CN108271132B - Voice encryption telephone calling method - Google Patents
Voice encryption telephone calling method Download PDFInfo
- Publication number
- CN108271132B CN108271132B CN201611261223.9A CN201611261223A CN108271132B CN 108271132 B CN108271132 B CN 108271132B CN 201611261223 A CN201611261223 A CN 201611261223A CN 108271132 B CN108271132 B CN 108271132B
- Authority
- CN
- China
- Prior art keywords
- terminal
- calling
- encrypted
- control module
- gateway control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/16—Communication-related supplementary services, e.g. call-transfer or call-hold
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Telephonic Communication Services (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephone Function (AREA)
Abstract
The invention provides a voice encryption telephone calling method and a voice encryption telephone calling system, which are used for completing voice encryption telephone calling indication on a signaling plane and unifying 3G and 4G encryption telephone calling flows by a calling processing method for carrying out key negotiation on a media plane. The method and the device can realize that the 4G encryption terminal dials the encrypted voice telephone to the 3G encryption terminal, meet the requirement that a 4G encryption telephone user dials the encrypted telephone to a 3G encryption telephone user, and improve user experience.
Description
Technical Field
The invention relates to the technical field of information security of mobile communication systems, in particular to a voice encryption telephone calling method.
Background
At present, in order to improve the security of voice telephone of users and ensure that the content of the call between the calling and called users is not intercepted by attackers, traditional telecom operators and many communication and internet companies provide voice encryption telephones. The end-to-end voice encryption telephone is a technology for encrypting and decrypting voice, and can realize the encryption transmission of voice signals in an air interface and a core network, thereby increasing the security of voice communication of a user.
On the basis of the traditional voice telephone, the voice encryption telephone acquires a session key through negotiation between a calling terminal and a called terminal by a key negotiation technology, and performs end-to-end whole-course encryption on the conversation content by using the negotiated session key. The session key is disposable, and after the conversation is finished, the session key is deleted immediately. The voice encryption telephone is carried out between the two encryption mobile phones, and the encryption mobile phone and the common non-encryption mobile phone cannot communicate with each other.
In recent years, circuit domain voice encryption telephones based on a 3G network and voice encryption telephones based on a 4G network are introduced by domestic operators. The voice encryption telephone can be carried out between two 3G encryption terminals or two 4G encryption terminals, and cannot be carried out between a 3G circuit domain encryption terminal and a 4G encryption terminal.
Disclosure of Invention
The present invention overcomes or at least partially solves the above-identified problems by providing a voice encrypted telephone call method and system.
According to an aspect of the present invention, there is provided a voice encryption phone call method, including:
step 1, receiving encrypted call request information of a 4G call terminal, mapping the call request information into initial address request information, adding a first encryption indicating bit in the initial address request information, and sending the initial address request information to a 3G called terminal;
step 2, the 3G called terminal confirms that the called terminal supports encrypted calling, adds a second encryption indicating bit in the address full information and sends the address full information to the 4G calling terminal;
step 3, the 4G calling terminal confirms that the 3G called terminal supports encrypted calling based on the second encryption indicating bit; and the 4G calling terminal and the 3G called terminal carry out encrypted conversation.
The application provides a voice encryption telephone calling method, which is a call processing method for completing voice encryption telephone calling indication on a signaling plane and performing key negotiation on a media plane to unify 3G and 4G encryption telephone calling flows. The method and the device can realize that the 4G encryption terminal dials the encrypted voice telephone to the 3G encryption terminal, meet the requirement that a 4G encryption telephone user dials the encrypted telephone to a 3G encryption telephone user, and improve user experience.
Drawings
Fig. 1 is a schematic overall flow chart of a voice encryption telephone call method according to an embodiment of the present invention;
fig. 2 is a flow chart illustrating a method for a voice encrypted telephone call according to an embodiment of the present invention.
Detailed Description
The following detailed description of embodiments of the present invention is provided in connection with the accompanying drawings and examples. The following examples are intended to illustrate the invention but are not intended to limit the scope of the invention.
In order to improve the security of voice telephone of users and ensure that the contents of the call between the calling and called users are not intercepted by attackers, traditional telecom operators and many communication and internet companies have introduced voice encryption telephones. The end-to-end voice encryption telephone is a technology for encrypting and decrypting voice, and can realize the encryption transmission of voice signals in an air interface and a core network, thereby increasing the security of voice communication of a user.
On the basis of the traditional voice telephone, the voice encryption telephone acquires a session key through negotiation between a calling terminal and a called terminal by a key negotiation technology, and performs end-to-end whole-course encryption on the conversation content by using the negotiated session key. The session key is disposable, and after the conversation is finished, the session key is deleted immediately. The voice encryption telephone is carried out between the two encryption mobile phones, and the encryption mobile phone and the common non-encryption mobile phone cannot communicate with each other.
In recent years, circuit domain voice encryption telephones based on a 3G network and voice encryption telephones based on a 4G network are introduced by domestic operators. The voice encryption telephone can be carried out between two 3G encryption terminals or two 4G encryption terminals, and cannot be carried out between a 3G circuit domain encryption terminal and a 4G encryption terminal.
The 3G circuit domain voice encryption telephone is a voice encryption telephone based on a 3G CDMA network. The calling party initiates an encrypted call to the called party, and the telephone is connected through the network in a common plaintext telephone mode to call to the called party. After the called party answers, the calling and called encryption terminals firstly establish a plaintext voice channel on the media surface, indicate the call as an encrypted call through the channel, and then negotiate a session key for the call. After the key agreement is successful, the user can start the encrypted call.
In the system, the encrypted call indication is transmitted through a media plane, and the key agreement is realized through the media plane.
The 4G voice encryption telephone is a voice encryption telephone based on a 4G VoLTE network. The calling party initiates an encrypted call to the called party, and the telephone is connected through the network in an encrypted telephone mode and calls the called party. After the called user answers, the encryption terminal of the calling and the called establishes a plaintext voice channel on the media surface, and then starts the session key negotiation directly through the channel. After the key agreement is successful, the user can start the encrypted call.
Unlike 3G circuit domain voice encryption telephones, the encrypted call indication of 4G voice encryption telephones is transmitted through a signaling plane, and the key agreement is realized through a media plane.
In order to realize 4G to 3G voice encryption telephone calls, the patent proposes a call processing method for completing voice encryption telephone call indication on a signaling plane and performing key negotiation on a media plane to unify 3G and 4G encryption telephone call flows. This puts new processing requirements on the network equipment, protocols and terminals of the encrypted telephone system, including the following:
1. when the core network MGCF network element maps the IMS SIP message and the No. 7 signaling, the mapping of the voice encryption telephone indication information can be completed.
2. The user part of the signaling message No. 7 needs to add a new bit indicator bit for indicating the encrypted call to the opposite end.
3. The 3G encryption terminal should support processing of improved signaling No. 7 (IAM and ACM), and be able to receive and respond to the encrypted phone indication information in the signaling plane.
4. The 4G encryption terminal should support processing the improved 180Ring message, and determine the state of the 3G encryption terminal according to the encryption call indication information therein.
Referring to fig. 1, in an embodiment of the present invention, an overall flow diagram of a voice encrypted telephone call method is shown. In general, the method comprises the following steps: step 1, receiving encrypted call request information of a 4G call terminal, mapping the call request information into initial address request information, adding a first encryption indicating bit in the initial address request information, and sending the initial address request information to a 3G called terminal; step 2, the 3G called terminal confirms that the called terminal supports encrypted calling, adds a second encryption indicating bit in the address full information and sends the address full information to the 4G calling terminal; step 3, the 4G calling terminal confirms that the 3G called terminal supports encrypted calling based on the second encryption indicating bit; and the 4G calling terminal and the 3G called terminal carry out encrypted conversation.
In another embodiment of the present invention, a voice encrypted telephone calling method further includes, before step 1:
s01, the 4G calling terminal sends the encrypted calling request information to the 4G VoLTE IMS core network.
In another embodiment of the present invention, a voice encrypted telephone calling method further includes, after S01:
s02, the proxy call session control module applies for the encrypted call request for conversation resources and sends the encrypted call request to the call session control module;
and S03, the call session control module confirms that the ENUM or DNS does not acquire the called address, and sends the encrypted call request to the media gateway control module through the exit gateway control module.
In another embodiment of the present invention, a method for calling a voice encrypted phone, where sending the initial address request message to a 3G called terminal in step 1 further includes: and sending the initial address request information to the 3G called terminal through a gateway mobile switching center and a visited mobile wireless office.
In another embodiment of the present invention, a voice encrypted telephone calling method further includes, after step 2: the 4G calling terminal and the media gateway control module perform resource reservation; and the media gateway control module sends a resource reservation completion message to the 3G called terminal.
In another embodiment of the present invention, a method for calling a voice encrypted phone, where sending the address complete information to the 4G calling terminal in step 2 further includes: sending the address full information to a media gateway control function module; and the media gateway control function module maps the address full information into 180Ring information and sends the 180Ring information to the 4G calling terminal.
In another embodiment of the present invention, a voice encryption telephone calling method, the step 3 of performing encryption communication between a 4G calling terminal and a 3G called terminal further includes: establishing a media channel between the 4G calling terminal and the 3G called terminal; the 4G calling terminal and the 3G called terminal exchange respective secret keys by using the media channel, and encrypt and decrypt conversation voice contents by using the secret keys; and the 4G calling terminal and the 3G called terminal carry out encrypted communication.
In another embodiment of the present invention, a method for voice encrypted telephone call, where the step 4G of reserving resources between the calling terminal and the media gateway control module further includes:
the media gateway control module returns a 183Session Progress message to the 4G calling terminal to perform media negotiation and resource reservation;
the 4G calling terminal performs media negotiation and resource reservation with the media gateway control module through PRACK or UPDATE;
and the media gateway control module receives the PRACK or UPDATE message, sends a 200OK confirmation message to the 4G calling terminal and sends a COT conduction detection message to the 3G called terminal.
In another embodiment of the present invention, a voice encryption telephone calling method, the step of establishing a media channel between the 4G calling terminal and the 3G called terminal further includes:
after the 3G called terminal is off-hook, the 3G called terminal sends a answering response message to the 4G calling terminal to prepare for establishing a media plane channel; the answering response message is mapped into a 200OK confirmation message by the media gateway control function module and is sent to the 4G calling terminal;
and after receiving the 200OK confirmation message, the 4G calling terminal sends a confirmation character to the media gateway control function module for confirmation.
Referring to fig. 2, in yet another embodiment of the present invention, a voice encrypted telephone call method is shown, comprising the following steps.
When the 4G calling encryption terminal UE A dials a voice encryption telephone to the 3G encryption terminal UE B, the INVITE message sent by the UE A to the 4G VoLTE IMS core network carries encryption telephone indication information to indicate that the call is an encryption call.
The calling SBC/P-CSCF (proxy call session control function) applies for the UE A for the call resources, and after the application is finished, the call request of the UE A is forwarded to the calling S-CSCF ().
After calling S-CSCF inquires ENUM/DNS to obtain called address, it sends INVITE message to BGCF (exit gateway control function), and then BGCF sends call to MGCF (media gateway control function).
The MGCF of the calling party maps the INVITE message to an IAM (initial address request message) message and then sends it to the called terminal UE B. Here, MGCF needs to add a new bit indicator to the user part of IAM message to indicate the current call to UE B as an encrypted call. The IAM message is forwarded to UE B via GMSC (gateway mobile switching center), VMSC (visited mobile radio office).
The calling MGCF returns 183Session Progress message to UE A for media negotiation and resource reservation.
Calling UE A carries out media negotiation and resource reservation with MGCF through PRACK or UPDATE. MGCF receives PRACK or UPDATE message sent by UE A, and sends 200OK confirmation message to UE A. And simultaneously, the MGCF sends a COT conduction detection message to the UE B to inform the called side terminal that the resources of the calling side are reserved, and the next operation can be carried out.
After receiving the COT message, the called terminal UE B rings to the user, and simultaneously returns the ACM ringing message to the UE A. Under the condition of supporting the voice encryption telephone call, the UE B needs to add a new bit indicator bit in the user part of the ACM message to indicate to the UE a that the UE B supports the voice encryption call.
Upon receiving the ACM message, the calling MGCF (media gateway control function) maps the ACM message to a 180Ring message. When the indication bit in the ACM message is used to determine that the call is a voice encrypted telephone call, the MGCF needs to add encrypted telephone indication information to the 180Ring message, and then sends the encrypted telephone indication information to the UE a.
After receiving the 180Ring message, UE A judges that UE B supports the voice encryption telephone call through the encryption telephone indication information carried in the message, UE A plays a Ring back tone to the user, and continues to carry out voice encryption telephone call connection.
After the called user picks up the phone, UE B sends ANM answering information to UE A to prepare for establishing a media plane channel. The ANM message is mapped by the MGCF of the calling party to a 200OK acknowledgement message and sent to UE a.
After receiving the 200OK acknowledgement message, UE a sends an ACK message to MGCF for acknowledgement.
A media channel between UE a and UE B is already established. By using the channel, UE A and UE B exchange respective keys, and encrypt and decrypt the voice telephone content of the user by using the keys.
And the 4G calling subscriber and the 3G called subscriber start encrypted conversation.
Finally, the method of the present application is only a preferred embodiment and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (9)
1. A voice encrypted telephone call method, comprising:
step 1, a 4G VoLTE IMS core network receives encrypted call request information of a 4G call terminal, a media gateway control module of a calling party maps the call request information into initial address request information, a first encryption indicating bit is added in the initial address request information, and the initial address request information is sent to a 3G called terminal;
step 2, the 3G called terminal confirms that the called terminal supports encrypted calling, adds a second encryption indicating bit in the address full information, and sends the address full information to the 4G calling terminal after mapping to 180Ring through the media gateway control module;
step 3, the 4G calling terminal confirms that the 3G called terminal supports encrypted calling based on the second encryption indicating bit; and the 4G calling terminal and the 3G called terminal carry out encrypted communication.
2. The method of claim 1, wherein step 1 is preceded by:
s01, the 4G calling terminal sends the encrypted calling request information to the 4G VoLTE IMS core network.
3. The method of claim 2, further comprising, after S01 and before step 1:
s02, the proxy call session control module applies for the encrypted call request for conversation resources and sends the encrypted call request to the call session control module;
and S03, the call session control module confirms that the telephone number mapping ENUM or the domain name system DNS does not acquire the called address, and sends the encrypted call request to the media gateway control module through the exit gateway control module.
4. The method of claim 1, wherein the step 1 of sending the initial address request message to the 3G called terminal further comprises: and the media gateway control module sends the initial address request information to the 3G called terminal through a gateway mobile switching center and a visited mobile wireless office.
5. The method of claim 1, further comprising, after step 1 and before step 2: the 4G calling terminal and the media gateway control module perform resource reservation; and the media gateway control module sends a resource reservation completion message to the 3G called terminal.
6. The method of claim 1, wherein the step 2 of transmitting the address complete information to the 4G call terminal further comprises: sending the address full information to the media gateway control function module; and the media gateway control function module maps the address full information into the 180Ring information and sends the 180Ring information to the 4G calling terminal.
7. The method of claim 1, wherein the step 3 of the 4G calling terminal making encrypted call with the 3G called terminal further comprises: establishing a media channel between the 4G calling terminal and the 3G called terminal; the 4G calling terminal and the 3G called terminal exchange respective keys by using the media channel, and encrypt and decrypt conversation voice contents by using the keys; and the 4G calling terminal and the 3G called terminal carry out encrypted communication.
8. The method of claim 5, wherein said step 4G of the calling terminal reserving resources with the media gateway control module further comprises:
the media gateway control module returns a 183Session Progress message to the 4G calling terminal to perform media negotiation and resource reservation;
the 4G calling terminal performs the media negotiation and the resource reservation with the media gateway control module through PRACK or UPDATE;
and the media gateway control module receives the PRACK or UPDATE message, sends a 200OK confirmation message to the 4G calling terminal and sends a COT conduction detection message to the 3G called terminal.
9. The method of claim 7, wherein the step of establishing a media channel between the 4G calling terminal and the 3G called terminal further comprises:
after the 3G called terminal is off-hook, the 3G called terminal sends a answering response message to the 4G calling terminal to prepare for establishing a media plane channel; the answering response message is mapped into a 200OK confirmation message by the media gateway control function module and is sent to the 4G calling terminal;
and after receiving the 200OK confirmation message, the 4G calling terminal sends a confirmation character to the media gateway control function module for confirmation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611261223.9A CN108271132B (en) | 2016-12-30 | 2016-12-30 | Voice encryption telephone calling method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611261223.9A CN108271132B (en) | 2016-12-30 | 2016-12-30 | Voice encryption telephone calling method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108271132A CN108271132A (en) | 2018-07-10 |
| CN108271132B true CN108271132B (en) | 2021-05-04 |
Family
ID=62754998
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611261223.9A Active CN108271132B (en) | 2016-12-30 | 2016-12-30 | Voice encryption telephone calling method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108271132B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115022024B (en) * | 2022-05-31 | 2023-09-29 | 中国电信股份有限公司 | Method and device for encrypting call, storage medium and electronic equipment |
| CN114900500A (en) * | 2022-06-15 | 2022-08-12 | 中国电信股份有限公司 | Call control method, application server, communication system, and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101340643B (en) * | 2008-08-28 | 2011-05-18 | 中国电信股份有限公司 | Air interface voice ciphering startup method and system |
| CN105992199A (en) * | 2015-01-29 | 2016-10-05 | 成都三零瑞通移动通信有限公司 | Speech communication decrypted conversation and encrypted conversation identification method and system |
| CN106161376A (en) * | 2015-04-13 | 2016-11-23 | 中国移动通信集团公司 | The machinery of consultation of a kind of end-to-end encrypted communication and device |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015115798A1 (en) * | 2014-01-29 | 2015-08-06 | Samsung Electronics Co., Ltd. | User terminal device and secured communication method thereof |
| EP3054644B1 (en) * | 2015-02-04 | 2018-06-06 | Vodafone GmbH | Voice session termination for messaging clients in IMS |
-
2016
- 2016-12-30 CN CN201611261223.9A patent/CN108271132B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101340643B (en) * | 2008-08-28 | 2011-05-18 | 中国电信股份有限公司 | Air interface voice ciphering startup method and system |
| CN105992199A (en) * | 2015-01-29 | 2016-10-05 | 成都三零瑞通移动通信有限公司 | Speech communication decrypted conversation and encrypted conversation identification method and system |
| CN106161376A (en) * | 2015-04-13 | 2016-11-23 | 中国移动通信集团公司 | The machinery of consultation of a kind of end-to-end encrypted communication and device |
Non-Patent Citations (3)
| Title |
|---|
| 3rd Generation Partnership Project.Technical Specification Group Services and System Aspects * |
| Voice Call Continuity between CS and IMS Study(Release 7).《3GPP TR 23.806 V1.1.0》.2005, * |
| 基于移动通信网的端到端加密终端研究与实现;刘衍斐;《中国优秀硕士学位论文全文数据库(信息科技辑)》;20100515;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108271132A (en) | 2018-07-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI384859B (en) | Communication apparatus and method for handling conference communication service in the communication apparatus | |
| RU2491739C2 (en) | System and method for call switching from packet switched network to channel switched network | |
| US8588746B2 (en) | Technique for bypassing an IP PBX | |
| CN1890931B (en) | System, apparatus, and method for establishing circuit-switched communications via packet switched network signaling | |
| CN100466805C (en) | Method for end-to-end enciphoring voice telecommunication | |
| CN106658486A (en) | Enciphered call making method, enciphered call making device and terminal | |
| KR20070077419A (en) | A method and apparatus for handling voip ue's call request including the real-time service toward csi ue | |
| CN106549906A (en) | Realize method, terminal and the network side element of end-to-end call encryption | |
| CN111404865A (en) | IMS system encrypted call method, network equipment, terminal and system | |
| US8320362B2 (en) | Telecommunications system and method of initiating file transfers from voice endpoints | |
| WO2011050744A1 (en) | Method for playing multimedia ring tone during conversation period, server and terminal device thereof | |
| CN108271132B (en) | Voice encryption telephone calling method | |
| JP4554636B2 (en) | Communication control device and protocol conversion method | |
| CN101325590B (en) | Method for implementation terminal call of IP multimedia subsystem central control business | |
| CN104639731A (en) | Incoming call reminding method, incoming call reminding system and terminal | |
| US10178136B2 (en) | Systems and methods of providing multimedia service to a legacy device | |
| ES2289586T3 (en) | METHOD AND DEVICE FOR PULSAR SERVICE TO SPEAK. | |
| CN109429192B (en) | Call call processing method, transceiving equipment and computer readable storage medium | |
| CN115361362A (en) | IMS-based coal mine call system and method | |
| US20100128716A1 (en) | Method and apparatus for providing network based services to private branch exchange endpoints | |
| KR100705581B1 (en) | Apparatus and method for MCID Registrating of terminal in VoIP system for using SIP | |
| JP5184054B2 (en) | Terminal calling method, access point control device, terminal and program at call connection | |
| CN110267360B (en) | International roaming communication method, international gateway and communication system for group service | |
| CN114760625B (en) | Encryption call method, device and system | |
| CN102257784A (en) | Method, device and system for realizing the security mechanism of multimedia ringing tone services |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |