Module 140 can include at least one button, and it is mounted or is included in user interface (UI), figure is used
In interface, family (GUI) or terminal unit.Operator scheme can include safe mode setting, Cipher Strength
With at least one in guarded communication object, it will be appreciated that one or more, other is exemplary
Embodiment is not limited to this.But, if need not the user input relevant to guarded communication, then
Pattern arranges module 140 and can be not included in subscriber terminal equipment 100.
Output module 150 exports user speech.Here, as shown in Figure 6A, output module 150 is permissible
Including normal talking output unit 151 (such as, normal talking follower) and video calling output unit
153 (such as, video calling followers).Here, if subscriber terminal equipment 100 is smart phone,
Then normal talking output unit 151 can be to be mounted or provide the front table at smart phone as shown in Figure 6B
On the speaker in face, in order to be placed on the ear of user when performing telephone relation and export voice
Data.Video calling output unit 153 can be to be mounted or provided smart phone as shown in Figure 6 C
The speaker of rear surface, in order to the output speech data when performing video calling.Here, video calling is defeated
Go out unit 153 to be mounted or provided the rear surface of smart phone and be merely exemplary embodiment, and should
Working as understanding, other exemplary embodiments one or more are not limited to this.Such as, video calling output is single
Unit 153 can be mounted or be placed on any corner or the marginal zone of smart phone.
If performing normal video call, then output module 150 can pass through video calling output unit 153
Export speech data.But, if performing in the secure mode to lead to by the flow process using video calling
Words, then output module 150 exports speech data by normal talking output unit 151.In this feelings
Under condition, output module 150 can disconnect the electric power of video calling output unit 153.
Control module 160 (such as, controller) can control the integrated operation of subscriber terminal equipment 100.
Control module 160 can control the element of subscriber terminal equipment 100 to grasp under by the pattern of user setup
Make, or can operate in the way of default to control the element of subscriber terminal equipment 100.
Control module 160 can determine communication in the secure mode by the subscriber terminal equipment of receptor
Whether it is possible.In detail, control module 160 can obtain receptor in communications connection procedure
The information of subscriber terminal equipment, logical with determine in the secure mode by the subscriber terminal equipment of receptor
Whether letter may.
Whether safe mode can be by arranging safe mould from user's query before or after conversing at receptor
Formula, is set.According to exemplary embodiment, arranging of safe mode can include guarded communication
Start and/or the setting of end time.The beginning of guarded communication or end time can open equal to call
Begin or the end time, or can be set when performing call.The safe mode of principal set up can root
It is automatically dismissed according to network condition or resets.
Cipher Strength can be set changeably according to receptor or the group of receptor or according to network condition
Put, and single encryption mode, double-encryption pattern and triple encryption mode can be included.If terminal
Equipment includes multiple AES or multiple key generation method, then Cipher Strength can be according to AES
Or key generation method is arranged changeably.The length of encryption key can be adjusted arranging changeably and add
Close intensity.
Guarded communication object can ask user to check the setting of safe mode according to receptor, or
Person's safe mode can be automatically set the receptor group for additionally specifying.Alternately, safe mode
The receptor for having performed guarded communication can be set automatically, or can be with re-request
User checks the setting of safe mode.Here, Cipher Strength and guarded communication object can phases each other
Close or link each other.Such as, corresponding with higher Cipher Strength encryption key can be assigned to spy
Determine receptor or receptor group.
According to exemplary embodiment, the motion of user, gesture or voice can be identified, to arrange safety
Pattern.The example of the motion of user can include the concrete activity on terminal unit, on such as terminal unit
Multi-hit input, terminal unit specific part on friction (rubbing) etc..The example of the gesture of user
Son can be included in the concrete motion etc. of the user being performed when gripping terminal unit.According to another exemplary
Embodiment, the bio information including the instruction content of the user relevant with safe mode can be identified, with
Safe mode is set.Such as, bio information can pass through Brain Computer Interface (BCI) or brain-machine
Interface (BMI) is identified.Content and the identification activity of safe mode can be mapped to each other and quilt
It is stored in advance in terminal unit.
Fig. 3 is the block diagram of the structure illustrating the security module 110 according to exemplary embodiment.With reference to Fig. 3,
Security module 110 includes encoder 111, encryption equipment 112, encryption information inserters 113, stream maker
114, voice bit stream extractor 115, encryption information extractor 116, decoding unit 117 (such as, solve
Close device) and decoder 118.
Encoder 111 carrys out the speech data of coding input, to generate voice ratio by using the algorithm preset
Special stream.Here, encoding and decoding algorithm can include various types of encoding and decoding algorithm, such as by standardization (ISO)
Standard encoding and decoding algorithm (such as, the motion that the international organization of/International Electrotechnical Commission (IEC) is proposed
The most G.722, motion picture expert group version (MPEG) audio frequency etc., wait G series standard encoding and decoding algorithm, independent
Or proprietary encoding and decoding algorithm etc..Voice bit stream can include the parameter for coding and coded data,
And their long form can change according to encoding and decoding algorithm.
As shown in Figure 4, voice bit stream can include header area 410, payload district 420 and auxiliary
District 430.Here, the district corresponding to auxiliary region 430 can be assigned to header area 410 and payload
The ad-hoc location in district 420.Header area 410 can include the information (example relevant to payload district 420
As, whether the data that instruction is included in payload district 420 are the information of speech data, instruction volume
The information etc. of decoding algorithm type).Payload district 420 can be included therein the voice number arranging coding
According to the field with the parameter for being decoded the speech data encoded, and auxiliary region 430 can be wrapped
Include as using the field retained in the future.It is arranged in the certain bits in header area 410 or payload district 420
The auxiliary region put can also include for using the field retained in the future.Header area 410, payload district 420
Can be restricted with the order of placement of each in auxiliary region 430 and maybe can be not limited.Additionally,
Multiple header areas, multiple payload district and multiple auxiliary region can be included and other districts can be added
Enter in voice bit stream, or the structure of voice bit stream can be according to the encoding and decoding algorithm of latest edition
And be changed.
At least some of data of the encryption equipment 112 voice bit stream to being generated by encoder 111 or encrypted
It is encrypted.It is included at least in the header area 410 of voice bit stream or payload district 420
Divided data can be encrypted, or at least some of data in header area and payload district can together with by
Encryption.According to another exemplary embodiment, at least some of data being included in auxiliary region can be added
Close.
Encryption equipment 112 can also generate or provide the encryption key for encryption.Here, encryption key can
To include foundation key and to add strong encryption keys.Foundation key can be symmetric key, unsymmetrical key or mixing
Key, and adding strong encryption keys can be the key to foundation key encryption, to the district encrypted by foundation key
The key of re-encrypted, or enable decode in the subscriber terminal equipment of specific receptor or decipher close
Key.
AES based on key can be used for encryption.It is right that the example of AES can include using
Claim key or the algorithm of private cipher key, use unsymmetrical key or the algorithm of public keys, mix and use
Symmetric key and the algorithm of unsymmetrical key, and quantum cryptography algorithm, it should be appreciated that one or many
Other exemplary embodiment individual is not limited to this.The algorithm using symmetric key or unsymmetrical key can make
Use stream encryption key, such as Rivest Cipher 4 (RC4), or block encryption key, such as Rivest
Cipher 5 (RC5), IDEA (IDEA), data encryption standards (DES), senior
Encryption standard (AES), ARIA, SEED, triple des (3DES) etc., it should be appreciated that,
Other exemplary embodiments one or more are not limited to this.Use unsymmetrical key or the calculation of public keys
Method can use Rivest, Shamir, Adleman (RSA) public keys, it will be appreciated that one
Other exemplary embodiments individual or multiple are not limited to this.
The add confidential information relevant to the encryption performed by encryption equipment 112 is inserted by encryption information inserters 113
To voice bit stream, to generate the voice bit stream of encryption.By adding that encryption information inserters 113 generates
Close voice bit stream can be provided to flow maker 114.Add confidential information and can be included in bit stream
Auxiliary region in.According to another exemplary embodiment, add confidential information and can be included in another of bit stream
Qu Zhong, such as, the district less on the quality impact recovering signal.Add confidential information and can include encryption key.
If encryption key is divided and is inserted in bit stream, then the division information of encryption key can be entered
One step is included.Add the encryption indicator that confidential information can also include that indication bit stream is the most encrypted.Add
Secret mark will can use certain synchronization bit.Encryption indicator can be inserted into the start bit in encrypted district
Put.Add confidential information and can also include the positional information of encrypted area.Positional information can include opening of encrypted area
Beginning position and end position.It addition, certain synchronization bit can be inserted into coding region starting position and
End position.If transmitters and receivers terminal unit is recognized in advance by the setting of safe mode
Encryption starts, then can need not or not include the encryption indicator added.If transmitters and receivers are eventually
End equipment recognizes the frame of predetermined number after encryption indicator being detected in advance and is encrypted by selectivity or preset
District encrypted, then can need not or not include the positional information added.Add confidential information can be included
In district in the bitstream, for example, it is possible to be included in auxiliary region, or can be distributed and inserted
Enter to multiple districts.
When performing communication in the secure mode, stream maker 114 generates voice transfer stream and transmission of video
Stream.Especially, the voice bit stream of encryption can be inserted into video transmission stream by stream maker 114.Existing
Stream maker 114 will be described more fully with reference to Fig. 5.As it is shown in figure 5, stream maker 114 is permissible
Including silence data maker 114-1, voice transfer stream maker 114-2, video transmission stream maker
114-3 and voice bit stream inserter 114-4.Silence data maker 114-1 generates language to be inserted into
Silence data in sound transmission stream.Voice transfer stream maker 114-2 can be by using by silence data
The silence data that maker 114-1 generates generates voice transfer stream, and is supplied to by voice transfer stream
Communication module 120.Video transmission stream maker 114-3 can generate video transmission stream, and speech bits
The voice bit stream of encryption can be inserted into video transmission stream by stream inserter 114-4, and to communication mould
Block 120 provides the video transmission stream of the voice bit stream being inserted into encryption.Voice bit stream inserter
114-4 can add and send the index that the voice bit stream of instruction encryption is included in video transmission stream
Information.
Here, stream maker 114 can send voice transfer stream and video transmission stream to communication module 120,
However, it should be understood that this is exemplary embodiment.Stream maker 114 can be with multiplexing (MUX) voice
Transmission stream and video transmission stream, to send integrated stream to communication module 120.
Referring again to Fig. 3, voice bit stream extractor 115 can be from regarding of being provided by communication module 120
Keep pouring in defeated stream and extract the voice bit stream of encryption.Here, voice bit stream extractor 115 can be by making
Index of reference information or the information that is included in header area 410 are to extract the voice bit stream of encryption.
The encryption information extractor 116 speech bits from the encryption extracted by voice bit stream extractor 115
Stream extracts and adds confidential information.
Decode unit 117 by use by encryption information extractor 116 extract add confidential information decode or
The voice bit stream of deciphering encryption.Here, decoding unit 117 can be included in by use and add confidential information
In encryption key perform decoding.Decode unit 117 can according to used by encryption equipment 112
The AES that AES is identical operates.
Decoder 118 can decode by decoding the bit stream that unit 117 is decoded.Decoder 118 can root
Operate according to the encoding and decoding algorithm identical with the encoding and decoding algorithm used by encoder 111.
The speech data of encryption can be sent and received by using security module 110 as above,
Without changing or updating the communication modem being included in subscriber terminal equipment.Furthermore, it is possible to prevent
The encryption information dropout changed due to the code in various communication environments and cause.
In above-mentioned exemplary embodiment, voice bit stream is encrypted after being encoded, but this is only
Exemplary embodiment, and it is to be understood that other exemplary embodiment one or more is not limited to this.
According to another exemplary embodiment, voice bit stream can be encrypted in the operation of default coded treatment.
Such as, coding can perform with Linear Estimation operation or quantization operation.Here, adding confidential information can be by
It is inserted into the auxiliary region 430 of voice bit stream, the reserved field of header area or untapped field.
It addition, in above-mentioned exemplary embodiment, voice bit stream is decoded afterwards being decrypted, but
This is only exemplary embodiment, and it is to be understood that other exemplary embodiment one or more does not limit
In this.According to another exemplary embodiment, decoding and the decoding of voice bit stream can perform simultaneously.Example
As, the decoding of voice bit stream can be held with the quantization operation of Linear Estimation decoding operation or decoding process
OK.
Additionally, in above-mentioned exemplary embodiment, add confidential information and can be inserted into voice bit stream then
Being sent, but this is only exemplary embodiment, and it is to be understood that one or more, other is exemplary
Embodiment is not limited to this.According to another exemplary embodiment, adding confidential information can be via additional packet
Or other transmission stream is sent.
Now with reference to Fig. 7 to Figure 13, the guarded communication side according to various exemplary embodiments is described
Method.
Fig. 7 is the guarded communication of the subscriber terminal equipment illustrating the transmitter according to exemplary embodiment
The flow chart of method.
In operation S710, subscriber terminal equipment 100 determines call the most in the secure mode.
Here, subscriber terminal equipment 100 can be by using another subscriber terminal equipment (that is, receiver user
Terminal unit) information determine call the most in the secure mode, this information is in communication link
Receive during receiving other subscriber terminal equipment.
If determining that call can not or will perform the most in the secure mode in operation S710, then behaviour
Make in S760, subscriber terminal equipment 100 under normal mode (that is, not to speech bits stream encryption) with
Other subscriber terminal equipment performs call.If determining that call may or will be in safety in operation S710
Under pattern perform, then operation S720 in, subscriber terminal equipment 100 by use mike receive or
The voice of capture user.
Operation S730 in, subscriber terminal equipment 100 generate and encrypt include corresponding with user speech
The voice bit stream of speech data.Now with reference to Fig. 8, the encryption voice according to exemplary embodiment is described
The method of bit stream.
In operation S810, subscriber terminal equipment 100 coded voice data is to generate voice bit stream.This
In, subscriber terminal equipment 100 can carry out coded voice data to generate voice by using the algorithm preset
Bit stream.Such as, subscriber terminal equipment 100 can be compiled by using various types of encoding and decoding algorithms
Code speech data, various types of encoding and decoding algorithms such as standard encoding and decoding algorithm is (such as, by ISO/IEC
The mpeg audio etc. recommended), G.722 G series standard encoding and decoding algorithm (such as, recommended by ITU-T
Deng), independent or proprietary encoding and decoding algorithm etc..
In operation S820, subscriber terminal equipment 100 encrypts at least some of voice bit stream.Here,
At least some of data being included in the header area of voice bit stream or payload district can be encrypted,
And at least some of data in header area and payload district can together with encrypted.According to another example
Property embodiment, at least some of data being included in auxiliary region can be encrypted.Subscriber terminal equipment 100
Can also generate or provide and add confidential information (such as, encryption key) for encrypt.
In operation S830, subscriber terminal equipment 100 will add confidential information and be inserted into voice bit stream.Here,
(such as, subscriber terminal equipment 100 can be inserted at least one district of voice bit stream by adding confidential information
Header area, payload district and a part for auxiliary region).Subscriber terminal equipment 100 can be according to such as reference
The method that Fig. 8 describes encrypts voice bit stream.
Referring again to Fig. 7, in operation S740, subscriber terminal equipment 100 is by the voice bit stream of encryption
It is inserted into video transmission stream.Here, silence data can also be inserted into voice by subscriber terminal equipment 100
Transmission stream.Instruction encryption voice bit stream can also be inserted into transmission of video by subscriber terminal equipment 100
Index information in stream is included in video transmission stream (such as, in voice bit stream).
In operation S750, video transmission stream is sent to separately by subscriber terminal equipment 100 by communication channel
One subscriber terminal equipment.
Fig. 9 is the guarded communication of the subscriber terminal equipment illustrating the receptor according to exemplary embodiment
The flow chart of method.
In operation S910, subscriber terminal equipment 100 determines whether call performs in the secure mode.
Here, subscriber terminal equipment 100 can be by using another subscriber terminal equipment (that is, accepter user
Terminal unit) information determine call the most in the secure mode, this information is in communication link
Receive during receiving other subscriber terminal equipment.
If determining that call performs the most in the secure mode in operation S910, then in operation S970,
Subscriber terminal equipment 100 is in the normal mode (that is, not to speech bits stream encryption) with other user eventually
End equipment performs call.If determining that call to perform in the secure mode in operation S910, then behaviour
Making in S920, subscriber terminal equipment 100 receives the video transmission stream of the voice bit stream including encryption.
In operation S930, subscriber terminal equipment 100 extracts the voice bit stream of encryption from video transmission stream.
Here, subscriber terminal equipment 100 by using index information or can be included in (example in video transmission stream
As, in the header area of voice bit stream) information extract the voice bit stream of encryption.User terminal sets
The voice bit stream of the encryption extracted from video transmission stream can be exported for 100 and be used for speech processes
Structure (such as, speech coder) rather than the structure for Video processing.
In operation S940, the voice bit stream of encryption is decoded or deciphered to subscriber terminal equipment 100.Here,
Subscriber terminal equipment 100 can carry out decrypted voice bit by using the decoding algorithm identical with AES
Stream.
In operation S950, subscriber terminal equipment 100 decodes the voice bit stream being decrypted.Here, use
Family terminal unit 100 can come by using the encoding and decoding algorithm identical with the encoding and decoding algorithm for coding
Decoded speech bit stream.
In operation S960, subscriber terminal equipment 100 exports speech data.Here, although user terminal
Equipment 100 performs guarded communication by the flow process (such as, operating process) using video calling,
But subscriber terminal equipment 100 can lead to by using normal talking output unit 151 rather than video
Words output unit 153, exports speech data.
Figure 10 is the precedence diagram illustrating the guarded communication method according to exemplary embodiment.
In operation S1005, first user terminal unit 100-1 and the second subscriber terminal equipment 100-2
Perform communication connection in the secure mode.Here, first user terminal unit 100-1 and the second user are eventually
End equipment 100-2 can check call the most in the secure mode in communications connection procedure, so
After perform communication connection the most in the secure mode.
In operation S1010, first user terminal unit 100-1 receives speech data.Here, voice
Data can be inputted by mike, but this is only exemplary embodiment, and it is to be understood that
Other exemplary embodiments one or more are not limited to this.Such as, speech data can be stored in and deposit
In storage media, it is then fed into.
In operation S1015, first user terminal unit 100-1 coded voice data is to generate voice ratio
Special stream.
In operation S1020, first user terminal unit 100-1 encrypts voice bit stream.In detail,
First user terminal unit 100-1 can encrypt at least be included in generated voice bit stream
Divided data, generates and adds confidential information, and insertion adds confidential information to encrypt voice bit stream.
In operation S1025, voice bit stream is inserted into video and passes by first user terminal unit 100-1
Defeated stream.
In operation S1030, video transmission stream is sent to the second use by first user terminal unit 100-1
Family terminal unit 100-2.
In operation S1035, the second subscriber terminal equipment 100-2 extracts the language of encryption from video transmission stream
Sound bit stream.
In operation S1040, the second subscriber terminal equipment 100-2 decodes or the speech bits of deciphering encryption
Stream.In detail, the second subscriber terminal equipment 100-2 can extract from the voice bit stream of encryption and add secret letter
Breath, and by using the confidential information that adds extracted to decode voice bit stream.
In operation S1045, the second subscriber terminal equipment 100-2 decoded speech bit stream is to obtain voice
Data.
Speech data in operation S1050, acquired in the second subscriber terminal equipment 100-2 output.This
In, although perform to use during call the flow process (such as, operating process) of video calling in the secure mode,
But acquired speech data can be exported normal talking output by the second subscriber terminal equipment 100-2
Unit 151 rather than video calling output unit 153.
According to various example embodiment as above, the speech data of encryption can be sent and received,
Without changing or updating the communication modem being included in subscriber terminal equipment.At various communication environments
In, it is possible to prevent the encryption information dropout caused due to code conversion, and can be in the most more new traffic
Guarded communication for speech data is provided in the case of system between subscriber terminal equipment.
In above-mentioned exemplary embodiment, if the speech coder being included in communication modem is not
Support safe mode, then other structure (such as, application processor etc.) can encrypt speech bits
Stream, and the voice bit stream of encryption is inserted into video transmission stream.But, this is only an example
Property embodiment, and it is to be understood that other exemplary embodiment one or more is not limited to this.If
The speech coder being included in communication modem supports safe mode, the then voice bit stream encrypted
Voice transfer stream can be inserted into, be then communicated to another subscriber terminal equipment.
Now with reference to Figure 11, the protected of the subscriber terminal equipment according to another exemplary embodiment is described
The method of communication.
With reference to Figure 11, in operation S1110, first user terminal unit 100-1 is from the second user terminal
Equipment 100-2 receives the voice bit stream of encryption, and wherein, voice bit stream is added by voice transfer stream
Close.Here, voice transfer stream can include the flag information indicating voice bit stream encrypted.
In operation S1120, first user terminal unit 100-1 determines whether it is likely that and identifies encryption
Voice bit stream.Here, if it is indicated that the encrypted flag information of voice bit stream is identified or generation
Code conversion is supported for identifying the voice bit stream of encryption, then first user terminal unit 100-1 on network
May determine that the voice bit stream likely identifying encryption.
If determining the voice bit stream likely identifying encryption in operation S1120, then at operation S1130
In, first user terminal unit 100-1 under the first safe mode with the second subscriber terminal equipment 100-2
Converse.If determining the voice bit stream that can not identify encryption in operation S1120, then behaviour
Making in S1140, first user terminal unit 100-1 sets with the second user terminal under the second safe mode
Standby 100-2 converses.Here, the first safe mode refers to that the voice bit stream encrypted wherein is passed through
The safe mode that voice transfer stream is sent, and the second safe mode refers to the voice ratio encrypted wherein
The safe mode that special stream is sent by video transmission stream.
Now with reference to Figure 12 describe as described in the operation S1140 of Figure 11 in the second safe mode
The lower method carrying out conversing with the second subscriber terminal equipment 100-2.
If determining in operation S1120 and can not identifying to be inserted into and connect from the second user terminal 100-2
The voice bit stream of the encryption in the voice transfer stream received, then, in operation S1210, first user is eventually
End equipment 100-1 shows the user interface (UI) for carrying out conversing in the second safe mode, and passes through
UI receives the user command for selecting the second safe mode.Such as, first user terminal unit 100-1
The icon 1310 selecting the UI for performing guarded communication under the second safe mode can be received
User command, as shown in figure 13.Here, first user terminal unit can show and includes that instruction can not
The UI of the message of the voice bit stream of encryption can be identified.
In operation S1220, first user terminal unit 100-1 is switched to the second safe mode.Here,
Second safe mode refers to that the voice bit stream encrypted wherein is inserted into video transmission stream to carry out being protected
The pattern of the call protected.
In operation S1230, first user terminal unit 100-1 opens speech capturing function and closes
Video Capture function.In other words, although first user terminal unit 100-1 uses video transmission stream,
But need not capture video.Therefore, first user terminal unit 100-1 can close camera model 130
To close Video Capture function.
In operation S1240, first user terminal unit 100-1 is by using safe mode voice coding
Device compresses the user speech of input.This has been described above being described in detail with reference to Fig. 3, therefore below
Omit its repetitive description.
In operation S1250, first user terminal unit 100-1 changes the voice bit stream of output encryption
Port.In detail, first user terminal unit 100-1 can be by the voice bit stream of output encryption
Port changes to video port from voice port.
In operation S1260, the voice bit stream of encryption is inserted into by first user terminal unit 100-1
Video transmission stream.
In operation S1270, video transmission stream is sent to the second use by first user terminal unit 100-1
Family terminal unit 100-2.
Therefore, if encryption voice bit stream due to system change (such as, the change of network, from
3G change arrive 4G etc.) and cannot be identified, then the voice bit stream encrypted is sent out by video transmission stream
Send, in order to not the change of guard system and continue executing with guarded communication.
Retouch now with reference to Figure 14 A and Figure 14 B, Figure 15 A and Figure 15 B and Figure 16 A and Figure 16 B
State transmission voice transfer stream and the method for video transmission stream.
It is said that in general, as shown in Figure 14 A, subscriber terminal equipment 100 can be sent out within the 100ms time period
Send five voice transfer stream s1 to s5 and three video transmission stream Bt1 to Bt3.But, according to exemplary
Embodiment, as shown in Figure 14B, (such as, subscriber terminal equipment 100 can arrange one section of Preset Time
For 13.33ms) buffer space, thus relative to voice transfer flow delay and send video transmission stream and reach pre-
If the time.
In detail, as shown in fig. 15, if transmitter subscriber terminal equipment send voice transfer stream and
Video transmission stream, then initial buffer can be set to 100ms by the subscriber terminal equipment of receptor,
With simultaneous voice transmission stream and video transmission stream.
But, according to exemplary embodiment, as shown in fig. 15b, if the subscriber terminal equipment of transmitter
Postpone and send video transmission stream to reach Preset Time (such as, reach 13.33ms), then after voice transfer stream
Buffer space can be set to be shorter than the 46.66ms of 100ms by the subscriber terminal equipment of receptor, with same
Step voice transfer stream and video transmission stream.
In other words, as it has been described above, the subscriber terminal equipment of transmitter can postpone after voice transfer stream
And send video transmission stream and reach Preset Time.Therefore, the subscriber terminal equipment of receptor can reduce and is used for
Simultaneous voice transmission stream and the initial buffer interval of video transmission stream.
In more detail, the subscriber terminal equipment of transmitter can postpone after voice transfer stream and send video
Transmission stream reaches 13.33ms.Here, voice transfer stream s1 and s2 is Tong Bu with video transmission stream Bt1, voice
Stream s3 and s4 is Tong Bu with video transmission stream Bt2 in transmission, and voice transfer stream s5 and video transmission stream Bt3
Synchronize.
Additionally, the subscriber terminal equipment of receptor can postpone and receive video transmission stream and voice transfer stream
Reach 46.66ms, in order to synchronization video transmission stream and voice transfer stream.Here, when receiving video transmission stream
During Br1, a part (that is, the part of 6.66ms) of voice transfer stream s2 can retain.When reception regards
When keeping pouring in defeated stream Br2, a part (such as, the part of 13.33ms) of voice transfer stream s4 can be protected
Stay.But, when receiving video transmission stream Br3, the whole part of voice transfer stream s5 can be received.
In other words, the subscriber terminal equipment of transmitter can postpone concurrent sending voice transmission stream and video transmission stream
Reach 13.33, and the subscriber terminal equipment of therefore receptor can have minimum initial buffer interval
46.66ms。
Figure 17 A is to illustrate to be inserted into voice transfer according to exemplary embodiment when carrying out normal talking
The figure of the data of stream and video transmission stream.As shown in Figure 17 A, when carrying out normal talking, speech bits
Stream can be inserted into voice transfer stream, and video bit stream can be inserted into video transmission stream.Change
Sentence is talked about, and when carrying out normal talking, does not include the flag information indicating voice bit stream encrypted.
Figure 17 B is to illustrate being inserted when conversing under the second safe mode according to exemplary embodiment
Enter to voice transfer stream and the figure of the data of video transmission stream.As seen in this fig. 17b, instruction voice bit stream
Flag information that is encrypted and/or that be included in video transmission stream can be inserted into voice transfer stream, and
And encrypted voice bit stream can be inserted into video transmission stream.In other words, receiver terminal sets
For sensing, detect or obtain the flag information being inserted in voice transfer stream, with in the second safety
The communication with another subscriber terminal equipment is performed under pattern.
Figure 18 A is to illustrate that the video that high quality audio data is inserted into according to another exemplary embodiment passes
Defeated stream is to send the figure of the method for high quality audio data.As shown in Figure 18 A, voice bit stream can be by
It is inserted into voice transfer stream, and video bit stream and audio bitstream can be inserted into video transmission stream.
In other words, as in related art method, user speech can send by using voice transfer stream,
And video data and high quality audio data (such as, background music etc.) can pass by using video
Defeated stream sends to enable high-quality session services together.
Figure 18 B be illustrate according to another exemplary embodiment control information is inserted into voice transfer stream with
Send the figure of the method for control information.As shown in figure 18b, the control information (example of the voice bit stream of encryption
As, add confidential information) can be inserted into voice transfer stream (individually or also have other data, such as
Silence data), and the voice bit stream encrypted can be inserted into video transmission stream.In other words, when
When conversing under the second safe mode, various types of information can be inserted into sky to be sent
Video transmission stream.It is understood, however, that according to another exemplary embodiment, add confidential information permissible
It is included in video transmission stream (such as, in voice bit stream).In this case, silence data or
Person's sky data can be included in voice transfer flow of information.
Equipment according to exemplary embodiment can include the UI equipment of such as processor, stores and performs journey
The memorizer of ordinal number evidence, the permanent storage of such as disk drive, with the communication ends of external device communication
Mouthful, touch panel, key, button etc..The method being implemented as software module or algorithm etc. can be stored
For the computer-readable code that can be performed by processor on computer readable recording medium storing program for performing or programmed instruction.
Here, the example of computer readable recording medium storing program for performing includes magnetic storage medium (such as, read only memory
(ROM), random access memory (RAM), floppy disk, hard disk etc.) and optical recording media (optical
Reading medium) (such as CD-ROM, digital versatile disc (DVD) etc.) etc..Computer can
Read record medium can store and perform the department of computer science being distributed to be connected to each other by network in a distributed fashion
Computer-readable code on system, that read by computer.Medium can be read by computer, is stored in
In memorizer, and run by processor.
Exemplary embodiment can be embodied as functional device structure and various process operation.Functional device can
It is embodied as running software and/or the software configuration of the various numbers of specific function.Such as, exemplary
Embodiment can use integrated circuit (IC) structure, such as, in the control of one or more microprocessors
Down or run the memorizer of various function, treatment element, logic basis by other type of control equipment
Part, look-up table etc..Similar element can be run as software programming or software element, exemplary enforcement
Example can include various types of algorithm, and it utilizes data structure, process, routine and other programming structure
Combination and realize, in order to be specifically implemented as such as C, C++, Java, assembly program etc. programming or
Script.Function aspects can be typically embodied as the algorithm for being run by one or more processors.Show
Example embodiment can use prior art to process for electronic environment setting, signal processing and/or data
Deng.Such as the term of " machine-processed ", " element, " " equipment " and " structure " can be widely used, and
And it is not limited to machinery and physical arrangement.Term can be linked to processor etc., a series of soft to include
The implication of part routine.
The specific run described in the exemplary embodiment is exemplary, and is not intended to technical scope.
For the convenience of this specification, for other of existing electronic structure, control system, software and system
The explanation of function aspects can be omitted.It addition, the line between the element shown in figure or connection structure
Part exemplarily indicates function to connect and/or physically or electrically road connects.Therefore, in actual equipment, even
Line or connecting elements may indicate that the connection of the most various function, physical connection or circuit
Connect.
The instruction terms such as the term " described " used in this specification (especially in claim) can
With corresponding to odd number or plural number.If additionally, describe scope, then scope include individually being worth (if
Explanation the most on the contrary).Therefore, each value of scope is illustrated in detailed description effectively.The behaviour of method
The order made can be explicitly described, or without description, then operation can come in the proper sequence
Perform.But, the order of these operations is not limited to this.All examples or exemplary term are (such as,
Deng) use be to conceive just to description technique, and therefore, the scope of claims is not by this
A little examples or the restriction of exemplary term, but be defined by the claims.
Foregoing example embodiment and advantage are merely exemplary, are not necessarily to be construed as limiting.This teaching
Other type of device can be readily applied to.Additionally, the description of exemplary embodiment is intended to explanation
Property rather than the scope that limits claim, and many replace, modifications and variations are to this area skill
Will be apparent from for art personnel.
Claims (15)
1. the method being performed guarded communication by subscriber terminal equipment, described method includes:
Encryption includes and under the safe mode between subscriber terminal equipment and another subscriber terminal equipment
The first voice bit stream of the corresponding speech data of the user speech of call;
First voice bit stream of encryption is inserted into the first video transmission stream;And
The first video transmission stream inserting the first voice bit stream of encryption is sent to other user terminal
Equipment.
The most the method for claim 1, wherein encrypt the first voice bit stream to include:
Encode the speech data corresponding with user speech to generate the first voice bit stream;
Encrypt at least some of data of the first voice bit stream;And
The confidential information that adds being used for encryption is inserted into the first voice bit stream.
3. method as claimed in claim 2, wherein, the first voice bit stream includes:
Header area, is included in the information in the first voice bit stream including instruction speech data;And
Payload district, including being coded of speech data.
4. method as claimed in claim 3, wherein, encrypts at least some of data and includes encrypting first
The payload district of voice bit stream.
5. method as claimed in claim 3, wherein:
First voice bit stream also includes auxiliary region;And
Add confidential information to be inserted in the header area of the first voice bit stream, payload district and auxiliary region
At least one.
6. method as claimed in claim 2, wherein, described encrypted message packet include encryption key, first
At least one in the position of the encryption section of voice bit stream and encryption algorithm type.
7. the method for claim 1, also includes:
Generate the voice transfer stream including silence data;And
The voice transfer stream generated is sent to other subscriber terminal equipment.
8. the method for claim 1, also includes:
Generate the voice transfer stream adding confidential information included for encryption;And
The voice transfer stream generated is sent to other subscriber terminal equipment.
9. the method for claim 1, also includes:
In response to receiving the second voice bit stream inserting encryption when performing call in the secure mode
The second video transmission stream, by use safe mode speech coder process receive second video pass
Defeated stream.
10. method as claimed in claim 9, wherein, processes the second video transmission stream bag received
Include:
The second voice bit stream of encryption is extracted from the second video transmission stream received;
The encryption of the second voice bit stream encrypted for deciphering is obtained from the second voice bit stream extracted
Information;
The second voice bit stream encrypted is deciphered based on the confidential information that adds obtained;And
The second voice bit stream that decoding has been deciphered is to export speech data.
11. methods as claimed in claim 10, also include, logical in response to perform in the secure mode
Words, close camera model and the video calling output unit of subscriber terminal equipment, and use normal talking
Output unit exports the speech data of the second video transmission stream received.
12. the method for claim 1, wherein for the call under safe mode, by making
Speech data is processed, institute with the application processor of the communication modem being different from subscriber terminal equipment
State the communication modem of subscriber terminal equipment for processing the voice number of the call under normal mode
According to.
13. 1 kinds of subscriber terminal equipments, including:
Security module, be configured to encryption include with for setting at subscriber terminal equipment and another user terminal
First speech bits of the speech data that the user speech of the call under safe mode between Bei is corresponding
Stream, and the first voice bit stream of encryption is inserted into the first video transmission stream;And
Communication module, is configured to the first video transmission stream of the first voice bit stream by inserting encryption
It is sent to other subscriber terminal equipment.
14. subscriber terminal equipments as claimed in claim 13, wherein, described security module includes:
Encoder, is configured to encode the speech data corresponding with user speech to generate the first voice ratio
Special stream;
Encryption equipment, is configured to encrypt at least some of data of the first voice bit stream;And
Encryption information inserters, is configured to the confidential information that adds being used for encryption is inserted into the first speech bits
Stream.
15. subscriber terminal equipments as claimed in claim 14, wherein, the first voice bit stream includes:
Header area, is included in the information in the first voice bit stream including instruction speech data;And
Payload district, including being coded of speech data.
Applications Claiming Priority (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR10-2014-0011479 | 2014-01-29 | ||
KR20140011479 | 2014-01-29 | ||
KR1020140138570A KR102092756B1 (en) | 2014-01-29 | 2014-10-14 | User terminal Device and Method for secured communication therof |
KR10-2014-0138570 | 2014-10-14 | ||
PCT/KR2015/000912 WO2015115798A1 (en) | 2014-01-29 | 2015-01-28 | User terminal device and secured communication method thereof |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105960811A true CN105960811A (en) | 2016-09-21 |
CN105960811B CN105960811B (en) | 2019-12-03 |
Family
ID=53885448
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201580006388.9A Expired - Fee Related CN105960811B (en) | 2014-01-29 | 2015-01-28 | Subscriber terminal equipment and its guarded communication method |
Country Status (3)
Country | Link |
---|---|
KR (1) | KR102092756B1 (en) |
CN (1) | CN105960811B (en) |
GB (1) | GB2545529A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106412312A (en) * | 2016-10-19 | 2017-02-15 | 北京奇虎科技有限公司 | Method and system for automatically awakening camera shooting function of intelligent terminal, and intelligent terminal |
CN107659400A (en) * | 2017-09-29 | 2018-02-02 | 厦门科华恒盛股份有限公司 | A kind of quantum secret communication method and device based on mark identification |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101909700B1 (en) * | 2017-10-11 | 2018-10-18 | 한국전자통신연구원 | VoLTE TERMINAL AND VOICE COMMUNICATION PROTECTION METHOD USING THE SAME |
KR102555680B1 (en) * | 2020-11-06 | 2023-07-17 | 카페24 주식회사 | Method, Apparatus and System for Image Processing For Protecting Portrait Rights |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6256491B1 (en) * | 1997-12-31 | 2001-07-03 | Transcript International, Inc. | Voice security between a composite channel telephone communications link and a telephone |
CN201197180Y (en) * | 2008-02-21 | 2009-02-18 | 上海迅特电子科技有限公司 | Network video processing apparatus |
US20090259460A1 (en) * | 2008-04-10 | 2009-10-15 | City University Of Hong Kong | Silence-based adaptive real-time voice and video transmission methods and system |
US20110293021A1 (en) * | 2010-05-28 | 2011-12-01 | Jayant Kotalwar | Prevent audio loss in the spliced content generated by the packet level video splicer |
CN102857341A (en) * | 2011-06-28 | 2013-01-02 | 联芯科技有限公司 | Communication method for encrypted call |
CN102882831A (en) * | 2011-07-11 | 2013-01-16 | 联芯科技有限公司 | Method for controlling terminal to enter secret communication, secret communication method and terminal |
CN202818616U (en) * | 2012-08-14 | 2013-03-20 | 福建伊时代信息科技股份有限公司 | Voice communication device and system |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR100417125B1 (en) * | 2002-08-07 | 2004-02-05 | 주식회사 팬택앤큐리텔 | Method for Automatically Entering Secured Voice Communication Mode of Wireless Communication Terminal |
FR2862835B1 (en) * | 2003-11-24 | 2006-04-14 | Medialive | SECURED AND CUSTOMIZED DIFFUSION OF AUDIOVISUAL FLOWS BY A UNICAST / MULTICAST HYBRID SYSTEM |
KR100763464B1 (en) * | 2003-12-16 | 2007-10-04 | 김기호 | Method of exchanging secret key for secured communication |
US9172493B2 (en) * | 2006-12-18 | 2015-10-27 | International Business Machines Corporation | Caller-identity based security |
KR20100007738A (en) * | 2008-07-14 | 2010-01-22 | 한국전자통신연구원 | Apparatus for encoding and decoding of integrated voice and music |
KR101297936B1 (en) * | 2012-06-08 | 2013-08-19 | 가톨릭대학교 산학협력단 | Method for security communication between mobile terminals and apparatus for thereof |
-
2014
- 2014-10-14 KR KR1020140138570A patent/KR102092756B1/en active IP Right Grant
-
2015
- 2015-01-28 CN CN201580006388.9A patent/CN105960811B/en not_active Expired - Fee Related
- 2015-01-28 GB GB1613388.6A patent/GB2545529A/en not_active Withdrawn
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6256491B1 (en) * | 1997-12-31 | 2001-07-03 | Transcript International, Inc. | Voice security between a composite channel telephone communications link and a telephone |
CN201197180Y (en) * | 2008-02-21 | 2009-02-18 | 上海迅特电子科技有限公司 | Network video processing apparatus |
US20090259460A1 (en) * | 2008-04-10 | 2009-10-15 | City University Of Hong Kong | Silence-based adaptive real-time voice and video transmission methods and system |
US20110293021A1 (en) * | 2010-05-28 | 2011-12-01 | Jayant Kotalwar | Prevent audio loss in the spliced content generated by the packet level video splicer |
CN102857341A (en) * | 2011-06-28 | 2013-01-02 | 联芯科技有限公司 | Communication method for encrypted call |
CN102882831A (en) * | 2011-07-11 | 2013-01-16 | 联芯科技有限公司 | Method for controlling terminal to enter secret communication, secret communication method and terminal |
CN202818616U (en) * | 2012-08-14 | 2013-03-20 | 福建伊时代信息科技股份有限公司 | Voice communication device and system |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106412312A (en) * | 2016-10-19 | 2017-02-15 | 北京奇虎科技有限公司 | Method and system for automatically awakening camera shooting function of intelligent terminal, and intelligent terminal |
CN107659400A (en) * | 2017-09-29 | 2018-02-02 | 厦门科华恒盛股份有限公司 | A kind of quantum secret communication method and device based on mark identification |
CN107659400B (en) * | 2017-09-29 | 2020-08-28 | 科华恒盛股份有限公司 | Quantum secret communication method and device based on identification recognition |
Also Published As
Publication number | Publication date |
---|---|
GB2545529A (en) | 2017-06-21 |
KR102092756B1 (en) | 2020-03-24 |
KR20150090817A (en) | 2015-08-06 |
CN105960811B (en) | 2019-12-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP6592570B2 (en) | Transmitter | |
CN105981327B (en) | Safety communicating method and equipment and the multimedia device for using this method and equipment | |
CN102438241B (en) | To NAS signaling decryption device and method in a kind of LTE protocol monitoring analysis | |
US20150215112A1 (en) | User terminal device and secured communication method thereof | |
CN105960811A (en) | User terminal device and secured communication method thereof | |
EP3082291B1 (en) | Secure communication method and apparatus and multimedia device employing same | |
CN109561056B (en) | Secret communication method, system, mobile terminal and wearable device | |
JP6596131B2 (en) | Transmitting apparatus, receiving apparatus and conditional access system | |
CN104581714A (en) | Method for encrypting speech on basis of TD-SCDMA (time division-synchronization code division multiple access) circuit domains | |
CN101242453B (en) | A transmission method and system for dual-audio multi-frequency signal | |
KR20150071958A (en) | Method and apparatus for secure voice call | |
JP6539388B2 (en) | Transmitter, receiver and conditional access system | |
JP6543396B2 (en) | Transmitter, receiver and conditional access system | |
CN101924905A (en) | Method and system for encrypting and decrypting in video telephone communication | |
EP4362515A1 (en) | Authentication method and apparatus | |
JP6596130B2 (en) | Transmitting apparatus, receiving apparatus and conditional access system | |
CN106533686A (en) | Encryption communication method and system, communication unit and client | |
TWI287767B (en) | Encryption device and method, decryption device and method, integrity authentication code generation device and method, integrity authentication code auxiliary device, integrity recognition device, and wireless communication device | |
CN115643014A (en) | Voice secret transmission method in earphone set and encryption earphone | |
CN115604033A (en) | Micro service system access control method, device, equipment and storage medium | |
CN113438142A (en) | Communication method, communication system and storage system | |
Zhang et al. | Research on end-to-end encryption of TETRA |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20191203 |