CN1240547A - Use of duplex cipher algorithms for satellite channels with delay - Google Patents
Use of duplex cipher algorithms for satellite channels with delay Download PDFInfo
- Publication number
- CN1240547A CN1240547A CN 97180652 CN97180652A CN1240547A CN 1240547 A CN1240547 A CN 1240547A CN 97180652 CN97180652 CN 97180652 CN 97180652 A CN97180652 A CN 97180652A CN 1240547 A CN1240547 A CN 1240547A
- Authority
- CN
- China
- Prior art keywords
- station
- block
- control station
- encryption
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
- Radio Relay Systems (AREA)
Abstract
An apparatus and method for ciphering traffic exachanged in both directions between a satellite/cellular telephone and a ground station networkusing an orbitial satellite. A buffer memory is provided at either the mobile telephone station or the ground network station or both. The buffer memory is used to store the deciphering bits output from a duplex ciphering algorithm at the time the ciphering bits are generated. The stored ciphering bits are used to decipher a later-to-be-received traffic information block. The delay in using stored deciphering bits is determined for each call at call set-up to the nearest integer number of block periods by measuring the loop propagation delay from the ground station to the mobile telephone station during an exchange of signals at call set-up.
Description
FIELD OF THE INVENTION
The present invention is relevant for example to flow at the cocommutative secure service of both direction between ground station's network of satellite/cell phone and use orbiter, and its intermediate ring road propagation delay is more much longer than the cryptographic block cycle.Particularly the invention solves two satellite/cell telephone sets problem of direct communication each other that allows, therefore avoided under the situation of using ground station, calling out the double jump time delay during relaying via satellite twice.
The background of invention
At present, support the orbiter of mobile or cell-phone communication to propose a lot of suggestions to emission.Fig. 1 has illustrated the block diagram of satellite communication.Orbiter 110 is called the ground station of central station (HUB) 100 or the station and a plurality of portable mobile radio station or phone 120 with at least one and communicates by letter.Each phone is by appropriate in the multiple spot beam antenna on a satellite antenna beam service, and multiple spot beam antenna provides higher gain to each phone direction.Central station uses for example C-band or K-band frequency and satellite communication, and satellite for example uses L-band (up link) to communicate by letter with phone with S-wave band (down link) frequency.Although great majority are called out between fixing (public switched telephone network PSTN or wired) user and ICBM SHF satellite terminal, there is sub-fraction to call out between the pair of satellite terminal.Under latter event, need avoid double signal transmission delay from a terminal to satellite: this signal by satellite relay to the ground network switch; From switch get back to satellite and finally from satellite to second terminal.In this way, signal has been propagated ground-satellite distance of four times, has increased the time delay of voice.
In cellular system, propagation delay is very short, and mobile phone can use identical block counter value to sending block encryption and to receiving the piece deciphering, and network or base station also can be done like this.In such as above-mentioned gsm system, the tdma frame cycle is approximately 4.6ms, is scaled distance with the light velocity, equals 1380Km, or every road 690Km.The cellular service radius of society seldom surpasses 30Km, and still the following again distance to ground from the satellite phone to the satellite is 2000KM for low-orbit satellite, reaches 80000Km for geosynchronous satellite.
Double-encryption (duplex cipher) algorithm (the A5 algorithm that for example is called the European Digital Cellular System defined of GSM) uses block counter and secret session key to produce and encrypts bit, to the business datum block encryption.Each business module increases progressively block counter, and for example these business modules can be the signal bursts that sends in each time division multiple access frame once.When the signal that sends from the satellite phone is transmitted and is received on ground once more by satellite, be used for to the block counter of signal encryption compare with the current block counter will be expired much individual block period.
U.S. Patent application No.08/581,110 have described by with the direct repeating system each other of the signal between two mobile radio stations, avoid between them the double jump time delay by orbiter communication.This application has disclosed, the down link form that up link form that sends when mobile radio station and mobile radio station are expected is not simultaneously, on aircraft to the signal reformatting, this heavy format also comprises a time delay, this is to allow two mobile radio station time division duplexs (time-duplex) solution necessary, do not require that by this they send simultaneously and receive, but the short burst on the alternating direction.
The U.S. patent application No.08/681 that is entitled as " Method and Apparatus For Enabling Mobile-to-MobileCalls in a Communications System (method and apparatus that the mobile radio station that is used for the enable pass communication system is called out to mobile radio station) ", 916-here in conjunction with as a reference-disclosed problem and the solution of setting up public keys between two mobile radio stations of different KIs having.
The use of double-encryption algorithm in cellular system, it is known in the art using identical session key that two-way services are encrypted.For example, this algorithm is at U.S. patent application No.07/708, describes in 876, and the application is here all in conjunction with as a reference.
The GSM digital cellular standard is used the double-encryption algorithm that is called A5, and its general structure is at " Applied Cryptography-Second Edition (practical-second edition of encrypting) " (John Wiley﹠amp of Bruce Sshneier; Sons) describe in.This structure is used for the application.
U.S. Patent number 5,060,266 have described the method that guarantees continuous synchronization between the block counter when using this double-encryption algorithm at the two ends of communication link.This patent is also all here in conjunction with as a reference.But it does not have to disclose or solves: compare with required synchronization accuracy when very big when the two distance of spatially separating is converted into time delay with the light velocity, synchronous problem is kept at two ends.
U.S. Patent number 5,081,679 have disclosed, and synchronous method is thought highly of in the block count that the service area that leaves a base station when mobile radio station is used to encrypt when entering the service area of another base station with out-of-sync counter.Present patent application is also all here in conjunction with as a reference.It has solved the problem that the block counter in the mobile radio station is changed to second counter phase from first counter phase, so that block counter is aimed at the counter in the new base station, but it does not disclose or solves the problem that multiply by the base station communication far away of the light velocity in encryption mode with distance greater than the block counter clock cycle.
U.S. Patent number 5,091,942 and its later patents numbers 5,282,250 described network station confirm being designated of mobile radio station real and mobile station classes like confirmed between network station and mobile radio station, to set up the method for public keys in the authentication process of network station sign.Above two patents here all in conjunction with as a reference.The prerequisite of described method is, mobile radio station and network can both access authentication key or public A-keys, but do not wish by discharging it so that specific call is encrypted and under attack.The patent of top combination all is not described between first mobile radio station with A-key or any public secret information and second mobile radio station and sets up public keys.
Described herein when of the present invention when realizing, above-mentioned statement or the deficiencies in the prior art part all can remedy.
Brief summary of the invention
According to the first aspect of invention, in mobile telephone station or ground network station or the two, provide a buffer memory.Buffer memory is used to be stored in the deciphering bit of exporting according to the double-encryption algorithm when producing the encryption bit.The encryption bit of being stored is used for the business information piece deciphering to later reception.The time delay that the deciphering bit of use storage causes is determined when per call is set up, and promptly by the loop propagation delay of measurement from the ground station to the mobile telephone station in call setup switching signal process, thereby this time delay is defined as an immediate integer block period.
According to a second aspect of the invention, buffer memory is provided at the first and second mobile-satellite exchanges.Buffer memory is used for transmission with second output simultaneously and encrypts in first output that first mobile radio station is used to store the double-encryption algorithm.The buffer memory of the second mobile-satellite exchange is used to store second output of identical double-encryption algorithm, simultaneously first output is used for transmission and encrypts.After the block period of integral number postpones, call the output of the cryptographic algorithm of being stored again then, and be used for decrypted signal from receiving each other at two mobile radio stations.Time delay is stood in the process with two mobile radio station switching signals by ground network when the call setup to be determined, first mobile radio station is identified as the beginning and exhales and store first and encrypt output, and second mobile radio station is identified as called and stores second and encrypt output.
The third aspect according to invention, use in the pattern of independent sessions secret key encryption separately at each station, mobile-to-mobile is called out by setting up contact between ground network and two mobile radio stations and is begun, and after the loop time delay of having set up direct mobile-to-mobile connection, ground network provides common session key and loop time delay parameter, thereby allows to use the direct mobile-to-mobile of encrypting to call out.
In another realization of invention, block counter provides a block count value and a session key to key generator.Key generator is combined with block count value and session key, and output is used for the encryption bit encrypted from the data of first stop emission.The block count value also offers algorithm unit with a predetermined time delay counting, so that produce count value early again.Again the count value early and the session key that produce offer key generator together, so that produce the key stream bit, with the data burst deciphering that is used for first stop is received, sent earlier by second station.This reception is postponed from second signal propagation time to first stop, and equals to be represented as the immediate integer preset time delay value in a block count cycle.Calculate preset time delay value with the ground network all communicated by letter in first and second stations initial when setting up communication, and the time delay value that is calculated is passed to two stations with common session key.Then, order first and second stations to use the session key and the time delay value that send from ground network independently to communicate with one another, so that realize the encryption and decryption of Business Stream.
Brief description of the drawings
These and other the characteristic and the advantage of invention will and be easy to understand in conjunction with the accompanying drawings concerning one of ordinary skill in the art from the following description of writing, wherein:
Fig. 1 illustrates satellite communication system;
Fig. 2 illustrates the encryption based on block counter of prior art;
Fig. 3 illustrates the double-encryption algorithm of demonstration;
Fig. 4 illustrates the clock periodicity that is used to produce the encryption and decryption bit;
Fig. 5 illustrates GSM TDMA burst format;
Fig. 6 illustrates the double-encryption mechanism of revising according to an embodiment of the invention;
Fig. 7 is the flow chart that illustrates one embodiment of the invention;
Fig. 8 is the flow chart that illustrates another embodiment of the present invention;
Fig. 9 illustrates and use block counter according to one embodiment of present invention in address generator;
Figure 10 illustrates another kind of the realization;
Figure 11 illustrates the block count value of preserving early; And
Figure 12 is the flow chart that illustrates another embodiment of the present invention.
Describe in detail
Fig. 2 illustrates the double-encryption that is used for the prior art that sends signal encryption and decipher to received signal.By providing the pulse of piece clock count that block counter 10 is increased progressively, the previous value of a multiple digital value COUNT (counting) is changed into its next one value of order.Counting sequence not necessarily each clock cycle (tick) add one simple binary or decade counter, but can comprise many radixes counter and increase progressively the counter that surpasses a numeral at every turn.Counter also can be a pseudo-random sequence generator in principle, although the back may be found, an advantage of the encryption that block count drives is just, can determine a back value or the future value of COUNT at an easy rate by the time shifting value that adds deduct from current count value, this is more direct for sequence numbering counting order, and the pseudorandom counting sequence is more difficult.Therefore simple binary counter is the preferred embodiment of block counter 10.
At each piece after the clock cycle, New count offers double-encryption algorithm 11 with set up and have only the session key that they know for the station that communicates with one another.Double-encryption algorithm 11 calculates two multiple digital outputs that are designated as 11a and 11b.An output 11a feed-in transmitter 12 is used for there to the transmitting business stream encryption, for example the corresponding bits by will encrypting the binary digit exported and digitlization business information by bit mould-2 addition carry out.Use encrypting other method that bit encrypts Business Stream can certainly use, and for example uses to encrypt bit control and send putting in order of signal element, maybe will encrypt bit and offer piece-combinational algorithm with the service bits of block mode, for example the DES algorithm.
Another output 11b of double-encryption algorithm 11 offers receiver 13 simultaneously, and is used for receiving business information piece or burst deciphering by encrypting inverse process.If the mould of bit-wise-2 addition is used for encrypting, be used for deciphering so equally, because mould-2 addition is identical with its contrary (mould 2 subtractions).In addition, if the addition of another kind of form is used for encrypting, need so the subtraction of equivalence is used for decryption oprerations.For example, be used for encrypting if signal element is arranged, so contrary the arrangement is used for deciphering.
Fig. 2 illustrates an end of communication link between two stations.The second station (not shown) will be used identical device fully, and its difference is in output 11a feed-in second receiver is used for deciphering, and output 11b is used for feed-in second transmitter to encrypt.By using output 11a and 11b on the contrary, can be so that only when propagation delay be very little with respect to the time between the piece clock pulse, ability can exchange two-way Business Stream in encryption mode.Therefore, when the propagation delay of both link ends was a lot of block periods, the double-encryption of the prior art of Fig. 2 was out of use.For example, if equaling 1000 according to first equipment of Fig. 2 with block count encrypts, and coded signal when propagating into second equipment according to Fig. 2 propagation delay be 50 block counts, if the block counter of second equipment is synchronized to first equipment so, will the value of moving to 1050, this can not correctly decipher.Therefore the block counter of second equipment must postpone 50 block counts, could be when first equipment be encrypted with 1000 block count, and block counter value of obtaining 950 of second equipment is also deciphered the pieces that 50 countings are early launched.Yet second equipment can be with identical 950 pairs of block encryptions that send to first equipment of delay block counting; After the propagation delay of 50 block counts, these pieces of encrypting with block count=950 will arrive first equipment in block counter after 1000 move to 1050, and error reaches 100.Therefore can not make two ends synchronous by the one or both ends of encryption mechanism are leading relative to each other or delay.
It is above-mentioned A5 algorithm that Fig. 3 illustrates demonstration double-encryption algorithm.Three separately length provide clock for 19,22 and 23 grades linear feedback shift register 20,21,22 by clock control circuit 24a, 24b, 24c, 24d, 3 bits of each generation, carry out XOR in XOR circuit 23, each clock cycle produces a bit output.The order output bit that obtains after the initialization procedure constitutes the key stream of encryption and decryption.
Clock control circuit 24 comprises Large Number Decision Circuit 24a, and it compares register 20 bits 11, register 21 bits 12 and register 22 bits 13, determines whether binary one is more than binary zero.For example, if register 20 bits 11 and register 22 bits 13 are " 1 ", have two " 1 " at least, therefore " 1 " is most, Large Number Decision Circuit output " 1 ".If but zero be most, Large Number Decision Circuit 24a output zero.
The output of Large Number Decision Circuit 24a is compared with register 20 bits 11 in XOR gate 24d.If these are worth coupling, it just represents that the bit 11 of register 20 is one of big numerical value, and produces one " 0 " from XOR gate 24d, makes register 20 displacements when clock pulse imports 28 when clock pulse offers.Similarly, XOR gate 24c and 24b determine whether belong to big number from the bit 12 of register 21 with from the bit 13 of register 22 respectively, and if will make their register shift separately.Therefore, the effect of clock control circuit 24a, b, c, d is at least two in three registers, i.e. big number wherein carried out dextroposition at 28 o'clock clock pulse being offered input.
Above-mentioned clock control circuit be register use session key and the initialization of block count starting state and a plurality of clock pulse of providing according to Fig. 4 after just use.After initialization, provide 100 clock pulse so that replace the starting state of register with amount that determine, still very difficult prediction.Then, provide 114 other clock pulse, after each such pulse, extract the key stream bit from XOR gate 23.Use 114 bits that extract that the Business Stream on the direction is encrypted then, or the Business Stream on the other direction is deciphered.In the use subsequently of 114 clock pulse, 114 bits in addition extract and are used for the deciphering of Business Stream in the encryption of first direction Business Stream or the second direction from XOR gate 23.
Fig. 5 is a GSM TDMA burst format, and how expression provides 114 key stream bits so that to 57+57 business information bit encryption.Time slot format (A) comprises 26 bit sync word at center, is used for synchronously and equalizer training.In each side of synchronization character, flag bit F represents whether this burst comprises digitized voice, fast associated control channel (FACCH) message or half voice and half FACCH.One be sidelong and put 57 data bits in each of flag bit, obtain 114 bits altogether.Have only these data bits by itself and 114 key stream bit XORs are encrypted, these 114 key stream bits are divided into two relevant block of 57 key stream bits, shown in (B).End in burst; add 4 tail bit; echo in the propagation channel is disappeared, allow the rising/trailing edge time of 6.25 other bit periods also to be used for the guard time between the time slot then, allow to exist between the adjacent time-slots some little slot timings to change and do not produce interference.
Initialization step comprises each register of zero clearing, with the session key and the block count of present frame it is loaded then.The block count of the session key of 64 bits and 22 bits is connected and constitutes the initialization sequence of 86 bits, offers input 29 by the serial data mode, thereby these bits implementation XORs enter the register feedback path there.In order to guarantee that each register is influenced by each bit, all three registers 86 keys+counter bit that in initialization procedure, all is shifted.After this, the displacement of register then is pursuant to clock control circuit 24a, b, c, d and carries out in 100 mixing cycles and 228 key stream extracting cycles, as previously mentioned.
In Fig. 5, the form that is designated as (C) is the burst format that is suitable for satellite communication that obtains from GSM, as U.S. Patent application No.08/501, is disclosed in 575, and this patent application is here in conjunction with as a reference.
In order to improve the communication efficiency in the satellite mode, cancel two flag bits and four synchronization bits, the data content of time slot is increased to the 60+60 bit from the 57+57 bit.The usefulness of the equalizer training of the considerable enough satellite channels of 22 bit sync word that reduce, less because it is subjected to the influence of temporal dispersion.Do not need flag bit to distinguish voice and FACCH, and be to use U.S. Patent No. 5,230, this task is finished in the invention that discloses in 003, and this patent is here all in conjunction with as a reference.
Can see that form (C) comprises 3 bits, place each side of synchronization character, not overlapping with corresponding secret key stream bit from each 57 bit keys stream piece (B).Therefore, if the GSM hardware of realizing burst formatization and encryption is made minimum change, then these 3+3 bits can be not encrypted.But when considering U.S. Patent application No.08/501, the diagonal interlacing pattern that discloses in 575, the unencrypted bit is the bit that isolates in the output sequence of error correction coding process, its adjacent bit is encrypted.Owing to when coded-bit on every side is encrypted, can not carry out error correction decoding, therefore not encrypt the not very big fail safe loss of these three extra data bits based on an isolated plain text coded-bit.But, the more important thing is, should shield the 3+3 bit of being discussed differently at the signal (so-called co-channel interference) that uses the same frequency in different service cells or the wave beam, similarly be encoded because if disturb, error correction coding can not help the filtering co-channel interference.In Fig. 5, the synchronization character (D) of expansion comprises normal 22 synchronization bits, the latter wishes that also they are different among one group of co-channel interference, by adding 3 bit expanded at every end is 28 bits, thus overlapping 3+3 extra data bit and carry out XOR with the extra data bits that burst is set up in the process.3+3 synchronization character extended bit also is picked as difference between co-channel interference meticulously, so that obtain the interference identification advantage of these three bit error correction codings.
Certainly, can revise the A5 algorithm of Fig. 3 simply, produce 240 key stream bits and be used for encryption and decryption, but when designing with realization satellite communication pattern by minimum modification existing hardware, the combination of Fig. 5 (B+C+D) is preferred.
Fig. 6 illustrates and need the double-encryption mechanism of the prior art of Fig. 2 be changed, and realizes to finish first of invention, its objective is to make duplex communication cross over farther distance.Address generator 31 produces the write address of circular buffer memory 30 and reads the address.Address generator will make the read and write address increment when the piece clock pulse is provided with increase block counter 10 at every turn.Reading the address equals write address and deducts and be that each calls out the constant time-delay value of determining.Calculate with mould-N the address, and N is the size with the circular buffer memory of encrypting bit block calculating.For example, comprise 114 bits if encrypt bit block, as using Fig. 2 logic to be produced, and N is 64, and the size of memory is 114 * 64 bits or 912 bits so.Value N=64 is provided with the maximum that time delay value can reach, and therefore is provided with by the first stop of orbiter communication and maximum loop propagation delay and the loop range between the second similar station.For example, if be 51 block counts to the actual time delay of a specific call, the relation of reading address and write address is so obtained by following equation:
Read the address=| write address-51|
64=| write address+13|
64
Therefore, can obtain reading the address from write address equally by the complement code that time delay value mould-N is added N, in this case, complement code is 13.
Identical with the double-encryption equipment hypothesis of the link other end in the devices communicating of Fig. 6 with function among Fig. 6, its difference is that second equipment uses key stream 116 rather than key stream 11a that transmission is encrypted, and key stream 11a will be routed to memory 30 so that be used for receiving data decryption after postponing.Identical time delay value can be used in two ends, promptly from first communication equipment via satellite relay station to the single channel propagation delay of second communication equipment.Perhaps, use different time delays, as long as their sums equal the two-way propagation delay, and the block counter of adjusting them is this synchronously because the time delay memory has been arranged to guarantee the encryption synchronisation at two ends, so be feasible when realization is of the present invention.
Above-described the present invention will further explain that also this figure has illustrated and used the control station network delivery to be subjected to the method for the information of encipherment protection with reference to figure 7 between the first transmitter-receiver station and the second transmitter-receiver station.The communication of encrypting is at first being set up between the control station network and second station between control station network and the first stop and independently.Session key from the control station network sends to first stop, and sends to second station independently.Determine the propagation delay between control station network and the first stop, and the propagation delay between the definite control station network and second station.Handle propagation delay so that the direct propagation delay of determining when not comprising the control station network, to communicate by letter between first and second stations.Then direct propagation delay is sent to first stop from the control station network, and send to second station independently.Then, to first stop, also independently to the second station transmitting channel distribution, the order first stop and second station begin to communicate with one another by using session key and direct propagation delay value encryption and decrypted signal from the control station network.
In an alternative embodiment of the invention shown in Figure 8, the propagation delay of communicating by letter respectively between the control station network of being set up and first and second station is added in together.Then, determine to return the loop propagation delay of Control Network, and will therefrom it be cut to obtain the single channel time delay of direct communication via satellite between first and second mobile radio stations from Control Network.The channel allocation that comprises the single channel time delay sends to first mobile radio station from the control station network, and independently to second mobile radio station, and order first and second mobile radio stations to bring into use channel allocation and communicate with one another, and use session key and single channel propagation delay value to encrypt and decrypted signal.
In a specific implementation, used time delay value can be greater than the pure dissemination time delay so that the processing delay in the consideration equipment, for example, demodulation, interweave, error correction decoding or other signal processing function that can not carry out immediately.
Write address is used for the memory block that the deciphering bit export orientation of algorithm 11 is specific after increasing progressively by the control of piece clock pulse, for example the zone of 114 bits.On the other hand, read the address and be used to point to a memory block (early the deciphering bit block of storage will obtain therefrom), and be used for receiver 13 is rigidly connected the decrypts information of receipts.
Certainly, postpone to use other method of deciphering bit also can use, for example shift register or fifo registers (FIFO), but, therefore, use more practical with random access storage device (RAM) chip of suitable addressing logic 31 when delay amount variable, when the length of required shift register or FIFO is always not identical.But all equivalent methods that will postpone a given chain-circuit time delay from the use that the deciphering bit of double-encryption algorithm is exported all are considered to be within the described spirit and scope of the invention of claims.
In some cases, the minimum effective counting stage of block counter 10 is used the counting module identical with address generator 31, so, the least significant digit of directly using block counter 10 can be simplified address generator 31 as an address and by mould-N given time delay value that adds deduct.
This device is represented at Fig. 9.Block counter 10 has been expanded, and for example is used for the more details of the block counter of gsm system so that represent typical block counter.Divided by 51, this is the repetition period of sub-multiple connection frame on the Broadcast Control Channel to the first counter LSB level 10a, describes in the reference as institute's combination with the piece clock.Concurrently for the second counter LSB level 10b provides clock control, and with piece or the frame number between slow associated control channel (SACCH) burst it is divided by.In GSM, counter 10b counts 8 time slots of 52 frames, but in the satellite modification of describing in conjunction with each list of references of the present invention, counter 10b counts 26 16 time slot frames.Clock control is provided and only produces a carry pulse simultaneously in 51 * 52 pulses for counter 10a and 10b together, this incident is detected by AND door 10d, produces carry pulse so that increase progressively the highest effective counter stage 10c---and one is removed 1024 circuit.In this example, total cycle of counter 10 is 51 * 52 * 1024, but counter modulus should be thought exemplaryly accurately, is not limitation of the present invention.For example, counter modulus can be 51 * 26 * 2048 or 17 * 13 * 12288 and realize the same repetition period equivalently.Preferably the gated counter structure is consistent with time slot, frame and superframe timing and multiple connection structure, it just has a benefit as the time base of encrypting like this: in case obtain substantially with signal structure synchronously, encryption synchronisation also can obtain, and does not need more synchronizing process.
In Fig. 9, minimum effective counter 10b also offers buffer memory 30 as reading the address.Write address is read to produce on the address by single channel propagation delay value is added in mould-52 adder 32.The block count of 22-bit offers double-encryption algorithm 11 with session key.The encryption and decryption bit in cryptographic algorithm as the function of key and block count and produce.Encrypting bit almost is used for the block of information of emission is encrypted immediately.But the deciphering bit is stored on the position in the memory, that provide from the write address of adder 22, and the front, address (in a looping fashion) that the address is read out under helping is being read at the deciphering bit that early writes in this position.Write address points to the clear position that comprises the deciphering bit of reading and being used for deciphering before the certain hour, and it can be covered by the new output from cryptographic algorithm 11.This new output is used for setting up with it the encryption of second similar devices of duplex communication link simultaneously, but encrypt bit up to from second equipment via satellite relay station to first device radiates in the middle of distance after, just be received in first equipment, this distance can reach more than the 80000Km under the geosynchronous satellite situation.Press the light velocity, this represents the time delay of 266.6ms, perhaps 57.8 GSM tdma frame cycles, perhaps frame period of 28.9 16 time slots, U.S. Patent application No.08/501 for example, the frame period useful to satellite communication of being disclosed in 575.This patent application is here all in conjunction with as a reference.
Therefore, because via satellite mobile-to-mobile time delay is less than 52 frames during 16 time slot tdma forms when use, the circular buffer memory 30 with 52 positions (the deciphering bit (for example 114) of a frame can be stored in each position) is enough to comprise desired propagation delay scope.
The size that realizes Fig. 6 and 9 required buffer memories equals propagation delay and multiply by the per second that is delayed and encrypt bit number.Per second is encrypted bit number and is equaled communication link information speed at least, and may be greater than information rate, and this situation has increased redundancy corresponding to convolutional encoding.If memory span is excessive, can use another implementation of Figure 10, it has cancelled buffer memory.In Figure 10, carry out first copy of cryptographic algorithm 11, so that the session key is combined into block counter 10 outputs that do not add change, thereby produce encryption and decryption output 11a and 11b.At an end of duplex communication link, first transreceiver 12,13 uses the output 11a of first copy of cryptographic algorithm, so that transmission is encrypted.At the other end of duplex communication link, use the similar devices of Figure 10 in Figure 10, to provide the encryption and decryption bit with second transreceiver 12,13 shown in the dotted line.First copy of cryptographic algorithm offers second transreceiver with its output 11b, so that transmission is encrypted.
A time delay deviant is added in the output of mould-32 pairs of counters 10 of n adder, so that produce the counting of revising.The counting of revising offers second copy (it can be that among Figure 10 the two to be provided identical label justified with carrying out the second time of a slice hardware, therefore illustrating) of cryptographic algorithm 11.Second copy of cryptographic algorithm 11 or carry out and will synthesize with session key from the modification counting of adder 32, thus the used deciphering bit 11b of first receiver 13 obtained.Because the signal of receiver receive delay, the time delay deviant of adding in the adder 32 is corresponding to a negative value, and promptly positive time delay value is to the complement code of n.Perhaps, can use the modification counting of representing the upscaling block Counter Value, so that produce the encryption bit 11b in first transceiver 12,13, and the output of unmodified counter is used for producing deciphering bit 11a.Be connected in a similar fashion to Figure 10 with second transceiver 12,13 shown in the dotted line among Figure 10, but the output 11b that is to use cryptographic algorithm 11 first to carry out encrypts (if output 11a is used for rightabout encryption), and the output 11a that cryptographic algorithm 11 second is carried out is used for deciphering (supposing that the output 11a of cryptographic algorithm second execution is used for the deciphering of another transceiver) in second transceiver.Perhaps, if the output 11b that cryptographic algorithm 11 second is carried out is used for the encryption of first transceiver, the output 11a of cryptographic algorithm 11 second execution is used for deciphering in second transceiver so.
The mould of adder 32 " n " must be corresponding to the complete count cycle of counter 10.For the counter structure that comprises sub-counter 10a, 10b, 10c shown in Fig. 9, as shown in Figure 9 mould-52 adder is not simple to be used for adder that Figure 10 realizes.In Fig. 9, needn't produce corresponding to the modification of counting early and count, because encrypt bit corresponding to the counting early that is stored in the buffer memory 30.But morning, counting was carried out the required buffer memory of cryptographic algorithm 30 for the second time for fear of using, and morning, counting must be available for all, and this comprises sub-counter 10a, 10b and 10c that modification is all.
For example, suppose that counter 10b comprises counting 47 at present, counter 10a comprises counting 15, and wishes to produce again preceding 39 count value.From counter 10b, deduct 39 and can not produce underflow, so we know that counter 10b can early not produce carry between counting and the current counting.The value early of sub-counter 10a is 15-39=-24, and this is mould-51 counting+27.-24 minus symbol is represented underflow, promptly early produces a carry between counting and the current counting.If this carry and sub-counter 10b produce simultaneously, it represents that counter 10c is also increasing progressively between counting and the current counting morning, therefore must successively decrease and count morning to produce.This situation only group counter 10a and 10b equates at present and just occurs during less than the time delay value that subtracted, therefore respectively before mould-51 and mould-52 deduct the time delay skew, tested the equality of sub-counter 10a, 10b, represented then whether counter 10c must successively decrease to produce effectively counting early.Perhaps, increase progressively the counting encryption if use, the counting of cryptographic block early that uses in the so current counting representative deciphering, sub-counter 10a, 10b must be respectively increase progressively identical time delay skew in separately mould-51 and mould-52 adder, increasing progressively back test equality, whether be necessary that antithetical phrase counter 10c adds one to produce effective encryption Counter Value then so that determine whether to produce carry simultaneously.
Another kind of change the circular buffer memory 30 storage block counts early that are to use Fig. 9, rather than the output bit of cryptographic algorithm early, the block count here comprises less bit, as shown in figure 11.
30 of the buffer memories of Figure 11 need the counting early of sub-counter 10b of storage and 10c, and 16 bits altogether are because the counting of sub-counter 10a is implicit in the storage address.Current 16 bit values of counter 10b, 10c are written into an address of the buffer memory 30 of 51 words, counter 10a provide current read the address before, leading amount equals added time delay skew in mould-51 adder 32.The value that no longer needs that read again and that used before the value of writing covers.When the value of writing afterwards when stressed, reading the address will be leading by time delay value, therefore need be successively decreased so that produce the value early of counter 10a again.This can realize by for the second time reusing adder 32, but 51 the complement code that provides time delay is added on the current read pointer, has therefore deducted time delay effectively, thereby has produced the value early of counter 10a again.Perhaps, unmodified value that can usage counter 10a is as write address, rather than reads the address.Address when therefore, reading 16 bit values of counter 10b, 10c later on again is the analog value of the counter 10a that will use.The current address of reading is by producing on the value that 51 complement codes of time delay value is added to counter 10a in mould-51 adder 32.The current stressed value of reading address and 16 bits constitutes 22 bit counter values of employed delay when carrying out double-encryption algorithm 11 for the second time and being used to decipher, and the current state of counter 10a, 10b, 10c is used when carrying out cryptographic algorithm 11 for the first time and be used to encrypt.
Therefore, add computational complexity and single and two inferior compromise of carrying out between the cryptographic algorithm 11, the capacity of buffer memory 30 is reduced, rather than realize it is fully phased out by the mixing of using Fig. 9 and 10 as mentioned above as memory span, mould.
Should point out that also arbitrary end of carrying out at the duplex communication link for two times fully of cryptographic algorithm all is unnecessary.For example, at first produce output bit 11a to be used for first transceiver 12,13 of Figure 10, then needn't continue to produce output bit 11b if carry out the first time of cryptographic algorithm 11.On the other hand, carry out to produce output bit 11a the second time of cryptographic algorithm 11, as the means that obtain the used output bit 11b of first transceiver.On the contrary, for second transceiver 12,13, carry out the second time of cryptographic algorithm 11 and can after only producing output bit 11a, finish.
Shown necessary feed-in Fig. 6 of " DELAY (time delay) " value, 9 or 10 adder 32 are so that set up direct mobile-to-mobile link when call setup.Call setup is the procedure name of carrying out when a user picks up phone and dials another Subscriber Number in the telephone communication network.In mobile telephone network, an important subprocess is the call identifying user, so that he pays for the charging that causes in the conversation.This process is very simple in wired network because for example the user with the copper cash that leads to his family to being identified uniquely.But in mobile communication system, different users may enter the scope of same wireless base station and be attached thereto, and therefore can not be distinguished by the signal that detects in the network again.They must be discerned by exchange electronic mark number, so that charge.List of references of institute's combination has disclosed and has been the antitheft authentication process that designs in this identifying above other.As the byproduct of authentication, must produce one interim " session key " and be used for the conversation encryption and decryption, be wireless segment at least in the signal Route Selection, the listener-in that this section is easy to be equipped with suitable wireless receiver intercepts and captures.
The U.S. Patent application No.08/681 of combination in the above, in 916, disclose when call setup the satellite/cell net and how can determine also whether specific calling is present between two users that can only get in touch via satellite, distribute direct mobile-to-mobile satellite repeater channel for them before, realized the foundation of public encryption key then.The calling party of place calls is related network at first, and network is got in touch the called subscriber again and set up encrypted link separately with them then.At this call establishment stage, respectively each mobile radio station being set up loop time delay is fairly simple for network, and this comprises as the satellite of public part and the distance between the network station.This distance can accurately be set up by a variety of modes, for example uses accurately tracking satellite of satellite tracking station, determines its orbit parameter, and calculates its instantaneous position.To first and second mobile radio stations, from loop time delay, deduct the known distance of ground station then, again addition and obtain the mobile-to-mobile time delay to satellite.The satellite repeater of mobile-to-mobile communication preferably include buffer and heavy formatter (when up link and down link form not simultaneously), see U.S. Patent application No.08/681,916 and 08/581,110.Buffer has the effect of the very little extra time delay of in satellite repeater introducing, thereby total propagation delay can be expressed as an integer tdma frame cycle, and in fact this buffer has occupied the partial frame time delay.
According to the present invention, ground station determines the integer frame time delay from mobile-to-mobile, then it is distributed with common session key and mobile-to-mobile transponder channel to be delivered to mobile radio station, thereby allow mobile radio station from switching to direct communication encryption mode by the present invention with communicating by letter of terrestrial network.By direct notice mobile radio station it with the loop time delay of experience, avoided the fracture of when synchronized algorithm is searched for the correct time delay value be used for the encryption and decryption of synchronous two ends, between them, communicating by letter.Although this is the preferred desired aspect that realizes, can use the alternate manner of setting up loop time delay, for example, begin direct communication each other by requiring mobile radio station in their frame counter value of unencryption pattern emission, as shown in figure 12.Each mobile radio station deducts from its current Counter Value and receives contained Counter Value in the burst, thereby determines that it will be added to time delay on oneself the counter in adder 32, so that synchronously decipher the encryption of another mobile radio station.A kind of method in back does not suppose that two mobile radio stations use identical time delay value fully, and as long as use the realization of Figure 10, just can tolerate the misalignment of any counter.Two kinds of methods and any other can be considered to be within the spirit and scope of the present invention by the method that the loop time delay value is established to the claimed accuracy of a clock cycle of those skilled in the art's design.
One skilled in the art will understand that the present invention can implement with other particular form under the situation that does not deviate from its spirit or essential characteristics.Therefore the embodiment that discloses thinks illustrative rather than restrictive in all respects at present.Scope of the present invention is represented by appended claim, rather than the description of front, and all changes of carrying out in its equivalents and scope are all thought to be contained in wherein.
Claims (17)
1. between the first transmitter-receiver station and the second transmitter-receiver station, use the method for the information of control station network delivery encipherment protection, comprise the steps:
Between described control station network and described second station, setting up coded communication between described control station network and the described first stop and independently;
From described control station network to described first stop, and transmit session key to described second station independently;
Between described control station network and the described first stop, and between described control station network and described second station, set up propagation delay independently;
Handle described propagation delay determining not comprise the direct propagation delay of communicating by letter between described first and second stations of described control station network, and from described control station network to described first stop, and transmit described direct propagation delay to described second station independently; And
From described control station network to described first stop, and transmit channel allocation to described second station independently, and order described first stop and described second station by using described session key and described direct propagation delay value is encrypted and decrypted signal begins to communicate with one another.
2. according to the method for claim 1, it is characterized in that described time delay value is greater than pure propagation delay, so that consider processing delay.
3. between the first transmitter-receiver station and second transmitter, one receiver station, use the communication system of the information of control station network delivery encipherment protection, comprising:
Between described control station network and the described first stop and between described control station network and described second station, set up the device of coded communication independently;
From described control station network to described first stop, and transmit the device of session key independently to described second station;
Between described control station network and the described first stop, and between described control station network and described second station, set up the device of propagation delay independently;
Handle described propagation delay to determine not comprise direct propagation delay of communicating by letter between described first and second stations of described control station network and the device that also transmits described direct propagation delay from described control station network to described first stop independently to described second station; And
Also transmit channel allocation and order described first stop and the device of described second station to described second station independently to described first stop from described control station network by using described session key and described direct propagation delay value encryption and decrypted signal to begin to communicate with one another.
4. according to the communication system of claim 1, it is characterized in that described time delay value is greater than pure propagation delay, so that consider processing delay.
5. when the equipment of the signal that encryption and decryption are launched between first and second stations during than the longer duration of enciphered message piece of the signal transmission delay between described first and second stations, in each of described first and second stations, comprise:
Calculating is launched or block of information that receives and the block counter device that produces multiple digital block count value;
Generation is as the encryption bit block of the function of multiple digital session key and described multiple digital block count value and the cryptographic algorithm final controlling element of deciphering bit block, and the encryption bit of described first stop is the deciphering bit at described second station, and vice versa;
The encryption device that uses described encryption bit block that the corresponding information bit block that is used to transmit is encrypted;
The circular buffer memory device of the deciphering bit block of storage before storing described deciphering bit block and obtain in first memory location from second memory location; And
The deciphering bit block that use is obtained from described circular buffer memory is deciphered to received signal so that produce the decryption device of block of information bits again.
6. according to the equipment of claim 5, it is characterized in that when described block counter increased progressively, described memory location add up to mould with memory location and increases progressively.
7. according to the equipment of claim 5, it is characterized in that, described first and described second memory position between difference corresponding to being the propagation delay that unit is measured by the continuous information piece transmission time between described first stop and described second station.
8. according to the equipment of claim 5, it is characterized in that described first memory position is determined by at least some numerals of the described block counter that comprises least significant digit.
9. according to the equipment of claim 5, it is characterized in that described second memory position constitutes from least some numerals of the described block counter that comprises least significant digit.
10. equipment according to Claim 8 is characterized in that, described second memory position is made of the skew of the described propagation delay of representative and the Mo-Jia of described first memory position.
11. the equipment according to claim 9 is characterized in that, described first memory position is made of the skew of the described propagation delay of representative and the Mo-Jia of described second memory position.
12. the equipment of the signal of launching between encryption and decryption first and second stations during than the longer duration of enciphered message piece when the signal transmission delay between described first and second stations comprises in each of described first and second stations:
Calculating is launched or block of information that receives and the block counter device that produces multiple digital block count value;
Generation is as the cryptographic algorithm final controlling element of the encryption bit block of the function of multiple digital session key and described multiple digital block count value;
Use the encryption device of described encryption bit block to the corresponding information bit block encryption that is used to transmit;
Thereby the modifier of described block count value is revised in the skew of using the described propagation delay of representative;
Generation is as the decipherment algorithm final controlling element of the deciphering bit block of the function of described multiple digital session key and described offset blocks counting; And
Use described deciphering bit block to decipher to received signal so that produce the decryption device of block of information bits again.
13. the equipment of the signal of launching between encryption and decryption first and second stations during than the longer duration of enciphered message piece when the signal transmission delay between described first and second stations comprises in each of described first and second stations:
Calculating is launched or block of information that receives and the block counter device that produces multiple digital block count value;
Generation is as the encryption bit block of the function of multiple digital session key and described multiple digital block count value and the cryptographic algorithm final controlling element of deciphering bit block, and the encryption bit of described first stop is the deciphering bit at described second station, and vice versa;
The encryption device that uses described encryption bit block that the corresponding information bit block that is used to transmit is encrypted;
Store the currency of described block counter and obtain the storage arrangement of the block counter value of storage in the past;
Generation is as the decipherment algorithm final controlling element of the deciphering bit block of the function of described multiple digital session key and the described block count value of obtaining; And
Use described deciphering bit block to decipher to received signal so that produce the decryption device of block of information bits again.
14. between mobile subscriber with mobile telephone station and Public Switching Telecommunication Network user, provide in the satellite communication system of communication service by the control station network, the relay station method of carrying out direct one coded communication of jumping via satellite between a kind of promotion first mobile radio station and second mobile radio station comprises the steps:
Between described control station network and described first mobile radio station by described satellite relay station and between described control station network and described second mobile radio station, set up coded communication independently by more described satellite relay stations;
From described control station network to described first mobile radio station, and transmit session key to described second mobile radio station by described satellite relay station independently;
Described control station network and described first and described second mobile radio station between set up separately propagation delay by described satellite relay station, and independently from described control station network by described satellite relay station and return again and set up the loop propagation delay;
The propagation delay addition that to set up respectively for the communication between described control station network and described first and second mobile radio stations, and deduct described loop propagation delay, so that obtain single channel time delay by the direct communication between described first and second mobile radio stations of described satellite; And
From described control station network to described first mobile radio station, and comprise the channel allocation of described single channel time delay independently to the described second mobile radio station transmission, and, order described first and second mobile radio stations by using described channel allocation and using described session key and described single channel propagation delay value encryption and decrypted signal begin to communicate with one another.
15. the satellite communication system of communication service is provided by the control station network between mobile subscriber with mobile telephone station and Public Switching Telecommunication Network user, this system provides between first mobile radio station and second mobile radio station via satellite that relay station carries out direct one coded communication of jumping, and comprising:
Between described control station network and described first mobile radio station by described satellite relay station and between described control station network and described second mobile radio station, set up the device of coded communication independently by more described satellite relay stations;
From described control station network to described first mobile radio station, and transmit the device of session key independently by described satellite relay station to described second mobile radio station;
Described control station network and described first and described second mobile radio station between by described satellite relay station set up separately propagation delay, and independently from described control station network by described satellite relay station and return the device of setting up the loop propagation delay again;
The propagation delay addition that to set up respectively for the communication between described control station network and described first and second mobile radio stations also deducts described loop propagation delay so that obtain device by described satellite single channel time delay of direct communication between described first and second mobile radio stations; And
From described control station network to described first mobile radio station and comprise the channel allocation of described single channel time delay and order described first and second mobile radio stations to the described second mobile radio station transmission independently by using described channel allocation and using described session key and described single channel propagation delay value is encrypted and decrypted signal begins to communicate with one another device.
16. between the first transmitter-receiver station and the second transmitter-receiver station, use the control station network to set up the method for coded communication, comprise the steps:
Between described control station network and described second station, setting up coded communication between described control station network and the described first stop and independently;
To described first stop, and transmit the channel allocation that comprises session key to described second station independently from described control station network;
Use described channel allocation between described first and second stations, to communicate by letter, so that be used to encrypt the block counter value of the signal of each station emission with the exchange of non-encrypted pattern;
The block counter value of using described first stop to receive from described second station resets and is used for the block counter of block deciphering that described first stop is received, and the block counter value of using described second station to receive from described first stop resets and is used for the counter of block deciphering that described second station is received; And
Use separately deciphering Counter Value and described session key that the block that each station receives is deciphered, and use described session key and encryption Counter Value separately block of information to be encrypted at each station, after the block deciphering of each institute's information transmitted block encryption or each reception, increase progressively described encryption and decryption block counter respectively.
17. between the first transmitter-receiver station and the second transmitter-receiver station, use the control station network to set up the communication system of coded communication, comprising:
Between described control station network and the described first stop and between described control station network and described second station, set up the device of coded communication independently;
From described control station network to described first stop, and transmit the device of the channel allocation that comprises session key independently to described second station;
Use described channel allocation between described first and second stations, to communicate by letter so that be used for the device of the block counter value of each station emission coded signal with non-encrypted pattern exchange;
The block counter value of using described first stop to receive the reset device of the counter that is used for block deciphering that described second station is received of the block counter value that is used for the block counter of block deciphering that described first stop is received and uses described second station to receive that resets from described first stop from described second station; And
Use separately deciphering Counter Value and described session key to decipher and use described session key and encryption Counter Value separately at each station block of information to be encrypted, after the block deciphering of each institute's information transmitted block encryption or each reception, increase progressively respectively the device of described encryption and decryption block counter to the block of each station reception.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 97180652 CN1240547A (en) | 1996-10-15 | 1997-09-19 | Use of duplex cipher algorithms for satellite channels with delay |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US08/731465 | 1996-10-15 | ||
| CN 97180652 CN1240547A (en) | 1996-10-15 | 1997-09-19 | Use of duplex cipher algorithms for satellite channels with delay |
Related Child Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB021524408A Division CN1203629C (en) | 1996-10-15 | 2002-11-27 | Double-encrypted algorithm used in satellite channel with time delay |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1240547A true CN1240547A (en) | 2000-01-05 |
Family
ID=5177790
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 97180652 Pending CN1240547A (en) | 1996-10-15 | 1997-09-19 | Use of duplex cipher algorithms for satellite channels with delay |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1240547A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106452749A (en) * | 2016-10-18 | 2017-02-22 | 北京骏逸通达信息服务有限公司 | Method and system for carrying out secret key and data separated transmission by satellite communication |
-
1997
- 1997-09-19 CN CN 97180652 patent/CN1240547A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106452749A (en) * | 2016-10-18 | 2017-02-22 | 北京骏逸通达信息服务有限公司 | Method and system for carrying out secret key and data separated transmission by satellite communication |
| CN106452749B (en) * | 2016-10-18 | 2019-06-07 | 北京骏逸通达信息服务有限公司 | A kind of method and system carrying out key and data separated transmission by satellite communication |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1203629C (en) | Double-encrypted algorithm used in satellite channel with time delay | |
| US5060266A (en) | Continuous cipher synchronization for cellular communication system | |
| EP0446194B1 (en) | Continous cipher synchronization for cellular communication system | |
| US5148485A (en) | Encrypton system for digital cellular communications | |
| KR960007808B1 (en) | Authentication system for digital cellular communications | |
| CA2168717C (en) | Variable security level encryption | |
| US6879689B2 (en) | Stream-cipher method and apparatus | |
| CN1137853A (en) | Selective resynchronization in digital cellular communications system during handover | |
| NZ238652A (en) | Resynchronisation of encrypted data on hand off | |
| US6813355B1 (en) | Method and arrangement for ciphering information transfer | |
| AU645464B2 (en) | Encryption system for digital cellular communications | |
| EP0757459B1 (en) | Cryptographic system for wireless communications | |
| CN1240547A (en) | Use of duplex cipher algorithms for satellite channels with delay | |
| Perez-Neira | Radio frequency coding | |
| Zhang et al. | Research on end-to-end encryption of TETRA | |
| WO2008019178A2 (en) | Processor, method and terminal for use in communications | |
| EP1627490A1 (en) | Processor and method for end-to-end encryption synchronisation | |
| KR19980063014A (en) | Synchronous method of synchronous stream cipher and its apparatus | |
| NZ248445A (en) | Generating pseudo-random bit sequences for enciphering digital data | |
| GB2402025A (en) | Keystream synchronisation by associating a single synchronisation indicator with a plurality of encryption portions |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| AD01 | Patent right deemed abandoned | ||
| C20 | Patent right or utility model deemed to be abandoned or is abandoned |