CN112118573A - Voice encryption communication method and device between different systems of wide-band and narrow-band clusters - Google Patents
Voice encryption communication method and device between different systems of wide-band and narrow-band clusters Download PDFInfo
- Publication number
- CN112118573A CN112118573A CN201910541164.8A CN201910541164A CN112118573A CN 112118573 A CN112118573 A CN 112118573A CN 201910541164 A CN201910541164 A CN 201910541164A CN 112118573 A CN112118573 A CN 112118573A
- Authority
- CN
- China
- Prior art keywords
- broadband
- encryption
- narrowband
- rtp packet
- voice
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/06—Selective distribution of broadcast services, e.g. multimedia broadcast multicast service [MBMS]; Services to user groups; One-way selective calling services
- H04W4/10—Push-to-Talk [PTT] or Push-On-Call services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/40—Connection management for selective distribution or broadcast
- H04W76/45—Connection management for selective distribution or broadcast for Push-to-Talk [PTT] or Push-to-Talk over cellular [PoC] services
Abstract
The embodiment of the invention provides a method and a device for voice encryption communication between different systems of a broadband and narrowband cluster. The method comprises the following steps: when a calling party is a broadband terminal and a called party is a narrowband terminal, an encryption conversion server receives a first RTP packet and session basic information sent by a broadband core network, wherein the first RTP packet consists of broadband secret voice data and broadband encryption synchronous information; unpacking the first RTP packet to obtain broadband secret voice data and broadband encryption synchronization information; decrypting the broadband secret voice data according to the session basic information to obtain a voice plaintext in a broadband format; converting the voice plaintext in the broadband format into the voice plaintext in the narrowband format; encrypting the voice plaintext in the narrowband format according to the session basic information; and the encrypted voice data in the narrow-band format and the encrypted synchronous information form a second RTP packet and send the second RTP packet to the broadband core network. The embodiment of the invention can realize voice encryption communication among different systems of the wide-band and narrow-band cluster, and has high data security and less time delay.
Description
Technical Field
The invention relates to the technical field of communication, in particular to a voice encryption communication method and device between different systems of a wide-band and narrow-band cluster.
Background
PDT (Police digital trunking) standard is a trunking communication standard with proprietary intellectual property rights in china, and PDT trunking is built on a large scale and put into practical use in 30 provinces across the country. The PDT system has wide coverage and low construction cost, but cannot meet the application requirements of broadband data transmission and multimedia services due to bandwidth limitation. In order to meet the requirement of broadband application, a multi-place public security private network is constructed in a mode of fusion and intercommunication of a narrow band and a broadband cluster, namely PDT + LTE, wherein the PDT private network covers the whole area, ensures basic voice and short data communication, and covers a central area, a hot spot area and a key position of a city to realize multimedia service application; the IP core networks can be respectively constructed, and the core networks are intercommunicated by PSIP (program and System Information protocol) protocols.
In the broadband and narrowband intercommunication trunking service, the voice service is the most basic and most common service, and the data encryption of the voice is the most basic requirement.
At present, PDT system voice data encryption conforms to PDT standard, and TD-LTE cluster voice data encryption and decryption currently have no specific standard. When the wide-narrow Band system performs Voice intercommunication, because the encryption schemes of the wide-narrow Band system are inconsistent and the Voice coding is inconsistent, the wideband Voice coding is AMR (Adaptive Multi-Rate Codec), and the narrow-Band Voice coding is nvoc (narrow Band Voice coder), so that at present, no scheme for encrypting and decrypting the Voice data to be intercommunicated exists, which is a problem that the wide-narrow Band intercommunication needs to be solved urgently.
Disclosure of Invention
Aiming at the problems in the prior art, the embodiment of the invention provides a method and a device for voice encryption communication between different systems of a broadband and narrowband cluster.
The embodiment of the invention provides a voice encryption communication method between different systems of a broadband and narrowband cluster, which is applied to an encryption conversion server, wherein the encryption conversion server is connected with a broadband core network of the broadband cluster system, and the method comprises the following steps:
when a calling party is a broadband terminal and a called party is a narrowband terminal, an encryption conversion server receives a first RTP packet and session basic information sent by a broadband core network, wherein the first RTP packet consists of broadband secret voice data and broadband encryption synchronous information;
the encryption conversion server unpacks the first RTP packet to obtain broadband secret voice data and broadband encryption synchronization information;
the encryption conversion server generates a decryption key stream according to the broadband encryption synchronization information and the session basic information, and decrypts the broadband secret voice data according to the decryption key stream to obtain a voice plaintext in a broadband format;
the encryption conversion server converts the voice plaintext in the broadband format into the voice plaintext in the narrowband format;
the encryption conversion server generates encryption synchronization information and an encryption key stream according to the session basic information, and encrypts the speech plaintext in the narrow-band format according to the encryption synchronization information and the encryption key stream;
the encryption conversion server forms a second RTP packet by the encrypted voice data in the narrow-band format and the encrypted synchronous information and sends the second RTP packet to the broadband core network.
The embodiment of the invention provides a voice encryption communication method between different systems of a broadband and narrowband cluster, which is applied to a broadband core network and comprises the following steps: after the calling party and the called party establish connection, acquiring basic session information; the method further comprises the following steps:
when the calling party is a broadband terminal and the called party is a narrowband terminal, the broadband core network receives a fifth RTP packet sent by the broadband terminal, wherein the fifth RTP packet consists of broadband secret voice data and broadband encryption synchronization information;
the broadband core network sends the fifth RTP packet and the session basic information to an encryption conversion server;
the broadband core network receives a sixth RTP packet sent by the encryption conversion server, wherein the sixth RTP packet consists of narrowband secret voice data and narrowband encryption synchronous information;
and the broadband core network sends the sixth RTP packet to the narrowband core network, so that the narrowband core network unpacks the sixth RTP packet into narrowband secret voice data and narrowband encryption synchronous information and sends the narrowband secret voice data and the narrowband encryption synchronous information to the narrowband terminal, and the narrowband terminal decrypts the narrowband secret voice data to obtain a voice plaintext.
The embodiment of the invention provides a voice encryption communication device between different systems of a broadband and narrowband cluster, which is applied to an encryption conversion server, wherein the encryption conversion server is connected with a broadband core network of the broadband cluster system, and the device comprises:
a first receiving unit, configured to receive a first RTP packet and session basic information sent by a broadband core network when a calling party is a broadband terminal and a called party is a narrowband terminal, where the first RTP packet is composed of broadband secret voice data and broadband encryption synchronization information;
the first unpacking unit is used for unpacking the first RTP packet to obtain broadband secret voice data and broadband encryption synchronization information;
the first decryption unit is used for generating a decryption key stream according to the broadband encryption synchronization information and the session basic information, and decrypting the broadband secret voice data according to the decryption key stream to obtain a voice plaintext in a broadband format;
the first conversion unit is used for converting the voice plaintext in the broadband format into the voice plaintext in the narrowband format;
the first encryption unit is used for generating encryption synchronization information and an encryption key stream according to the session basic information and encrypting the speech plaintext in the narrow-band format according to the encryption synchronization information and the encryption key stream;
and the first sending unit is used for forming a second RTP packet by the encrypted voice data in the narrow-band format and the encrypted synchronous information and sending the second RTP packet to the broadband core network.
The embodiment of the invention provides a voice encryption communication device between different systems of a broadband and narrowband cluster, which is applied to a broadband core network and comprises the following components: the first obtaining unit is used for obtaining the basic information of the session after the calling party and the called party establish connection; the device further comprises:
a third receiving unit, configured to receive a fifth RTP packet sent by the broadband terminal when the calling party is the broadband terminal and the called party is the narrowband terminal, where the fifth RTP packet is composed of broadband secret voice data and broadband encryption synchronization information;
a third sending unit, configured to send the fifth RTP packet and the session basic information to an encryption conversion server;
a fourth receiving unit, configured to receive a sixth RTP packet sent by the encryption conversion server, where the sixth RTP packet is composed of narrowband secret voice data and narrowband encryption synchronization information;
and the fourth sending unit is used for sending the sixth RTP packet to a narrowband core network, so that the narrowband core network unpacks the sixth RTP packet into narrowband secret voice data and narrowband encryption synchronization information and sends the narrowband secret voice data and the narrowband encryption synchronization information to a narrowband terminal, and the narrowband terminal decrypts the narrowband secret voice data to obtain a voice plaintext.
The embodiment of the invention also provides electronic equipment which comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, wherein when the processor executes the program, the voice encryption communication method among the different systems of the wide-band and narrow-band cluster is realized.
The embodiment of the invention also provides a non-transitory computer readable storage medium, on which a computer program is stored, and when the program is executed by a processor, the method for voice encryption communication among different systems of the wide and narrow band cluster is implemented.
When voice encryption communication is needed between the broadband and narrowband cluster different systems, a secret RTP voice packet transmitted by a calling terminal is transmitted to an encryption conversion server through a broadband core network, the encryption conversion server carries out unpacking, decryption, voice coding conversion and secondary encryption on the RTP packet, the RTP voice packet required by a called terminal system is formed again and transmitted back to the broadband core network, and the RTP voice packet is transmitted to the called terminal by the broadband core network directly or through the narrowband core network. The embodiment of the invention has high data security, less time delay and good expandability.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
Fig. 1 is a schematic flowchart of a voice encryption communication method between different systems of a broadband and narrowband cluster according to an embodiment of the present invention;
fig. 2 is a schematic diagram of an interface format of an RTP packet according to an embodiment of the present invention;
fig. 3 is a schematic flowchart of a voice encryption communication method between different systems of a broadband and narrowband cluster according to an embodiment of the present invention;
fig. 4 is a schematic flowchart of a voice encryption communication method between different systems of a broadband and narrowband cluster according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a voice encryption communication system between different systems of a broadband and narrowband cluster according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a voice encryption communication system between different systems of a broadband and narrowband cluster according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of a voice encryption communication device between different systems of a broadband and narrowband cluster according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of a voice encryption communication device between different systems of a broadband and narrowband cluster according to an embodiment of the present invention;
fig. 9 is a schematic structural diagram of a voice encryption communication device between different systems of a broadband and narrowband cluster according to an embodiment of the present invention;
fig. 10 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 is a schematic flowchart illustrating a voice encryption communication method between different systems of a broadband and narrowband cluster according to an embodiment of the present invention.
The voice encryption communication method between the different systems of the broadband and narrowband cluster provided by the embodiment of the invention is applied to an encryption conversion server, and the encryption conversion server is connected with a broadband core network of the broadband cluster system.
In order to realize voice encryption communication between different systems of the broadband and narrowband cluster, the embodiment of the invention adds an encryption conversion server device on a core network in the broadband cluster system, wherein the encryption conversion server is provided with a broadband encryption card and a narrowband encryption card and carries out conversion of broadband and narrowband voice codes in the server.
As shown in fig. 1, the method includes:
s11, when the calling party is a broadband terminal and the called party is a narrowband terminal, the encryption conversion server receives a first RTP packet and session basic information sent by a broadband core network, wherein the first RTP packet consists of broadband secret voice data and broadband encryption synchronization information;
specifically, when the calling party is a broadband terminal and the called party is a narrowband terminal, the broadband trunking core network sends the basic information of the session and an RTP (Real-time Transport Protocol) voice packet carrying broadband secret voice data (such as a secret AMR voice frame) and encryption synchronization information to the encryption conversion server.
S12, the encryption conversion server unpacks the first RTP packet to obtain broadband secret voice data and broadband encryption synchronization information;
s13, the encryption conversion server generates a decryption key stream according to the broadband encryption synchronization information and the session basic information, and decrypts the broadband secret voice data according to the decryption key stream to obtain a voice plaintext in a broadband format;
specifically, the encryption conversion server device comprises a broadband encryption card for decrypting the received encrypted AMR speech frames.
S14, the encryption conversion server converts the voice plaintext in the broadband format into the voice plaintext in the narrowband format;
specifically, the encryption conversion server device comprises a voice code conversion module for converting the wide-band and narrow-band codes.
S15, the encryption conversion server generates encryption synchronization information and an encryption key stream according to the session basic information, and encrypts the speech plaintext in the narrow-band format according to the encryption synchronization information and the encryption key stream;
specifically, the encryption conversion server device comprises a narrow-band encryption card used for encrypting the voice frame in the narrow-band format.
S16, the encryption conversion server forms a second RTP packet by the encrypted voice data in the narrow band format and the encrypted synchronous information and sends the second RTP packet to the broadband core network.
Specifically, the encryption conversion server transmits the re-encrypted and packaged narrowband RTP voice packet back to the broadband cluster core network.
When voice encryption communication is needed between the broadband and narrowband different systems, a secret RTP voice packet transmitted by a calling terminal is transmitted to an encryption conversion server through a broadband core network, the encryption conversion server carries out unpacking, decryption, voice coding conversion and secondary encryption on the RTP packet, the RTP voice packet required by a called terminal system is formed again and transmitted back to the broadband core network, and the broadband core network transmits the RTP voice packet to the called terminal directly or through the narrowband core network. The embodiment of the invention has high data security, less time delay and good expandability.
On the basis of the above embodiment, the method further includes:
when a calling party is a narrow-band terminal and a called party is a wide-band terminal, an encryption conversion server receives a third RTP packet and session basic information sent by a wide-band core network, wherein the third RTP packet consists of narrow-band secret voice data and narrow-band encryption synchronous information;
the encryption conversion server unpacks the third RTP packet to obtain narrow-band secret voice data and narrow-band encryption synchronous information;
the encryption conversion server generates a decryption key stream according to the narrowband encryption synchronization information and the session basic information, and decrypts the narrowband secret voice data according to the decryption key stream to obtain a voice plaintext in a narrowband format;
the encryption conversion server converts the voice plaintext in the narrow-band format into the voice plaintext in the wide-band format;
the encryption conversion server generates encryption synchronization information and an encryption key stream according to the session basic information; encrypting the voice plaintext in the broadband format according to the encryption synchronization information and the encryption key stream;
the encryption conversion server forms a fourth RTP packet by the encrypted voice data in the broadband format and the encrypted synchronous information and sends the fourth RTP packet to the broadband core network.
Specifically, when the calling party is a narrowband terminal and the called party is a broadband terminal, the encryption conversion server receives an RTP packet carrying narrowband encrypted voice data (such as an NVOC voice frame cipher text) and narrowband encryption synchronization information, which is transmitted by the narrowband core network, through forwarding of the broadband core network. Similarly, the encryption conversion server decrypts, converts and encrypts the RTP packet by the narrowband encryption card, the voice coding conversion module and the broadband encryption card, re-composes the RTP packet carrying the broadband secret voice data and the broadband encryption synchronization information, and transmits the RTP packet back to the broadband cluster core network.
On the basis of the above embodiment, the RTP packet includes an RTP packet header, an encrypted voice frame and an RTP packet tail, the encrypted voice frame carries wideband secret voice data or narrowband secret voice data, and the RTP packet tail carries encryption synchronization information.
In particular, the terms "first", "second", "third", "fourth", etc. in the above embodiments are used for distinguishing similar objects, such as RTP packets between the encryption conversion server and the broadband core network, and are not necessarily used for describing a specific sequence or order.
Fig. 2 shows a schematic interface format diagram of an RTP packet provided in an embodiment of the present invention, as shown in fig. 2, a P field in a header of the RTP packet is set to 1, and an RTP trailer is extended after a speech frame is encrypted to carry an encryption synchronization information padding field.
Fig. 3 is a schematic flowchart illustrating a voice encryption communication method between different systems of a broadband and narrowband cluster according to an embodiment of the present invention.
The voice encryption communication method between the different systems of the broadband and narrowband cluster provided by the embodiment of the invention is applied to a broadband core network, and comprises the following steps: after the calling party and the called party establish connection, acquiring basic session information;
specifically, after the call connection is established between the calling party and the called party, the wide/narrow terminal and the wide/narrow trunking core network have acquired the basic session information (calling number, called number, session type) through control signaling.
As shown in fig. 3, the method further comprises the following steps:
s21, when the calling party is a broadband terminal and the called party is a narrowband terminal, the broadband core network receives a fifth RTP packet sent by the broadband terminal, wherein the fifth RTP packet is composed of broadband secret voice data and broadband encryption synchronization information;
specifically, when the calling party is a broadband terminal, the calling terminal encrypts the voice frame to be sent, and then, the encrypted broadband AMR voice frame and the encrypted synchronization information form an RTP voice packet, and then, the assembled RTP voice packet is sent to the broadband cluster core network.
S22, the broadband core network sends the fifth RTP packet and the session basic information to an encryption conversion server;
specifically, if the broadband trunking core network determines that the called party is a narrowband terminal, it needs to send the basic information of the session and the RTP voice packet carrying the encrypted AMR voice frame and the encryption synchronization information to the encryption conversion server.
S23, the broadband core network receives a sixth RTP packet sent by the encryption conversion server, wherein the sixth RTP packet consists of narrowband secret voice data and narrowband encryption synchronization information;
specifically, the encryption conversion server performs unpacking, decryption, voice code conversion and secondary encryption on the received RTP packet, reassembles the RTP voice packet into the RTP voice packet required by the called terminal system, and then transmits the RTP voice packet back to the broadband cluster core network. The reconstructed RTP voice packet required by the called terminal system consists of NVOC narrowband voice frame cipher text and encryption synchronization information required by the called system.
And S24, the broadband core network sends the sixth RTP packet to the narrowband core network, so that the narrowband core network unpacks the sixth RTP packet into narrowband secret voice data and narrowband encryption synchronization information and sends the narrowband secret voice data and the narrowband encryption synchronization information to the narrowband terminal, and the narrowband terminal decrypts the narrowband secret voice data to obtain a voice plaintext.
Specifically, the broadband cluster core network transmits a received RTP packet carrying a narrowband NVOC voice frame ciphertext and encryption synchronization information to the narrowband core network, and the narrowband core network unpacks the received RTP packet into a narrowband NVOC secret voice frame and an encryption synchronization information frame and transmits the narrowband NVOC secret voice frame and the encryption synchronization information frame to the narrowband terminal; and the narrowband terminal decrypts the NVOC secret voice frame to obtain the NVOC voice frame plaintext.
When voice encryption communication is needed between the broadband and narrowband different systems, a secret RTP voice packet transmitted by a calling terminal is transmitted to an encryption conversion server through a broadband core network, the encryption conversion server carries out unpacking, decryption, voice coding conversion and secondary encryption on the RTP packet, the RTP voice packet required by a called terminal system is formed again and transmitted back to the broadband core network, and the broadband core network transmits the RTP voice packet to the called terminal directly or through the narrowband core network. The embodiment of the invention has high data security, less time delay and good expandability.
On the basis of the above embodiment, the method further includes:
when the calling party is a narrow-band terminal and the called party is a wide-band terminal, the wide-band core network receives a seventh RTP packet sent by the narrow-band core network, wherein the seventh RTP packet consists of narrow-band secret voice data and narrow-band encryption synchronization information;
specifically, a narrowband encryption card is arranged on the narrowband terminal, and when the calling party is a narrowband terminal and the called party is a broadband terminal, the calling terminal sends the encrypted NVOC narrowband speech frame and the encrypted synchronization information to a narrowband core network. If the called party is judged to be the broadband terminal by the narrowband cluster core network, the NVOC narrowband speech frame and the encryption synchronization information are combined into an RTP speech packet, and then the combined RTP speech packet is transmitted to the broadband core network.
The broadband core network sends the seventh RTP packet and the session basic information to the encryption conversion server;
specifically, the broadband core network transfers the RTP packet carrying the narrowband secret voice data and the narrowband encryption synchronization information to the encryption conversion server, and the encryption conversion server performs unpacking, decryption, voice coding conversion and secondary encryption on the RTP packet, reconstructs an RTP voice packet required by the called terminal system, and transmits the RTP voice packet back to the broadband cluster core network.
The broadband core network receives an eighth RTP packet sent by the encryption conversion server, wherein the eighth RTP packet consists of broadband secret voice data and broadband encryption synchronization information;
specifically, the RTP voice packet transmitted back to the broadband core network by the encryption conversion server is composed of a broadband voice frame cipher text and encryption synchronization information required by the called system.
And the broadband core network sends the eighth RTP packet to the broadband terminal so that the broadband terminal unpacks the eighth RTP packet and decrypts the eighth RTP packet to obtain the voice plaintext.
Specifically, the broadband core network obtains the secret voice and the encryption synchronization information in the broadband voice format, and finally transmits the secret voice and the encryption synchronization information to the broadband terminal through the broadband system, and the broadband terminal decrypts the secret voice through the broadband encryption card to obtain the voice plaintext.
On the basis of the above embodiment, the RTP packet includes an RTP packet header, an encrypted voice frame and an RTP packet tail, the encrypted voice frame carries wideband secret voice data or narrowband secret voice data, and the RTP packet tail carries encryption synchronization information.
In particular, the terms "fifth", "sixth", "seventh", "eighth", etc. in the above embodiments are used to distinguish similar objects (RTP packets), and are not necessarily used to describe a specific order or sequence.
Fig. 2 shows a schematic interface format diagram of an RTP packet according to an embodiment of the present invention, where a P field in a header of the RTP packet is set to 1, and a RTP trailer is extended after a speech frame is encrypted to carry an encryption synchronization information padding field.
Fig. 4 is a schematic flowchart illustrating a voice encryption communication method between different systems of a broadband and narrowband cluster according to an embodiment of the present invention.
The method is applied to a narrow-band core network and comprises the following steps: after the calling party and the called party establish connection, acquiring basic session information;
specifically, after the call connection is established between the calling party and the called party, the wide/narrow terminal and the wide/narrow trunking core network have acquired the basic session information (calling number, called number, session type) through control signaling.
As shown in fig. 4, the method specifically includes the following steps:
s31, when the calling party is a broadband terminal and the called party is a narrowband terminal, the narrowband core network receives a ninth RTP packet sent by the broadband core network, wherein the ninth RTP packet is composed of narrowband secret voice data and narrowband encryption synchronization information;
specifically, when the calling party is a broadband terminal and the called party is a narrowband terminal, the broadband core network forwards an RTP packet transcoded and encrypted by the encryption conversion server to the narrowband core network, so that the narrowband core network obtains an NVOC secret voice data packet and encryption synchronization information required by the narrowband system.
And S32, the narrowband core network unpacks the ninth RTP packet into narrowband secret voice data and narrowband encryption synchronization information and sends the narrowband secret voice data and the narrowband encryption synchronization information to the narrowband terminal, so that the narrowband terminal decrypts the narrowband secret voice data to obtain a voice plaintext.
Specifically, the narrowband core network unpacks the received RTP packet into a narrowband NVOC secret voice frame and an encryption synchronization information frame and transmits the narrowband NVOC secret voice frame and the encryption synchronization information frame to the narrowband terminal; and the narrowband terminal decrypts the NVOC secret voice frame to obtain the NVOC voice frame plaintext.
On the basis of the above embodiment, the method further includes:
when the calling party is a narrow-band terminal and the called party is a wide-band terminal, the narrow-band core network receives narrow-band secret voice data and encryption synchronization information sent by the narrow-band terminal, and after the called party is judged to be the wide-band terminal, the narrow-band secret voice data and the narrow-band encryption synchronization information form a tenth RTP packet;
and sending the tenth RTP packet to a broadband core network.
Specifically, a narrowband encryption card is arranged on the narrowband terminal, and when the calling party is a narrowband terminal and the called party is a broadband terminal, the calling terminal sends the encrypted NVOC narrowband speech frame and the encrypted synchronization information to the narrowband cluster core network. If the called party is judged to be the broadband terminal by the narrowband cluster core network, the encrypted NVOC narrowband speech frame and the encrypted synchronization information form an RTP speech packet and the RTP speech packet is transmitted to the broadband core network.
On the basis of the above embodiment, the RTP packet includes an RTP packet header, an encrypted voice frame and an RTP packet tail, the encrypted voice frame carries narrowband encrypted voice data, and the RTP packet tail carries encryption synchronization information.
In the above embodiments, the terms "ninth", "tenth", etc. are used to distinguish similar objects (RTP packets), but are not necessarily used to describe a specific sequence or precedence, and the interface format of the RTP packets is as shown in fig. 2.
The following describes in detail the case where the narrowband and wideband terminals are called separately by specific examples.
Fig. 5 is a schematic structural diagram illustrating a voice encryption communication system between different systems of a broadband and narrowband cluster according to an embodiment of the present invention.
As shown in fig. 5, the encryption conversion server device includes four parts, an encryption/decryption module, a voice conversion module, a broadband encryption card, and a narrowband encryption card.
The encryption and decryption module is responsible for unpacking a calling RTP (real-time transport protocol) secret voice packet entering the server, transmitting the basic session information and the encryption synchronization information to the broadband or narrowband encryption card, obtaining a decryption key stream of the encryption card, then decoding a plaintext voice frame and transmitting the plaintext voice frame to the voice conversion module; the voice frame after being converted by the voice conversion module is encrypted by a broadband or narrowband encryption card to form an RTP (real-time transport protocol) secret voice packet required by the called different system, and the RTP secret voice packet is transmitted to the called different system.
The voice conversion module is responsible for converting the voice in the calling terminal system format into the voice in the called terminal system format.
The broadband encryption card is responsible for generating a key stream required by broadband system voice decryption to the encryption and decryption module, or generating the key stream required by the broadband system voice encryption and encryption synchronization information to the encryption and decryption module.
The narrow-band encryption card is responsible for generating a key stream required by the narrow-band system voice decryption to the encryption and decryption module, or is responsible for generating the key stream required by the narrow-band system voice encryption and encryption synchronization information to the encryption and decryption module.
As shown in fig. 5, the broadband is a calling party, and for example, a voice single call is taken, when the broadband and narrow terminals intercommunicate with a secret call, if the calling party is the broadband terminal, the terminal encrypts voice data by using the broadband encryption card, and then forms an RTP packet by the secret voice data and the encryption synchronization information to transmit to the broadband system core network; when the broadband core network judges that the called party is a narrowband terminal and needs to transmit secret voice to a narrowband system, secret voice data, encryption synchronization information and session basic information are transmitted to an encryption conversion server; after an encryption and decryption module of the encryption and conversion server decrypts the encrypted voice data by using a broadband encryption card, the voice conversion module transcodes the voice according to a narrowband format, the encryption and decryption module performs secondary encryption conforming to a narrowband standard on the transcoded voice data by using the narrowband encryption card, and an RTP packet consisting of the encrypted voice data and encryption synchronization information is transmitted to a broadband core network; the broadband core network transmits the secret voice RTP packet to the narrowband core network through a PSIP interface, and then transmits the secret voice RTP packet to a narrowband terminal through a narrowband system; and the narrow-band terminal decrypts the secret voice by using the narrow-band encryption card to obtain a voice plaintext.
Fig. 6 is a schematic structural diagram illustrating a voice encryption communication system between different systems of a broadband and narrowband cluster according to an embodiment of the present invention.
As shown in fig. 6, similarly, when the narrowband terminal is the calling broadband terminal and is the called broadband terminal, after the narrowband core network transmits the secret voice to the broadband core network, the broadband core network transmits the secret voice to the encryption conversion server, the broadband core network obtains the secret voice in the broadband voice format and the encryption synchronization information through decryption, transcoding and secondary encryption, and finally transmits the secret voice to the broadband terminal through the broadband system, and the broadband terminal decrypts the secret voice through the broadband encryption card to obtain the voice plaintext.
With reference to fig. 5 and fig. 6, in order to implement voice encryption communication between different systems of the wideband and narrowband clusters, the scheme of the present invention adds an encryption conversion server device on the core network of the wideband cluster system, where the encryption conversion server is provided with a wideband encryption card and a narrowband encryption card, and performs conversion of wideband and narrowband voice codes in the server. The broadband terminal and the narrow band terminal are respectively provided with a broadband encryption card and a narrow band encryption card, encryption and decryption are carried out according to the encryption schemes of respective systems, and the encryption and decryption data format and the coding format conversion among the systems are completed by an encryption conversion server device.
The embodiment of the invention maintains the original design of the two communication different systems to the maximum extent, the two communication different systems can respectively execute different encryption schemes, the standardized narrow-band system is not changed at all, only the incremental design is carried out on the existing broadband system, the existing investment construction is protected, the system is easy to upgrade and modify, and the cost is low.
The embodiment of the invention adopts a mode of adding a hardware encryption card into a single server to convert the encrypted voice, can ensure that the plaintext data only exists in the encryption equipment all the time, and has high data security.
The embodiment of the invention can completely utilize various existing designs to reduce time delay, for example, the wide and narrow band encryption card and the code conversion module in the server can adopt the existing hardware equipment to improve the processing speed, and the encryption and decryption module in the server can reduce the times of accessing the encryption card through the existing cache key stream, and the like.
The architecture of the embodiment of the invention has good expansibility, is suitable for the intercommunication system architecture of the broadband and narrowband core network, and is also suitable for the fusion system architecture of the broadband and narrowband core network; the scheme that the same encryption card is used in a broadband and narrowband system can also be applied.
Fig. 7 is a schematic structural diagram illustrating a voice encryption communication device between different systems of a broadband and narrowband cluster according to an embodiment of the present invention.
The apparatus of fig. 7 is applied to a transcoding server, which is connected to a broadband core network of a broadband cluster system.
In order to realize voice encryption communication between different systems of the broadband and narrowband cluster, the embodiment of the invention adds an encryption conversion server device on a core network in the broadband cluster system, wherein the encryption conversion server is provided with a broadband encryption card and a narrowband encryption card and carries out conversion of broadband and narrowband voice codes in the server.
As shown in fig. 7, the apparatus includes: a first receiving unit 11, a first unpacking unit 12, a first decrypting unit 13, a first converting unit 14, a first encrypting unit 15 and a first sending unit 16, wherein:
the first receiving unit 11 is configured to receive a first RTP packet and session basic information sent by a broadband core network when a calling party is a broadband terminal and a called party is a narrowband terminal, where the first RTP packet is composed of broadband secret voice data and broadband encryption synchronization information;
specifically, when the calling party is a broadband terminal and the called party is a narrowband terminal, the broadband trunking core network sends the basic information of the session and an RTP voice packet carrying broadband secret voice data (such as a secret AMR voice frame) and encryption synchronization information to the encryption conversion server.
The first unpacking unit 12 is configured to unpack the first RTP packet to obtain wideband secret voice data and wideband encryption synchronization information;
the first decryption unit 13 is configured to generate a decryption key stream according to the broadband encryption synchronization information and the session basic information, and decrypt the broadband secret voice data according to the decryption key stream to obtain a voice plaintext in a broadband format;
specifically, the encryption conversion server device comprises a broadband encryption card for decrypting the received encrypted AMR speech frames.
The first conversion unit 14 is configured to convert the plaintext in wideband format into plaintext in narrowband format;
specifically, the encryption conversion server device comprises a voice code conversion module for converting the wide-band and narrow-band codes.
The first encryption unit 15 is configured to generate encryption synchronization information and an encryption key stream according to the session basic information, and encrypt the speech plaintext in the narrowband format according to the encryption synchronization information and the encryption key stream;
specifically, the encryption conversion server device comprises a narrow-band encryption card used for encrypting the voice frame in the narrow-band format.
The first sending unit 16 is configured to compose a second RTP packet by the encrypted narrowband format voice data and the encrypted synchronization information, and send the second RTP packet to the broadband core network.
Specifically, the encryption conversion server transmits the re-encrypted and packaged narrowband RTP voice packet back to the broadband cluster core network.
According to the voice encryption communication device between the different systems of the broadband and narrowband cluster provided by the embodiment of the invention, when voice encryption communication is required between the different systems of the broadband and narrowband cluster, a secret RTP voice packet transmitted from a calling terminal is transmitted to an encryption conversion server through a broadband core network, the encryption conversion server carries out unpacking, decryption, voice coding conversion and secondary encryption on the RTP packet, the RTP voice packet required by a called terminal system is formed again and transmitted back to the broadband core network, and the broadband core network transmits the RTP voice packet to the called terminal directly or through the narrowband core network. The embodiment of the invention has high data security, less time delay and good expandability.
On the basis of the above embodiment, the apparatus further includes:
a second receiving unit, configured to receive a third RTP packet and session basic information sent by a broadband core network when a calling party is a narrowband terminal and a called party is a broadband terminal, where the third RTP packet is composed of narrowband secret voice data and narrowband encryption synchronization information;
a second unpacking unit, configured to unpack the third RTP packet to obtain narrowband secret voice data and narrowband encryption synchronization information;
the second decryption unit is used for generating a decryption key stream according to the narrowband encryption synchronization information and the session basic information, and decrypting the narrowband secret voice data according to the decryption key stream to obtain a voice plaintext in a narrowband format;
the second conversion unit is used for converting the voice plaintext in the narrow-band format into the voice plaintext in the wide-band format;
a second encryption unit, configured to generate encryption synchronization information and an encryption key stream according to the session basic information; encrypting the voice plaintext in the broadband format according to the encryption synchronization information and the encryption key stream;
and the second sending unit is used for forming a fourth RTP packet by the encrypted voice data in the broadband format and the encrypted synchronous information and sending the fourth RTP packet to the broadband core network.
Specifically, when the calling party is a narrowband terminal and the called party is a broadband terminal, the encryption conversion server receives an RTP packet carrying narrowband encrypted voice data (such as an NVOC voice frame cipher text) and narrowband encryption synchronization information, which is transmitted by the narrowband core network, through forwarding of the broadband core network. Similarly, the encryption conversion server decrypts, converts and encrypts the RTP packet by the narrowband encryption card, the voice coding conversion module and the broadband encryption card, re-composes the RTP packet carrying the broadband secret voice data and the broadband encryption synchronization information, and transmits the RTP packet back to the broadband cluster core network.
On the basis of the above embodiment, the RTP packet includes an RTP packet header, an encrypted voice frame and an RTP packet tail, the encrypted voice frame carries wideband secret voice data or narrowband secret voice data, and the RTP packet tail carries encryption synchronization information.
Fig. 2 shows a schematic structural diagram of an RTP packet between an encryption conversion server and a broadband core network according to an embodiment of the present invention, where a P field in an RTP packet header is set to 1, and an RTP trailer is extended after a speech frame is encrypted to carry an encryption synchronization information padding field.
Fig. 8 is a schematic structural diagram illustrating a voice encryption communication device between different systems of a broadband and narrowband cluster according to an embodiment of the present invention. The device is applied to a broadband core network and comprises the following components: the first obtaining unit is used for obtaining the basic information of the session after the calling party and the called party establish connection;
specifically, after the call connection is established between the calling party and the called party, the wide/narrow terminal and the wide/narrow trunking core network have acquired the basic session information (calling number, called number, session type) through control signaling.
As shown in fig. 8, the apparatus further includes: a third receiving unit 21, a third transmitting unit 22, a fourth receiving unit 23, and a fourth transmitting unit 24, wherein:
the third receiving unit 21 is configured to receive a fifth RTP packet sent by the broadband terminal when the calling party is the broadband terminal and the called party is the narrowband terminal, where the fifth RTP packet is composed of broadband secret voice data and broadband encryption synchronization information;
specifically, when the calling party is a broadband terminal, the calling terminal encrypts the voice frame to be sent, and then, the encrypted broadband AMR voice frame and the encrypted synchronization information form an RTP voice packet, and then, the assembled RTP voice packet is sent to the broadband cluster core network.
The third sending unit 22 is configured to send the fifth RTP packet and the session basic information to the encryption conversion server;
specifically, if the broadband trunking core network determines that the called party is a narrowband terminal, it needs to send the basic information of the session and the RTP voice packet carrying the encrypted AMR voice frame and the encryption synchronization information to the encryption conversion server.
The fourth receiving unit 23 is configured to receive a sixth RTP packet sent by the encryption conversion server, where the sixth RTP packet is composed of narrowband secret voice data and narrowband encryption synchronization information;
specifically, the encryption conversion server performs unpacking, decryption, voice code conversion and secondary encryption on the received RTP packet, reassembles the RTP voice packet into the RTP voice packet required by the called terminal system, and then transmits the RTP voice packet back to the broadband cluster core network. The reconstructed RTP voice packet required by the called terminal system consists of NVOC narrowband voice frame cipher text and encryption synchronization information required by the called system.
The fourth sending unit 24 is configured to send the sixth RTP packet to a narrowband core network, so that the narrowband core network unpacks the sixth RTP packet into narrowband secret voice data and narrowband encryption synchronization information and sends the narrowband secret voice data and the narrowband encryption synchronization information to a narrowband terminal, and the narrowband terminal decrypts the narrowband secret voice data to obtain a voice plaintext.
Specifically, the broadband cluster core network transmits a received RTP packet carrying a narrowband NVOC voice frame ciphertext and encryption synchronization information to the narrowband core network, and the narrowband core network unpacks the received RTP packet into a narrowband NVOC secret voice frame and an encryption synchronization information frame and transmits the narrowband NVOC secret voice frame and the encryption synchronization information frame to the narrowband terminal; and the narrowband terminal decrypts the NVOC secret voice frame to obtain the NVOC voice frame plaintext.
According to the voice encryption communication device between the different systems of the broadband and narrowband cluster provided by the embodiment of the invention, when voice encryption communication is required between the different systems of the broadband and narrowband cluster, a secret RTP voice packet transmitted from a calling terminal is transmitted to an encryption conversion server through a broadband core network, the encryption conversion server carries out unpacking, decryption, voice coding conversion and secondary encryption on the RTP packet, the RTP voice packet required by a called terminal system is formed again and transmitted back to the broadband core network, and the broadband core network transmits the RTP voice packet to the called terminal directly or through the narrowband core network. The embodiment of the invention has high data security, less time delay and good expandability.
On the basis of the above embodiment, the apparatus further includes:
a fifth receiving unit, configured to receive, by the broadband core network, a seventh RTP packet sent by the narrowband core network when the calling party is the narrowband terminal and the called party is the broadband terminal, where the seventh RTP packet is composed of narrowband secret voice data and narrowband encryption synchronization information;
specifically, a narrowband encryption card is arranged on the narrowband terminal, when the calling party is the narrowband terminal and the called party is the broadband terminal, the calling terminal sends the encrypted NVOC narrowband speech frame and the encryption synchronization information to the narrowband cluster core network, and if the narrowband cluster core network judges that the called party is the broadband terminal, the encrypted NVOC narrowband speech frame and the encryption synchronization information form an RTP speech packet and are transmitted to the broadband core network.
A fifth sending unit, configured to send the seventh RTP packet and the session basic information to the encryption conversion server;
specifically, the broadband core network transfers the RTP packet carrying the narrowband secret voice data and the narrowband encryption synchronization information to the encryption conversion server, and the encryption conversion server performs unpacking, decryption, voice coding conversion and secondary encryption on the RTP packet, reconstructs an RTP voice packet required by the called terminal system, and transmits the RTP voice packet back to the broadband cluster core network.
A sixth receiving unit, configured to receive an eighth RTP packet sent by the encryption conversion server, where the eighth RTP packet is composed of wideband secret voice data and wideband encryption synchronization information;
specifically, the RTP voice packet transmitted back to the broadband core network by the encryption conversion server is composed of a broadband voice frame cipher text and encryption synchronization information required by the called system.
And a sixth sending unit, configured to send the eighth RTP packet to the broadband terminal, so that the broadband terminal unpacks the eighth RTP packet and decrypts the eighth RTP packet to obtain a plaintext.
Specifically, the broadband core network obtains the secret voice and the encryption synchronization information in the broadband voice format, and finally transmits the secret voice and the encryption synchronization information to the broadband terminal through the broadband system, and the broadband terminal decrypts the secret voice through the broadband encryption card to obtain the voice plaintext.
On the basis of the above embodiment, the RTP packet includes an RTP packet header, an encrypted voice frame and an RTP packet tail, the encrypted voice frame carries wideband secret voice data or narrowband secret voice data, and the RTP packet tail carries encryption synchronization information.
Fig. 2 shows a schematic interface format of an RTP packet according to an embodiment of the present invention, which is not described herein again.
Fig. 9 is a schematic structural diagram illustrating a voice encryption communication device between different systems of a broadband and narrowband cluster according to an embodiment of the present invention. The device is applied to a narrowband core network and comprises the following steps: the second acquisition unit is used for acquiring the basic information of the session after the calling party and the called party establish connection;
specifically, after the call connection is established between the calling party and the called party, the wide/narrow terminal and the wide/narrow trunking core network have acquired the basic session information (calling number, called number, session type) through control signaling.
As shown in fig. 9, the apparatus further includes: a seventh receiving unit 31 and a seventh transmitting unit 32, wherein:
the seventh receiving unit 31, when the calling party is a broadband terminal and the called party is a narrowband terminal, receives a ninth RTP packet sent by a broadband core network, where the ninth RTP packet is composed of narrowband secret voice data and narrowband encryption synchronization information;
specifically, when the calling party is a broadband terminal and the called party is a narrowband terminal, the broadband core network forwards an RTP packet transcoded and encrypted by the encryption conversion server to the narrowband core network, so that the narrowband core network obtains an NVOC secret voice data packet and encryption synchronization information required by the narrowband system.
The seventh sending unit 32 is configured to unpack the ninth RTP packet into narrowband secret voice data and narrowband encryption synchronization information, and send the narrowband terminal to decrypt the narrowband terminal to obtain a voice plaintext.
Specifically, the narrowband core network unpacks the received RTP packet into a narrowband NVOC secret voice frame and an encryption synchronization information frame and transmits the narrowband NVOC secret voice frame and the encryption synchronization information frame to the narrowband terminal; and the narrowband terminal decrypts the NVOC secret voice frame to obtain the NVOC voice frame plaintext.
On the basis of the above embodiment, the apparatus further includes:
an eighth receiving unit, configured to receive narrowband secret voice data and narrowband encryption synchronization information sent by the narrowband terminal when the calling party is the narrowband terminal and the called party is the broadband terminal, and form a tenth RTP packet with the narrowband secret voice data and the narrowband encryption synchronization information after determining that the called party is the broadband terminal;
and an eighth sending unit, configured to send the tenth RTP packet to a broadband core network.
Specifically, a narrowband encryption card is arranged on the narrowband terminal, when the calling party is the narrowband terminal and the called party is the broadband terminal, the calling terminal sends the encrypted NVOC narrowband speech frame and the encryption synchronization information to the narrowband cluster core network, and if the narrowband cluster core network judges that the called party is the broadband terminal, the narrowband secret speech data and the narrowband encryption synchronization information form an RTP speech packet and are transmitted to the broadband core network.
On the basis of the above embodiment, the RTP packet includes an RTP packet header, an encrypted voice frame and an RTP packet tail, the encrypted voice frame carries narrowband encrypted voice data, and the RTP packet tail carries encryption synchronization information. The interface format of RTP packet is shown in FIG. 2
Fig. 10 illustrates a physical structure diagram of a server, and as shown in fig. 10, the server may include: a processor (processor)41, a communication Interface (communication Interface)42, a memory (memory)43 and a communication bus 44, wherein the processor 41, the communication Interface 42 and the memory 43 complete communication with each other through the communication bus 44. Processor 41 may call logic instructions in memory 43 to perform the following method:
when a calling party is a broadband terminal and a called party is a narrowband terminal, an encryption conversion server receives a first RTP packet and session basic information sent by a broadband core network, wherein the first RTP packet consists of broadband secret voice data and broadband encryption synchronous information;
the encryption conversion server unpacks the first RTP packet to obtain broadband secret voice data and broadband encryption synchronization information;
the encryption conversion server generates a decryption key stream according to the broadband encryption synchronization information and the session basic information, and decrypts the broadband secret voice data according to the decryption key stream to obtain a voice plaintext in a broadband format;
the encryption conversion server converts the voice plaintext in the broadband format into the voice plaintext in the narrowband format;
the encryption conversion server generates encryption synchronization information and an encryption key stream according to the session basic information, and encrypts the speech plaintext in the narrow-band format according to the encryption synchronization information and the encryption key stream;
the encryption conversion server forms a second RTP packet by the encrypted voice data in the narrow-band format and the encrypted synchronous information and sends the second RTP packet to the broadband core network.
Furthermore, the logic instructions in the memory 43 may be implemented in the form of software functional units and stored in a computer readable storage medium when sold or used as a stand-alone product. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
In another aspect, an embodiment of the present invention further provides a non-transitory computer-readable storage medium, on which a computer program is stored, where the computer program is implemented to perform the transmission method provided in the foregoing embodiments when executed by a processor, and for example, the method includes:
when a calling party is a broadband terminal and a called party is a narrowband terminal, an encryption conversion server receives a first RTP packet and session basic information sent by a broadband core network, wherein the first RTP packet consists of broadband secret voice data and broadband encryption synchronous information;
the encryption conversion server unpacks the first RTP packet to obtain broadband secret voice data and broadband encryption synchronization information;
the encryption conversion server generates a decryption key stream according to the broadband encryption synchronization information and the session basic information, and decrypts the broadband secret voice data according to the decryption key stream to obtain a voice plaintext in a broadband format;
the encryption conversion server converts the voice plaintext in the broadband format into the voice plaintext in the narrowband format;
the encryption conversion server generates encryption synchronization information and an encryption key stream according to the session basic information, and encrypts the speech plaintext in the narrow-band format according to the encryption synchronization information and the encryption key stream;
the encryption conversion server forms a second RTP packet by the encrypted voice data in the narrow-band format and the encrypted synchronous information and sends the second RTP packet to the broadband core network.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (10)
1. A voice encryption communication method between different systems of a broadband and narrowband cluster is characterized in that the method is applied to an encryption conversion server, the encryption conversion server is connected with a broadband core network of the broadband cluster system, and the method comprises the following steps:
when a calling party is a broadband terminal and a called party is a narrowband terminal, an encryption conversion server receives a first RTP packet and session basic information sent by a broadband core network, wherein the first RTP packet consists of broadband secret voice data and broadband encryption synchronous information;
the encryption conversion server unpacks the first RTP packet to obtain broadband secret voice data and broadband encryption synchronization information;
the encryption conversion server generates a decryption key stream according to the broadband encryption synchronization information and the session basic information, and decrypts the broadband secret voice data according to the decryption key stream to obtain a voice plaintext in a broadband format;
the encryption conversion server converts the voice plaintext in the broadband format into the voice plaintext in the narrowband format;
the encryption conversion server generates encryption synchronization information and an encryption key stream according to the session basic information, and encrypts the speech plaintext in the narrow-band format according to the encryption synchronization information and the encryption key stream;
the encryption conversion server forms a second RTP packet by the encrypted voice data in the narrow-band format and the encrypted synchronous information and sends the second RTP packet to the broadband core network.
2. The method for voice encrypted communication between different systems in a broadband and narrowband cluster according to claim 1, further comprising:
when a calling party is a narrow-band terminal and a called party is a wide-band terminal, an encryption conversion server receives a third RTP packet and session basic information sent by a wide-band core network, wherein the third RTP packet consists of narrow-band secret voice data and narrow-band encryption synchronous information;
the encryption conversion server unpacks the third RTP packet to obtain narrow-band secret voice data and narrow-band encryption synchronous information;
the encryption conversion server generates a decryption key stream according to the narrowband encryption synchronization information and the session basic information, and decrypts the narrowband secret voice data according to the decryption key stream to obtain a voice plaintext in a narrowband format;
the encryption conversion server converts the voice plaintext in the narrow-band format into the voice plaintext in the wide-band format;
the encryption conversion server generates encryption synchronization information and an encryption key stream according to the session basic information; encrypting the voice plaintext in the broadband format according to the encryption synchronization information and the encryption key stream;
the encryption conversion server forms a fourth RTP packet by the encrypted voice data in the broadband format and the encrypted synchronous information and sends the fourth RTP packet to the broadband core network.
3. A voice encryption communication method between different systems of a broadband and narrowband cluster is applied to a broadband core network and comprises the following steps: after the calling party and the called party establish connection, acquiring basic session information; characterized in that the method further comprises:
when the calling party is a broadband terminal and the called party is a narrowband terminal, the broadband core network receives a fifth RTP packet sent by the broadband terminal, wherein the fifth RTP packet consists of broadband secret voice data and broadband encryption synchronization information;
the broadband core network sends the fifth RTP packet and the session basic information to an encryption conversion server;
the broadband core network receives a sixth RTP packet sent by the encryption conversion server, wherein the sixth RTP packet consists of narrowband secret voice data and narrowband encryption synchronous information;
and the broadband core network sends the sixth RTP packet to the narrowband core network, so that the narrowband core network unpacks the sixth RTP packet into narrowband secret voice data and narrowband encryption synchronous information and sends the narrowband secret voice data and the narrowband encryption synchronous information to the narrowband terminal, and the narrowband terminal decrypts the narrowband secret voice data to obtain a voice plaintext.
4. The method for voice encrypted communication between different systems in a broadband and narrowband cluster according to claim 3, further comprising:
when the calling party is a narrow-band terminal and the called party is a wide-band terminal, the wide-band core network receives a seventh RTP packet sent by the narrow-band core network, wherein the seventh RTP packet consists of narrow-band secret voice data and narrow-band encryption synchronization information;
the broadband core network sends the seventh RTP packet and the session basic information to the encryption conversion server;
the broadband core network receives an eighth RTP packet sent by the encryption conversion server, wherein the eighth RTP packet consists of broadband secret voice data and broadband encryption synchronization information;
and the broadband core network sends the eighth RTP packet to the broadband terminal so that the broadband terminal unpacks the eighth RTP packet and decrypts the eighth RTP packet to obtain the voice plaintext.
5. A voice encryption communication device between different systems of a broadband and narrowband cluster is characterized in that the device is applied to an encryption conversion server, the encryption conversion server is connected with a broadband core network of the broadband cluster system, and the device comprises:
a first receiving unit, configured to receive a first RTP packet and session basic information sent by a broadband core network when a calling party is a broadband terminal and a called party is a narrowband terminal, where the first RTP packet is composed of broadband secret voice data and broadband encryption synchronization information;
the first unpacking unit is used for unpacking the first RTP packet to obtain broadband secret voice data and broadband encryption synchronization information;
the first decryption unit is used for generating a decryption key stream according to the broadband encryption synchronization information and the session basic information, and decrypting the broadband secret voice data according to the decryption key stream to obtain a voice plaintext in a broadband format;
the first conversion unit is used for converting the voice plaintext in the broadband format into the voice plaintext in the narrowband format;
the first encryption unit is used for generating encryption synchronization information and an encryption key stream according to the session basic information and encrypting the speech plaintext in the narrow-band format according to the encryption synchronization information and the encryption key stream;
and the first sending unit is used for forming a second RTP packet by the encrypted voice data in the narrow-band format and the encrypted synchronous information and sending the second RTP packet to the broadband core network.
6. The device for wideband inter-trunking inter-system voice encryption communication according to claim 5, further comprising:
a second receiving unit, configured to receive a third RTP packet and session basic information sent by a broadband core network when a calling party is a narrowband terminal and a called party is a broadband terminal, where the third RTP packet is composed of narrowband secret voice data and narrowband encryption synchronization information;
a second unpacking unit, configured to unpack the third RTP packet to obtain narrowband secret voice data and narrowband encryption synchronization information;
the second decryption unit is used for generating a decryption key stream according to the narrowband encryption synchronization information and the session basic information, and decrypting the narrowband secret voice data according to the decryption key stream to obtain a voice plaintext in a narrowband format;
the second conversion unit is used for converting the voice plaintext in the narrow-band format into the voice plaintext in the wide-band format;
a second encryption unit, configured to generate encryption synchronization information and an encryption key stream according to the session basic information; encrypting the voice plaintext in the broadband format according to the encryption synchronization information and the encryption key stream;
and the second sending unit is used for forming a fourth RTP packet by the encrypted voice data in the broadband format and the encrypted synchronous information and sending the fourth RTP packet to the broadband core network.
7. A voice encryption communication device between different systems of a broadband and narrowband cluster is applied to a broadband core network and comprises: the first obtaining unit is used for obtaining the basic information of the session after the calling party and the called party establish connection; characterized in that the device further comprises:
a third receiving unit, configured to receive a fifth RTP packet sent by the broadband terminal when the calling party is the broadband terminal and the called party is the narrowband terminal, where the fifth RTP packet is composed of broadband secret voice data and broadband encryption synchronization information;
a third sending unit, configured to send the fifth RTP packet and the session basic information to an encryption conversion server;
a fourth receiving unit, configured to receive a sixth RTP packet sent by the encryption conversion server, where the sixth RTP packet is composed of narrowband secret voice data and narrowband encryption synchronization information;
and the fourth sending unit is used for sending the sixth RTP packet to a narrowband core network, so that the narrowband core network unpacks the sixth RTP packet into narrowband secret voice data and narrowband encryption synchronization information and sends the narrowband secret voice data and the narrowband encryption synchronization information to a narrowband terminal, and the narrowband terminal decrypts the narrowband secret voice data to obtain a voice plaintext.
8. The device for wideband inter-trunking inter-system voice encryption communication according to claim 7, further comprising:
a fifth receiving unit, configured to receive, by the broadband core network, a seventh RTP packet sent by the narrowband core network when the calling party is the narrowband terminal and the called party is the broadband terminal, where the seventh RTP packet is composed of narrowband secret voice data and narrowband encryption synchronization information;
a fifth sending unit, configured to send the seventh RTP packet and the session basic information to the encryption conversion server;
a sixth receiving unit, configured to receive an eighth RTP packet sent by the encryption conversion server, where the eighth RTP packet is composed of wideband secret voice data and wideband encryption synchronization information;
and a sixth sending unit, configured to send the eighth RTP packet to the broadband terminal, so that the broadband terminal unpacks the eighth RTP packet and decrypts the eighth RTP packet to obtain a plaintext.
9. An electronic device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, wherein the processor executes the program to implement the steps of the method for voice encryption communication between different systems of a broadband and narrowband cluster according to any one of claims 1 to 4.
10. A non-transitory computer readable storage medium, storing thereon a computer program, wherein the computer program, when executed by a processor, implements the steps of the method for voice encrypted communication between different systems of a wideband/narrowband cluster according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910541164.8A CN112118573A (en) | 2019-06-21 | 2019-06-21 | Voice encryption communication method and device between different systems of wide-band and narrow-band clusters |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910541164.8A CN112118573A (en) | 2019-06-21 | 2019-06-21 | Voice encryption communication method and device between different systems of wide-band and narrow-band clusters |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112118573A true CN112118573A (en) | 2020-12-22 |
Family
ID=73796457
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910541164.8A Withdrawn CN112118573A (en) | 2019-06-21 | 2019-06-21 | Voice encryption communication method and device between different systems of wide-band and narrow-band clusters |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112118573A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112887928A (en) * | 2021-03-01 | 2021-06-01 | 京东数字科技控股股份有限公司 | Broadband narrow-band communication conversion device |
| CN112953963A (en) * | 2021-03-15 | 2021-06-11 | 北京中联环信科技有限公司 | System and method for encrypting media stream content |
| CN112953964A (en) * | 2021-03-15 | 2021-06-11 | 北京中联环信科技有限公司 | Voice signaling encryption processing system and encryption processing method |
| CN113316092A (en) * | 2021-05-31 | 2021-08-27 | 海能达通信股份有限公司 | Call service control method, cluster system, terminal and communication system |
| CN114500167A (en) * | 2021-12-24 | 2022-05-13 | 海能达通信股份有限公司 | Information processing method, information processing device, electronic equipment and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102013973A (en) * | 2009-09-08 | 2011-04-13 | 同方股份有限公司 | Encryption and decryption commutator |
| US20110150219A1 (en) * | 2009-12-23 | 2011-06-23 | Motorola, Inc. | System and method of increasing encryption synchronization availability |
| CN109617908A (en) * | 2019-01-07 | 2019-04-12 | 北京航天晨信科技有限责任公司 | The classified information transmission method and system of integrated communication unit |
| CN109640280A (en) * | 2019-01-10 | 2019-04-16 | 深圳市沃特沃德股份有限公司 | Call control method, device, computer equipment and storage medium |
-
2019
- 2019-06-21 CN CN201910541164.8A patent/CN112118573A/en not_active Withdrawn
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102013973A (en) * | 2009-09-08 | 2011-04-13 | 同方股份有限公司 | Encryption and decryption commutator |
| US20110150219A1 (en) * | 2009-12-23 | 2011-06-23 | Motorola, Inc. | System and method of increasing encryption synchronization availability |
| CN109617908A (en) * | 2019-01-07 | 2019-04-12 | 北京航天晨信科技有限责任公司 | The classified information transmission method and system of integrated communication unit |
| CN109640280A (en) * | 2019-01-10 | 2019-04-16 | 深圳市沃特沃德股份有限公司 | Call control method, device, computer equipment and storage medium |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112887928A (en) * | 2021-03-01 | 2021-06-01 | 京东数字科技控股股份有限公司 | Broadband narrow-band communication conversion device |
| CN112887928B (en) * | 2021-03-01 | 2022-08-12 | 京东科技控股股份有限公司 | Broadband narrow-band communication conversion device |
| CN112953963A (en) * | 2021-03-15 | 2021-06-11 | 北京中联环信科技有限公司 | System and method for encrypting media stream content |
| CN112953964A (en) * | 2021-03-15 | 2021-06-11 | 北京中联环信科技有限公司 | Voice signaling encryption processing system and encryption processing method |
| CN112953963B (en) * | 2021-03-15 | 2023-04-07 | 北京中联环信科技有限公司 | System and method for encrypting media stream content |
| CN112953964B (en) * | 2021-03-15 | 2024-03-08 | 北京中联环信科技有限公司 | Voice signaling encryption processing system and encryption processing method |
| CN113316092A (en) * | 2021-05-31 | 2021-08-27 | 海能达通信股份有限公司 | Call service control method, cluster system, terminal and communication system |
| CN113316092B (en) * | 2021-05-31 | 2023-01-17 | 海能达通信股份有限公司 | Call service control method, cluster system, terminal and communication system |
| CN114500167A (en) * | 2021-12-24 | 2022-05-13 | 海能达通信股份有限公司 | Information processing method, information processing device, electronic equipment and storage medium |
| CN114500167B (en) * | 2021-12-24 | 2023-11-24 | 海能达通信股份有限公司 | Information processing method and device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112118573A (en) | Voice encryption communication method and device between different systems of wide-band and narrow-band clusters | |
| EP1878285B1 (en) | Fast user plane establishment in a telecommunications network | |
| EP1738508B1 (en) | Method and apparatus for transporting encrypted media streams over a wide area network | |
| EP1384347B1 (en) | Method and system for secure transcoding | |
| JP2002044135A (en) | Encryption device and encryption communication system | |
| US10630656B2 (en) | System and method of encrypted media encapsulation | |
| AU2014250623B2 (en) | Methods, systems, and devices to reduce audio truncation during transcoding | |
| CN109714295B (en) | Voice encryption and decryption synchronous processing method and device | |
| CN108966217A (en) | A kind of secret communication method, mobile terminal and secrecy gateway | |
| CN114826748B (en) | Audio and video stream data encryption method and device based on RTP, UDP and IP protocols | |
| CN112866994B (en) | Encryption communication method and system for carrying narrowband speech coding by LTE (Long term evolution) | |
| CN100463551C (en) | System and method for realizing encrypted communication in mobile communication system | |
| US9338144B2 (en) | System and method for operating on streaming encrypted data | |
| US7460671B1 (en) | Encryption processing apparatus and method for voice over packet networks | |
| RU2132597C1 (en) | Method for encryption and transmission of encrypted voice data in gsm-900 and dcs-1800 cellular mobile communication networks | |
| RU2433547C1 (en) | Method, apparatus and system for end-to-end encryption of voice data and transmission thereof over public communication networks | |
| CN110225518A (en) | Method, terminal device and the network equipment of message transmission | |
| CN114500167B (en) | Information processing method and device, electronic equipment and storage medium | |
| CN220545151U (en) | Logistics data encryption device, system and transmission device | |
| CN108986829B (en) | Data transmission method, device, equipment and storage medium | |
| CN110650476B (en) | Management frame encryption and decryption | |
| CN108391252B (en) | Data packet processing method and device | |
| CN116647330A (en) | Data transmission method and device | |
| JP2010171969A (en) | Method and system for simultaneously communicating utility data and voice data | |
| CN1371082A (en) | Method and mobile device for end-to-end enciphere |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20201222 |