DE2334330A1 - Security encoding communication network - uses start code to set code generators before transmission of signals - Google Patents

Abstract

The communications network (e.g. for teleprinter or telephone) has security encoders/decoders. Before transmission each encoder or code generator is set by a start code stored at each end station. Some of the stations have a given number of start codes held in special memories. Identification signal sequences are associated with each stored code and are used to select the wanted code. The advantage lies in not only allowing authorised stations to exchange coded information with one another but also with any other station that has access to the identification signals and therefore to the code being used.

Description

Licentia Patent-Verwaltungs-GmbH ΡΤ-ΒΚ / Γι.Li / ms

BK 73/22

Circuit arrangement for the transmission of communication signals

The invention relates to a circuit arrangement for the transmission of message signals, in which the transmitting and receiving side arranged, identically structured and synchronously operated key pulse generators generated identical pseudo-random sequences that on the sending side for the encryption with the

clear and are linked on the receiving side for the decryption with the encrypted message sequence, and in which the key generators before the start of the transmission by means of
an initial key stored at each station can be set and started in phase by an identifier transmitted between aen stations of a communication link.

709845/001 2

In known encryption devices for message signals, by linking one of the message signals derived clear pulse sequence with a key pulse sequence encrypted signal pulse sequences assigned to the characters of the plain text are formed. The recovery at the receiving end of the plain text after the transmission of the encrypted signal sequence is made by the inverse linking of the encrypted Signals brought about with an identical key pulse train.

The key pulse trains can be generated by key generators which generally consist of counters interconnected by logic circuits and by clocks being controlled. The generated key pulse sequence obeys by the scrambling of the counter readings carried out according to a random law.

In order to use the same key generators on the sending and receiving side To obtain identical key pulse sequences, the key generators have to start an encrypted Message transmission are brought into the same starting position and they must be synchronized during key operation being held. To do this, the key generators are converted into the same by a secret initial key Initial position brought and started in phase.

BK 73/22 - 3 -

709845/0012

This known method is not only suitable for synchronization the pseudo random number generators in key devices, but generally used to synchronize the tape or Controlling time scrambling in voice encryption devices Generators or to control the carrier frequency generators in radio systems that operate according to the frequency hopping process work. Even in transmission systems that use the SSMA or CDMA method, the synchronized random number generators can be used to modulate and demodulate the transmitted Deliver the required strings of signals.

Reasons for secrecy force a frequent change of the initial key.

It is an encryption method in the German Auslegeschrift 1 237 366 in which the initial state of the key generators is set in dependence from the result of the mixture of a first and a second state information, wherein the first state information stored as a basic key on both the sending and receiving sides Form is present and wherein the second status information as displacement information on the transmit side by means of a Random generator generated and unencrypted to the receiving side is transmitted. The number of elements of the two status information items or of their mixing result like this

BK 73/22 - 4 -

* 709845/0012

be large that a very large number of different initial states of the key generators is made possible.

In this known method, all stations in a switching network contain the same memory in their memories Basic key, and it will present the move information the commencement of the key operation to the desired receiving station openly transmitted, it can therefore also any other station of the network by mixing both pieces of information, provided that the sequence of information is transmitted, for example, by radio is sent, make the setting of the key generator and decrypt the encrypted text.

In switching traffic within a communications network, it is desirable to only use selected subscriber groups enable the decryption of certain information. For this purpose, different groups of participants can be used at the same time Different initial keys must be assigned at the time, so that different "key areas" exist in which the participants with the initial keys assigned to them can only circulate within their group, but not between the groups.

The invention is based on the object of providing at least a number of authorized stations of different group trainings.

BK 73/22 - 5 -

709845/0012

the encrypted exchange of information both with each other as well as with any other subscriber stations via the code number assigned to them and so that they have the basic key assigned to them, to enable.

The invention and its developments are through the in the measures described in the claims.

This has the advantages of having different initial keys can be used in the network for the individual connection. It will be the individual stations that themselves do not have a key selector, each has an initial key assigned and the individual initial keys are assigned code numbers by means of which the initial keys can be distinguished are. It is advantageous to leave the determination of the initial key to the station that only has a single key, so that phasing between the stations as required takes place in forward or reverse direction. This saves unnecessary changes of direction during phasing. After confirming the phasing that has taken place, the start-up indicator for the correct phase can be displayed immediately At the start of the two key generators, the encrypted message transmission can begin.

BK 73/22 7098A5 / 0012 -6-

The invention is explained using the block diagram.

The two stations 10 and 20 of a switching network are shown, which are connected to one another via the line sx are. In the embodiment shown, the data and identifier traffic runs over this line and it is alternating traffic in both directions is possible. Lines for duplex traffic or lines, which, in addition to a data channel, also contain an auxiliary channel, applicable. Instead of the change of direction then occurs simply a transmission of the information over the opposite channel.

There is a message transceiver at each station 11 or 21, for example a teleprinter, which messages in the form of unencrypted Can send and receive pulse trains. The output of the message device 11 currently acting as a sender feeds the Mixer 122, in which the message pulse train with the key pulse sequence generated by the key generator 12 is mixed and thereby encrypted. The encrypted Message pulse train is transmitted over the line sx to the receiving station 20, where the encrypted Message pulse sequence in mixer 222 mixed with the key pulse sequence generated in key generator 22 will. As long as synchronous operation between the transmitting

BK 73/22 - 7 -

709845/0012

and the key pulse sequence on the receiving side exists, the encrypted message pulse sequence is decrypted in the mixer 222 and the receiving device 21 transmits the message sequence in plain language again.

The key generators 12 and 22 are each by one Clock generator 121 and 221 controlled, which are kept in common mode by devices not shown here, as long as there is an uninterrupted flow of data over the line sx. To ensure that the two key generators run synchronously, i.e. the generation of identical key pulse sequences to ensure that the two generators run in synchronism alone is not enough to ensure that the sending and receiving stations the two generators must begin with the same initial position when each encryption operation is initiated; accordingly, they must open when operation begins phased in the same initial key.

A key selector I3I is provided at station 10, the one electronic memory 13 for storing a Contains number of initial keys. Entering the key information A punch tape reader 132 can be used, for example, to enter the memory of the key selector. A specific initial key is selected through a code number supplied via the control unit 15. the

BK 73/22 - 8 -

109845/0012

/O

Code number can, for example, be a 5-bit character and it can also be used together with a number of variable key characters that are generated in the generator IA and in the memory 14 are kept, are transmitted by the control unit 15 to the remote station. In the own station 10 the selected Initial key mixed with the variable key characters in the mixer 123 and used for the initial setting of the Key generator 12 are used. In the remote station, the transmitted characters can be used for the removal of the selected Initial key from a key selector and this basic key together with the transferred variables Key character for the initial setting of the there, => η. Key generator are exploited. After confirmation from the receiving station that the initial setting has been carried out the key generators can then start phased in response to a start character transmitted by the sending station. The key operation then begins. With this type of setting phasing takes place in the forward direction from the sending to the receiving station.

In contrast to station 10, however, it is the one in the block diagram The opposite station 20 shown is equipped in a manner known per se and does not have a key selector, but only via the key memory 23, in which through the punched tape unit 231 only the one for this station alone certain basic keys are entered.

BK 73/22? 09845/0012 " ⁹ "

In this case it is imperative to phase in in the reverse direction to be carried out using the initial closing ice stored in the memory 23 at the station 20. But even if the other station is fully equipped with a key selector and a key memory, the Phasing can be carried out in the reverse direction. The station equipped with a key selector that encrypted one Would like to carry out message transmission to another station, begins with the transmission of a request for reverse phasing. In order to rule out errors, the request signal can exclude a conference operation Identifier included so that other connected stations cannot send their code number. Afterward the sending station switches itself to readiness to receive. The receiving station evaluates the received Prompt signal off. It doesn't matter if they have a key selector or only has a single key memory, it sends out the phase-in program, which is derived from the area identifier of an initial key or its initial key and, if applicable consists of a number of variable key characters. It also sends a closing identifier that ensures that the key generators stop correctly in both stations. Now a second one can Change of direction are made, the receiving station switches back to "Reception" and the receiving station

BK 73/22 - 10 -

^ 09845/0012

steers itself back to "broadcast". She transfers the confirmation of the completed phasing together with an identifier that the two key generators characterize correctly releases. During the subsequent encrypted transmission, there must be no interruption of the data flow occur, as this could disrupt the synchronization of the generators. It must therefore be used during message transmission occurring permanent states are also encrypted and transmitted. A control identifier on The end of the message transmission causes the transmission to be released in the opposite direction.

BK 73/22 - 11 -

709845/0012

Claims (2)

Claims 1.Circuit arrangement for the transmission of message signals, in which the send and input side arranged, Identically structured and synchronously operated key pulse generators identical pseudo-random sequences are generated, the sending side for the encryption with the clear and the receiving side for the decryption be linked to the encrypted message sequence, and in which the key pulse generators are stored by means of a stored at each station before the start of the transmission The initial key is set and an intermediate key information transmitted to the stations of a communication link is left in phase, characterized in that that in at least some of the stations (10) of a communications network a certain number of initial keys are stored in a key memory (13) each and that each stored initial key has a Character sequence representing the code number is assigned by entering it into a key memory assigned Selecting device (131) the initial key assigned to the code number can be selected from the key memory and the key generator (12) can be supplied for its initial setting. BK 73/22 - 12 - 309845/0012 2. Circuit arrangement according to claim 1, characterized in that after the transmission of a code number of a first initiating the transmission traffic Station (10) to a second station (20) or several stations assigned to the transmitted code number The initial key in both or more stations Key generators (12, 22) for their initial scheduling can be supplied and the key generators can be started in phase after the transmission of a code sequence. 3- circuit arrangement according to claim 1, characterized in that that after the transmission of a prompt of a first station initiating the transmission traffic (1O) an area identifier can be transmitted from a second station (20) to the first station, as a result of which in both stations the assigned initial key to the key generators (12, 22) can be supplied for their initial setting and the two generators can be started after the transmission of a code sequence. BK 73/22 709845 / 0Q12