EP2178235A1 - Encryption of information signals - Google Patents
Encryption of information signals Download PDFInfo
- Publication number
- EP2178235A1 EP2178235A1 EP08390001A EP08390001A EP2178235A1 EP 2178235 A1 EP2178235 A1 EP 2178235A1 EP 08390001 A EP08390001 A EP 08390001A EP 08390001 A EP08390001 A EP 08390001A EP 2178235 A1 EP2178235 A1 EP 2178235A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- subbands
- signal
- subband
- encryption
- filters
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000015572 biosynthetic process Effects 0.000 claims abstract description 76
- 238000003786 synthesis reaction Methods 0.000 claims abstract description 76
- 238000000034 method Methods 0.000 claims abstract description 52
- 230000002194 synthesizing effect Effects 0.000 claims abstract description 9
- 238000004891 communication Methods 0.000 claims description 17
- 238000004590 computer program Methods 0.000 claims description 6
- 230000001131 transforming effect Effects 0.000 claims description 2
- 238000010295 mobile communication Methods 0.000 abstract 1
- 230000009466 transformation Effects 0.000 description 22
- 238000012545 processing Methods 0.000 description 21
- 230000006870 function Effects 0.000 description 9
- 238000006243 chemical reaction Methods 0.000 description 8
- 238000009826 distribution Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 6
- 230000011664 signaling Effects 0.000 description 6
- 230000005236 sound signal Effects 0.000 description 6
- 230000000295 complement effect Effects 0.000 description 5
- 238000002347 injection Methods 0.000 description 5
- 239000007924 injection Substances 0.000 description 5
- 230000001413 cellular effect Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 238000013459 approach Methods 0.000 description 3
- 230000006399 behavior Effects 0.000 description 3
- 238000010276 construction Methods 0.000 description 3
- 238000001514 detection method Methods 0.000 description 3
- 230000006866 deterioration Effects 0.000 description 3
- 238000005265 energy consumption Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000001228 spectrum Methods 0.000 description 3
- 239000011159 matrix material Substances 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 101100445834 Drosophila melanogaster E(z) gene Proteins 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000009795 derivation Methods 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 238000009828 non-uniform distribution Methods 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 230000007727 signaling mechanism Effects 0.000 description 1
- 239000000243 solution Substances 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04K—SECRET COMMUNICATION; JAMMING OF COMMUNICATION
- H04K1/00—Secret communication
- H04K1/04—Secret communication by frequency scrambling, i.e. by transposing or inverting parts of the frequency band or by inverting the whole band
Definitions
- the invention relates to techniques for encrypting and decrypting information signals, for example digital voice signals. More particularly, the invention relates to the encryption and decryption of information signals based on polyphase filter banks.
- voice encryption technologies are often provided as a separate unit (an 'add-on' device) to communication devices such as mobile phones.
- an analogue voice signal is captured by a microphone, digitized and input into the encryption add-on.
- the add-on outputs the encrypted voice signal to the mobile phone.
- the encrypted signal is then transmitted via a mobile network to the receiving party, which may be another mobile phone.
- the encrypted signal is provided to a decryption add-on, which reverts the encryption and outputs the decrypted signal, for example back to the mobile phone.
- One conventional technique for voice encryption is the subband analysis of speech signals by using polyphase filters and the encryption of the signal via permutation of individual subbands.
- such technology may avoid a complex synchronization procedure such as a key exchange between encryption device and decryption device.
- existing implementations of encryption and decryption devices based on polyphase filter banks typically lead to a considerable deterioration of speech quality which is due to the fact that an optimal reconstruction of the original voice signal is not achieved.
- confidentiality is compromised from time to time or depending on individual speakers, which appears to be due to the fact that the permutation of subbands as performed in the current implementations is not sufficient, such that the speech remains recognizable for at least some parts of the communication.
- the method comprises the steps of splitting, based on multiple analysis subband filters, an input information signal into a set of signal subbands; performing an encryption operation on one or more subbands of the set of subbands; and synthesizing, based on multiple synthesis subband filters, the encrypted set of subbands into an output information signal, wherein a particular synthesis filter is the product of all analysis filters except the analysis filter corresponding in subband to the particular synthesis filter.
- each of the synthesis filters of the synthesis filter bank is configured in this way.
- a method of decrypting information signals comprises the steps of splitting, based on multiple analysis subband filters, an input information signal into a set of signal subbands; performing a decryption operation on one or more subbands of the set of subbands; and synthesizing, based on multiple synthesis subband filters, the decrypted set of subbands into an output information signal, wherein a particular synthesis filter is the product of all analysis filters except the analysis filter corresponding in subband to the particular synthesis filter.
- each of the synthesis filters of the synthesis filter bank is configured in this way.
- the above methods may be applied to any kind of digital (or analogue) information signal including for example digital audio signals or digital voice or speech signals.
- the signal subbands may be interleaved subbands.
- the analysis and/or synthesis subband filters in both the above-outlined methods may be polyphase subband (component) filters.
- the analysis subband filters may be chosen such that the product of all analysis subband filters is all-pass, i.e. an input information signal would pass a filter implementing the product of all analysis subband filters essentially unchanged.
- the multiple analysis filters may be derived from a single prototype subband filter.
- the configuration of the particular synthesis filter may be simplified.
- the prototype subband filter may for example be a (proprietary or standardized) low pass finite impulse response filter.
- the analysis / synthesis subband or component filters may be derived from the prototype filter using, e.g., a factorization technique.
- the number of signal subbands can be varied in time.
- the time variation (or non-uniformity) of the signal subbands may be selected according to a complexity of the information to be encrypted or decrypted, which may be based on a measure of an energy distribution of the input information signal in frequency.
- the number of signal subbands may be chosen such that the bit distribution of the encoding is proportional to the complexity of information.
- the analysis filters and correspondingly the synthesis filters may be adapted accordingly.
- the encryption or decryption operation may comprise transforming the signal subbands into frequency subbands. For example, a Fourier transformation, Laplace transformation or Z-transformation may be performed. A corresponding inverse or back transformation may also be included in the encryption (decryption) operation.
- the analysis transformation may be an inverse Fourier or Z-transformation, while the synthesis transformation is a corresponding back transformation.
- the encryption or decryption operation may comprise a permutation of at least two subbands.
- two or more frequency subbands may be permuted.
- the permutation of subbands may be varied in time.
- the subbands to be currently permuted may either be signalled from an encrypting device to a decrypting device, or the permutation may be controlled by a control scheme which is in the same way or similarly implemented in both devices.
- a permutation of subbands may be based on a signal energy contained therein. For instance, the two subbands containing most of the signal energy may be permuted with each other. This permutation could be reverted in the decryption operation.
- the encryption operation may comprise replacing at least one subband by noise.
- the noise has to be configured such that the output information signal is unrecognisable with high probability.
- a corresponding decryption operation may comprise removing noise from at least one subband based on, for example, the detection that a noise level in a subband exceeds a predetermined threshold or the detection of a pre-defined, particular signature imprinted on the noise by the encryption operation.
- This method comprises the steps of splitting, based on multiple analysis subband filters, an input information signal into a set of signal subbands; performing an encryption operation on one or more subbands of the set of subbands, wherein the encryption operation comprises replacing at least one subband by noise; and synthesizing, based on multiple synthesis subband filters, the encrypted set of subbands into an output information signal.
- a corresponding method for decrypting information signals comprises the steps of splitting, based on multiple analysis subband filters, an input information signal into a set of signal subbands; performing a decryption operation on one or more subbands of the set of subbands, wherein the decryption operation comprises removing noise from at least one subband; and synthesizing, based on multiple synthesis subband filters, the decrypted set of subbands into an output information signal.
- a computer program product which comprises program code portions for performing the steps of one or more of the methods and method aspects described herein when the computer program product is executed on one or more computing devices, for example one or both of an encryption device and a decryption device.
- the computer program product may be stored on a computer readable recording medium, such as a permanent or rewriteable memory within or associated with a computing device or a removable CD-ROM, DVD or USB-stick. Additionally or alternatively, the computer program product may be provided for download to a computing device, for example via a data network such as the Internet or a communication line such as a telephone line or wireless link.
- an encryption device for encrypting information signals.
- the device comprises a component adapted to split, based on multiple analysis subband filters, an input information signal into a set of signal subbands; a component adapted to perform an encryption operation on one or more subbands of the set of subbands; and a component adapted to synthesize, based on multiple synthesis subband filters, the encrypted set of subbands into an output information signal, wherein a particular synthesis filter is the product of all analysis filters except the analysis filter corresponding in subband to the particular synthesis filter.
- the above-mentioned demand is also satisfied by a decryption device for decrypting information signals.
- the decryption device comprises a component adapted to split, based on multiple analysis subband filters, an input information signal into a set of signal subbands; a component adapted to perform a decryption operation on one or more subbands of the set of subbands; and a component adapted to synthesize, based on multiple synthesis subband filters, the decrypted set of subbands into an output information signal, wherein a particular synthesis filter is the product of all analysis filters except the analysis filter corresponding in subband to the particular synthesis filter.
- a further encryption device for encrypting information signals.
- This device comprises a component adapted to split, based on multiple analysis subband filters, an input information signal into a set of signal subbands; a component adapted to perform an encryption operation on one or more subbands of the set of subbands, wherein the encryption operation comprises replacing at least one subband by noise; and a component adapted to synthesize, based on multiple synthesis subband filters, the encrypted set of subbands into an output information signal.
- a corresponding device for decrypting information signals also satisfies the above demand and comprises a component adapted to split, based on multiple analysis subband filters, an input information signal into a set of signal subbands; a component adapted to perform a decryption operation on one or more subbands of the set of subbands, wherein the decryption operation comprises removing at least one subband which represents noise; and a component adapted to synthesize, based on multiple synthesis subband filters, the decrypted set of subbands into an output information signal.
- an encryption (decryption) device comprising the encryption device as outlined above and the decryption device as outlined above.
- the encryption (decryption) device may be adapted to the encryption (decryption) of voice or speech signals and may be particularly configured as an add-on device for mobile phones.
- the abovementioned demand is still further satisfied by a communication device, wherein the communication device comprises at least one of the encryption device and the decryption device as outlined above.
- the communication device may comprise a mobile phone, wherein the encryption device and/or decryption device may be implemented as hardware, software, or a combination thereof.
- Another implementation of the communication device comprises a headset connectable to a mobile phone.
- the headset may be an external headset with processing capabilities for connection with a mobile phone via Bluetooth or a similar wireless connection technique.
- any of the above-outlined devices may be implemented based on an FPGA (Field-Programmable Gate Array). Additionally or alternatively, at least a portion of a circuitry of any one of the above-outlined devices may be adapted for parallel processing. For example, the parallel processing may be realized based on the aforementioned prototype subband filter.
- An implementation of the above-mentioned headset may comprise an encryption and/or decryption device implemented on an FPGA with parallel processing capabilities.
- the techniques described below may not only be applied to encryption and decryption of digital voice or speech signals, but to any kind of audio signals or more generally information signals including, for example, video signals, facsimilie data, electronic files (file transfer) or electronic data. Besides that, the techniques described herein may not only be used in conjunction with digital signal processing, but also analogue signal processing.
- an encryption and/or decryption device may also be implemented purely software-based depending on the processing capabilities of current or future general purpose processing hardware available for, e.g., mobile phones.
- Fig. 1 illustrates an embodiment of a system 100 for the encryption and decryption of digital audio signals.
- the system comprises an analogue audio input device 102, an Analogue-to-Digital(A/D) unit 104, an encryption device 106 and a cellular phone 108 in communication via a mobile network 110 with a receiving mobile phone 112, a decryption device 114, a Digital-to-Analogue (D/A) unit 116 and an analogue audio output device 118.
- the audio input device 102 may be a microphone, while the audio output device 118 may be a loudspeaker.
- the encryption device 106 may be a hardware add-on which may or may not be specifically adapted to the mobile phone 108.
- the encryption device 106 may be connected to a conventional interface to the mobile phone 108, such as a headset interface as it is conventionally used for hands-free operation of mobile phones. In this way, the encryption device may replace a headset or may be connected in between the headset and the mobile phone.
- the A/D-unit 104 may be provided on a common hardware with either one or both of the microphone 102 and encryption device 106 or may be provided as a stand-alone unit.
- the audio input 102 may be a microphone integrated in mobile phone 108.
- a user speaks into the audio input device 102, which generates an analogue electrical representation of the voice or speech input.
- the electrical signal is provided to the A/D-unit 104, which samples the signal and generates a digital representation 120 thereof.
- the digital voice signal 120 is input to the encryption device 106, which encrypts the signal as will be described in detail further below.
- the encrypted output signal 122 is provided to the mobile phone 108 in digital or analogue form. In the embodiment described here it is assumed that the encryption device 106 outputs digital encrypted voice signals.
- the signal 122 provided to the mobile phone 108 is transmitted via the mobile network 110 towards the receiving party, i.e. mobile phone 112. From there, the received encrypted voice signal is forwarded 124 to the decryption device 114. It depends on the details of the implementation whether the received encrypted voice signal 124 is provided to the decryption device 114 in digital or analogue form. In the embodiment described here, it is assumed that the signal 124 is input to the decryption device as a digital signal.
- the decryption device 114 decrypts the encrypted voice signal 124.
- the decrypted voice signal 126 is fed to the D/A-unit 116 which provides an analogue representation of the audio signal 126 to the audio output 118.
- the decryption device 114 may, for example, be connected in between the mobile phone 112 and a headset which includes the D/A-unit 116 and audio output 118.
- the D/A-unit 116 may be implemented on a common hardware with the decryption device 114.
- the audio output 118 may be a loudspeaker 118 integrated in mobile phone 112.
- Any of the encryption device 106 and the decryption device 114 may, for example, be implemented on an FPGA platform and may, depending on the concrete operational environment, include A/D-converter and/or D/A-converter, although these are illustrated as separate units in Fig. 1 .
- An encryption device (decryption device) may further comprise various connectors for microphone, earphones, USB port, Ethernet interface, RS-232 port, etc.
- Fig. 2 illustrates functional building blocks of the encryption device 106 of Fig. 1 .
- the input voice signal 120 is processed by an analysis filter bank 204, a scalar-to-vector conversion unit 206, a transformation component 208, a permutation component 210 and a noise generator 212 associated therewith, a further transformation component 214, a vector-to-scalar conversion unit 216 and a synthesis filter bank 218, which outputs the encrypted audio signal 122 (cf. Fig. 1 ).
- the encryption device 106 operates to encrypt digital information signals, more particularly the digital voice signal 120.
- an input information signal may be an analogue signal.
- An encryption device may then comprise an A/D-unit similar to A/D-unit 104 of Fig. 1 .
- the input voice signal 120 is provided to the analysis filter bank 204, which operates to split the input voice signal 120 into a set of signal subbands.
- the filter bank 204 is a polyphase filter bank comprising multiple analysis subband filters (component filters) generating a set of interleaved subbands. While in the example illustrated in Fig. 2 the input signal 120 is split into 16 subbands 220, in other embodiments a smaller or larger number of subbands may be configured.
- the multiple analysis filters of the filter bank 204 may be derived from a single prototype subband filter, which may be a standardized or a proprietary lowpass finite impulse response (FIR) filter.
- the desired number of analysis subband filters (polyphase component filters) may be derived therefrom by using a factorization technique.
- step 304 at least one encryption operation is performed on one or more subband of the set of subbands 220 generated by the filter bank 204. Details on the encryption operations will be described with reference to Fig. 6 further below.
- an encrypted set of subbands 222 is provided to the synthesis filter bank 218, which operates to synthesize the encrypted set of subbands 222 into the output voice signal 122.
- the filter bank 218 may be configured similarly as the analysis filter bank 204, i.e. may also be a polyphase filter bank comprising multiple (synthesis) subband filters.
- the synthesis filters are adjusted in a way complementary to the analysis filters of filter bank 204. Specifically, each of the synthesis filters is a product of all analysis filters of filter bank 204 except the analysis filter which corresponds in subband to the particular synthesis filter. The reasons for this choice will be discussed with reference to Figs. 8a-8d .
- Fig. 4 illustrates functional building blocks of the decryption device 114 of Fig. 1 .
- the encrypted input voice signal 124 is processed by an analysis filter bank 402, a scalar-to-vector conversion unit 404, a transformation component 406, a permutation component 408, a noise remover 410, a further transformation component 412, a vector-to-scalar conversion unit 414 and a synthesis filter bank 416, which outputs the decrypted audio signal 126 (cf. Fig. 1 ).
- the decryption device 114 operates to decrypt digital information signals, more particularly the digital voice signal 124.
- an encrypted input information signal may be an analogue signal.
- a decryption device may then comprise an A/D-unit.
- the components 402 - 416 may be configured similar in various aspects to the components 204 - 218 of the encryption device 106. A repetition of such aspects is therefore omitted.
- the analysis filter bank 402 operates to split the (encrypted) input voice signal 124 into a set of signal subbands.
- the analysis subband filters of the filter bank 402 may be configured similar to the filters of filter bank 204 in the encryption device 106. For example, the same prototype filter may be used to derive the filters for the banks 204 and 402 therefrom.
- at least one decryption operation is performed on one or more of the set of subbands 418 output by the analysis filter bank 402. Details on the decryption operations will be described with reference to Fig. 7 below.
- step 506 the decrypted set of subbands 420 is provided to the synthesis filter bank 416, which operates to synthesize, based on multiple synthesis subband filters, the decrypted set of subbands 420 into the decrypted output voice signal 126 (cf. Fig. 1 ).
- Fig. 6 illustrates encryption operations which may be performed in the course of step 304 of Fig. 3 and which are described taking reference of the encryption device 106 in Fig. 2 .
- the signal subbands generated in filter bank 204 are transformed into frequency subbands.
- the scalar-to-vector conversion unit 206 converts the signal subbands 220 into a vector 224 which is then input into the transformation component 208.
- This component performs an Inverse Discrete Fourier Transformation (IDFT) of the input vector 224.
- IDFT Inverse Discrete Fourier Transformation
- the resulting output is a set of frequency subbands 226.
- the scalar-to vector conversion unit 206 operates to specifically configure the subbands 220 for input to the IDFT component 208.
- a component different from unit 206 may be provided.
- no component at all may be provided and the subbands generated by the filter bank may be input directly into a transformation component. Similar considerations hold for the vector-to-scalar conversion unit 216 discussed below.
- the permutation component 210 performs a permutation of at least two of the set of subbands 226.
- This permutation may be performed the same all the time or may be varied in time during the operation of the encryption device 106.
- a time variation of the permutation may be performed following a fixed predefined scheme and/or may be controlled dependent on properties of the voice signal to be encrypted.
- a signal energy may be detected for at least a subset of the set of frequency subbands. Permutations may then, for example, be performed on those subbands containing most of the signal energy. This will in typical situations lead to an appropriate encryption of voice or similar information carrying signals, as an insufficient scrambling due to a permutation of empty subbands is avoided.
- the permutation process may be easily reverted in the decryption device without the need for an extra signalling.
- a permutation of the two subbands containing most of the signal energy Performing exactly the same processing in the decryption device would revert the permutation and would in this way decrypt the encrypted signal.
- parameters for properly controlling a decryption may be signalled to the decryption device. Such signalling may be performed in-line, i.e. embedded within the encrypted information signal, or in any other way.
- the noise generator 212 operates to replace at least one of the frequency subbands 226 by noise.
- the noise may be, for example, white noise which may or may not be randomly generated.
- An intensity of the noise has to be sufficient such that the speech signal becomes unrecognizable and that cryptoanalytic attacks on the encrypted information signal are prevented.
- the noise intensity may be predetermined or may be controlled based on, for example, a signal energy measured from one or more of the subbands or the input information signal 120. For instance, the signal energies measured for controlling a permutation process may also be used for controlling the noise to be injected into the signal.
- an in-line signalling may be imprinted on the noise in order that the decryption device may properly control a decryption, as discussed above.
- the subband(s) to be replaced by noise may be fixed.
- a frequency subband known to generally carry low signal energy for the case of human speech may be chosen.
- one or more subbands containing a signal energy below a predetermined threshold or containing the lowest signal energy in the set of subbands may be selected for noise injection.
- step 608 the transformation component 214 perform the inverse transformation to the transformation performed by the transformation component 208.
- the transformation component 214 performs a Discrete Fourier transformation (DFT).
- DFT Discrete Fourier transformation
- the resulting vector 230 is fed to the vector-to-scalar conversion unit 216 which outputs the encrypted set of signal subbands 222 to the synthesis filter bank 218, as has been described already above.
- subband permutation and noise injection may be performed in any order and may also be performed in parallel to each other.
- an encryption device may perform only one of these operations.
- a particular encryption device may only perform the subband permutation or may only perform noise injection.
- Still other encryption devices may be set into different confidentiality modes according to a desired confidentiality level (security level). Such a level may be measured, for example, by estimates of the efforts (processing power) required for an attacker to decrypt the encrypted information signal.
- the device confidentiality modes may differ from each other by switching on or off or configuring in different ways one or more of the above encryption operations.
- such a multi-mode encryption (or decryption) device may be manually or automatically adjusted to its decryption (or encryption) counterpart, which may be of a different model series etc., at the other end of the communication line.
- Fig. 7 illustrates decryption operations which may be performed in the course of step 504 of Fig. 5 and which are described taking reference of the decryption device 114 of Fig. 4 . It is generally to be noted that many units and components of the decryption device 114 may operate similarly to the corresponding units and components of the encryption device 106 (in some embodiments, all units and components may operate similar). In particular, the filter banks 402 and 416 of device 114 may exactly correspond to the filter banks 204 and 218 of device 106.
- step 702 the encrypted signal subbands 418 are transformed into frequency subbands.
- the components 404 and 406 of the encryption device 114 may operate similar to the components 206 and 208 of the encryption device in Fig. 2 ; therefore the detailed description of step 602 applies similarly also to the components 404 and 406.
- the output of the transformation component 406 is a set of frequency subbands 422.
- the permutation component 408 operates to perform a permutation of at least two subbands from the set of subbands 422. In order for a successful decryption, the permutation performed by the permutation component 210 in the encryption device 106 has to be reverted. How to correctly reverse the permutation process performed in the encryption device 106 depends on the details thereof.
- the reverse permutation scheme will also be a fixed scheme, and may even be exactly the same scheme.
- the component 408 may apply a similar scheme, however, some time synchronization would then be required between components 210 and 408.
- a more extensive signalling would be required which indicates the momentary permutation configuration to the permutation component 408.
- Such signalling mechanism may comprise in-line signalling, which may for example be imprinted on the noise by the noise generator 212 in Fig. 2 .
- both the permutation components 210 and 408 may determine parameters from the (encrypted) signal in the same way. This requires that parameters are used as permutation control parameters which are not changed by the permutation or any other encryption operations.
- the signal energy contained in each of the frequency subbands may be determined. This parameter set will not be changed by permutation, and noise injection may preferably only affect low energy subbands.
- the encryption permutation comprises permuting the two frequency bands containing most of the signal energy, this can be reverted in the decryption stage without any signalling.
- the permutation component 408 may act exactly similar as the permutation component 210 in order to revert the permutation performed therein.
- the noise remover 410 operates to remove noise from those subbands to which noise has been added by the noise generator 212 in the encryption device 106.
- the noise remover 410 may replace noise by silence (zero signal energy) in these subbands.
- the noise remover 410 has to detect the one or more subbands of the set of subbands 422 which contain noise.
- the component 410 requires decision logic in this respect in order to decide whether a subband is filled, for example, by white noise.
- the noise remover 410 may specifically search for such noise ID in the set of frequency subbands 422. In case such a noise ID is detected in a frequency subband, the signal in this subband is replaced by silence.
- step 708 the transformation components 412 and 414 act to back-transform the decrypted frequency subbands 424.
- the back transformation may be performed in a way as has been described with reference to the components 214 and 216 of the encryption device 106; this description may therefore be referred to.
- steps 704 and 706 may be performed in any order, parallel to each other, or only one of these steps may be performed.
- the corresponding discussion of steps 604 and 606 is referred to.
- the analysis and synthesis of the unencrypted voice signal in the encryption device 106 and of the encrypted voice signal in the decryption device 114 may be performed in the same way. Therefore, while for the sake of brevity in the following it is only referred to the analysis filter bank 204 and synthesis filter bank 218 of the encryption device 106, it is to be understood that these considerations hold similarly for the analysis filter bank 402 and the synthesis filter bank 416 of the decryption device 114.
- the synthesis subband filters are configured complementary to the analysis subband filters. More specifically, one or more of each of the filter functions for the synthesis subband filters may be configured as the product of all filter functions of the analysis filters except the filter function for the analysis filter corresponding in subband to the synthesis filter to be configured. A derivation is presented in the following proving plausibility of this concept.
- the concept that a particular synthesis filter should be the product of all analysis filters except the analysis filter corresponding in subband to the particular synthesis filter can be formulated as:
- the kth polyphase component in the synthesis filter bank should be H/Ek.
- Fig. 8a schematically illustrates a signal processing system accepting a digital input signal x [n] and providing an output signal y [n].
- F 1 (z), F 2 (z), ..., F M (z) u[n].
- x[n] y[n] (ignoring factors of 1/M).
- the filter functions have to satisfy the condition that ⁇ i ⁇ F i z is all-pass.
- Fig. 8b illustrates the system of Fig. 8a wherein the filter functions F(z) have been rearranged. Still, the system behaviour is all-pass. An identity matrix may be inserted at the point A indicated in Fig. 8b , which also leaves the operation of the system unchanged.
- the filter bank (set of analysis filters) 204 of the device 106 is represented by the set of filters 804 in Fig. 8d
- the filter bank 218 is represented by the set of filters 806 in Fig. 8d
- the synthesis filters 806 are complementary to the analysis filters 804.
- the synthesis filter corresponding to the analysis filter E 0 i.e. the synthesis filter which corresponds to the analysis filter in the 0 th subband
- the synthesis filter corresponding to the analysis filter E 1 is E 0 E 2 ... E M-1
- the synthesis filter corresponding to the analysis filter E M-1 is E 0 E 1 ,.. E M-2 .
- the synthesis filters 806 can be constructed based only on the prototype E in order to achieve an optimal reconstruction of the original input information signal x[n].
- the signal subbands can be varied in time, i.e. non-uniform filter banks can be realized, wherein the bit distribution of the encoding is proportional to the complexity of the information carried in each subband.
- the signal subbands may be varied in time based on an energy distribution of the information signal in frequency.
- the signal subbands may be varied in time according to a predefined scheme, which would have to be known to the receiver also.
- a time-variation in a non-uniform filter bank one or more of the vertical stages of the analysis and synthesis filter banks may be omitted leading to 1 ⁇ 2 or 1 ⁇ 4 of the resolution.
- the techniques proposed herein allow an optimized reconstruction of the original information signal after encryption and decryption. This is based on the fact that the filters used in the synthesis phase of the encryption and decryption devices are configured complementary to the filters used in the analysis phase, and this avoids alias components appearing in the synthesized signal.
- the complementary approach allows a simplified construction of the synthesis filters, which are based on the analysis filters.
- a prototype (or sample or template) filter is used for construction of the analysis filters
- the construction of the synthesis filters is also particularly simplified.
- the prototype filter which may be provided e.g. in the form of a hardware implementation, is re-used for all filters of the analysis and synthesis filter banks. This allows a considerable reduction of resource usage, power consumption and size of the encryption or decryption device.
- employing subband-based technology allows parallel processing which in turn leads to low energy consumption and/or a minimization of latency being an important factor for man-man synchronous communication.
- the parallel processing may, for example, ensure that latency is uniformly distributed across the frequency spectrum.
- An FPGA may be used for implementing the parallel processing, which further reduces complexity and power consumption.
- the number of encoded and encrypted bits may be selected based on, for example, the distribution of signal energy over the frequency spectrum.
- the proposed techniques allow further optimizations related to a detection and deletion of silence periods in the voice signal.
- the conventional encryption by frequency permutation often do not lead to a satisfying scrambling of the original signal, which is basically due to the relatively narrowband nature of human speech in a transmission channel.
- confidentiality can be increased by exploiting the typically non-uniform distribution of energy in the information signal over the frequency spectrum. For example, a signal energy distribution of frequency subbands can be determined. Preferably subbands carrying high signal energy may be permuted. Moreover, it is proposed the option to add noise to subbands, for example subbands of low signal energy. Vice versa, a given desired level of confidentiality may be reached - employing the techniques proposed herein - with less processing efforts, which serves to reduce the processing efforts and required bandwidths. Further, a decryption device may be configured to ignore some of the frequency bands which the device knows to contain noise, which may lead to further savings in terms of processing resources, energy consumption, etc.
- an encryption/decryption system with a configurable level of security (confidentiality), i.e. a system allowing an adjustment of the complexity of the encryption operation(s).
- a configurable level of security i.e. a system allowing an adjustment of the complexity of the encryption operation(s).
- different security levels may be defined based on the number of frequency bands permuted and/or the number of frequency bands which are replaced by noise.
- the analysis of the (frequency) subbands for example with regard to the distribution of the signal energy, may also be adjusted according to the required security level, i.e. complexity of encryption or decryption operations.
- an encryption and/or decryption system operating according to the techniques proposed herein may also be implemented on a common hardware with a communication device, for example in a smartphone, notebook, etc.
- the proposed techniques allow implementing an encryption device, decryption device or combined device on a simplified circuitry with small footprint and which is straightforwardly connectable to a communication device such as a mobile phone and with minimal requirements on processing power, memory and/or power supply. No further external peripheral devices may be needed.
Abstract
Description
- The invention relates to techniques for encrypting and decrypting information signals, for example digital voice signals. More particularly, the invention relates to the encryption and decryption of information signals based on polyphase filter banks.
- Keeping privacy in telecommunications, for example telephone conversations, is an important requisite in many areas, such as in business, governmental or military fields. While various techniques for the encryption of for example voice or speech in real time exist, such techniques generally require considerable processing power. For this reason, encryption technologies are typically not included as a standard feature in communication devices. Encryption solutions for mobile devices such as cellular phones additionally need to observe the particular requirements imposed by the limited available energy in such a device and the small dimensions thereof.
- For these reasons voice encryption technologies are often provided as a separate unit (an 'add-on' device) to communication devices such as mobile phones. In principle, an analogue voice signal is captured by a microphone, digitized and input into the encryption add-on. After encryption, the add-on outputs the encrypted voice signal to the mobile phone. The encrypted signal is then transmitted via a mobile network to the receiving party, which may be another mobile phone. The encrypted signal is provided to a decryption add-on, which reverts the encryption and outputs the decrypted signal, for example back to the mobile phone.
- One conventional technique for voice encryption is the subband analysis of speech signals by using polyphase filters and the encryption of the signal via permutation of individual subbands. On the one hand, such technology may avoid a complex synchronization procedure such as a key exchange between encryption device and decryption device. On the other hand, however, existing implementations of encryption and decryption devices based on polyphase filter banks typically lead to a considerable deterioration of speech quality which is due to the fact that an optimal reconstruction of the original voice signal is not achieved. Moreover, in many implementations confidentiality is compromised from time to time or depending on individual speakers, which appears to be due to the fact that the permutation of subbands as performed in the current implementations is not sufficient, such that the speech remains recognizable for at least some parts of the communication.
- There is a demand for a realtime encryption and decryption technique for information signals such as voice signals, which achieves an appropriate level of confidentiality while also meeting further requirements such as those discussed above including, for example, minimizing complexity for a given degree of confidentiality, minimizing processing resources, minimizing energy consumption or minimizing size of an encryption or decryption device.
- This demand is satisfied by a method of encrypting information signals. The method comprises the steps of splitting, based on multiple analysis subband filters, an input information signal into a set of signal subbands; performing an encryption operation on one or more subbands of the set of subbands; and synthesizing, based on multiple synthesis subband filters, the encrypted set of subbands into an output information signal, wherein a particular synthesis filter is the product of all analysis filters except the analysis filter corresponding in subband to the particular synthesis filter. In some implementations, each of the synthesis filters of the synthesis filter bank is configured in this way.
- The above demand is further satisfied by a method of decrypting information signals. This method comprises the steps of splitting, based on multiple analysis subband filters, an input information signal into a set of signal subbands; performing a decryption operation on one or more subbands of the set of subbands; and synthesizing, based on multiple synthesis subband filters, the decrypted set of subbands into an output information signal, wherein a particular synthesis filter is the product of all analysis filters except the analysis filter corresponding in subband to the particular synthesis filter. In some implementations, each of the synthesis filters of the synthesis filter bank is configured in this way.
- The above methods may be applied to any kind of digital (or analogue) information signal including for example digital audio signals or digital voice or speech signals.
- The signal subbands may be interleaved subbands. The analysis and/or synthesis subband filters in both the above-outlined methods may be polyphase subband (component) filters. The analysis subband filters may be chosen such that the product of all analysis subband filters is all-pass, i.e. an input information signal would pass a filter implementing the product of all analysis subband filters essentially unchanged.
- In some implementations of either of the above methods, the multiple analysis filters may be derived from a single prototype subband filter. In this case, the configuration of the particular synthesis filter may be simplified. The prototype subband filter may for example be a (proprietary or standardized) low pass finite impulse response filter. The analysis / synthesis subband or component filters may be derived from the prototype filter using, e.g., a factorization technique.
- In some realizations of either one of the above methods, the number of signal subbands can be varied in time. The time variation (or non-uniformity) of the signal subbands may be selected according to a complexity of the information to be encrypted or decrypted, which may be based on a measure of an energy distribution of the input information signal in frequency. The number of signal subbands may be chosen such that the bit distribution of the encoding is proportional to the complexity of information. The analysis filters and correspondingly the synthesis filters may be adapted accordingly.
- The encryption or decryption operation may comprise transforming the signal subbands into frequency subbands. For example, a Fourier transformation, Laplace transformation or Z-transformation may be performed. A corresponding inverse or back transformation may also be included in the encryption (decryption) operation. In some modes of either one of the methods, the analysis transformation may be an inverse Fourier or Z-transformation, while the synthesis transformation is a corresponding back transformation.
- The encryption or decryption operation may comprise a permutation of at least two subbands. For example, in case the signal subbands are transformed into frequency subbands, two or more frequency subbands may be permuted. In some implementations, the permutation of subbands may be varied in time. The subbands to be currently permuted may either be signalled from an encrypting device to a decrypting device, or the permutation may be controlled by a control scheme which is in the same way or similarly implemented in both devices. As an example, a permutation of subbands may be based on a signal energy contained therein. For instance, the two subbands containing most of the signal energy may be permuted with each other. This permutation could be reverted in the decryption operation.
- Additionally or alternatively to permuting subbands, the encryption operation may comprise replacing at least one subband by noise. The noise has to be configured such that the output information signal is unrecognisable with high probability. A corresponding decryption operation may comprise removing noise from at least one subband based on, for example, the detection that a noise level in a subband exceeds a predetermined threshold or the detection of a pre-defined, particular signature imprinted on the noise by the encryption operation.
- The above-mentioned demand is satisfied by a further method for encrypting information signals. This method comprises the steps of splitting, based on multiple analysis subband filters, an input information signal into a set of signal subbands; performing an encryption operation on one or more subbands of the set of subbands, wherein the encryption operation comprises replacing at least one subband by noise; and synthesizing, based on multiple synthesis subband filters, the encrypted set of subbands into an output information signal.
- A corresponding method for decrypting information signals comprises the steps of splitting, based on multiple analysis subband filters, an input information signal into a set of signal subbands; performing a decryption operation on one or more subbands of the set of subbands, wherein the decryption operation comprises removing noise from at least one subband; and synthesizing, based on multiple synthesis subband filters, the decrypted set of subbands into an output information signal.
- Various implementations, realizations and modes of these methods may be considered which are similar to the implementations, realizations and modes of the first pair of methods outlined further above.
- The above-mentioned demand is further satisfied by a computer program product, which comprises program code portions for performing the steps of one or more of the methods and method aspects described herein when the computer program product is executed on one or more computing devices, for example one or both of an encryption device and a decryption device. The computer program product may be stored on a computer readable recording medium, such as a permanent or rewriteable memory within or associated with a computing device or a removable CD-ROM, DVD or USB-stick. Additionally or alternatively, the computer program product may be provided for download to a computing device, for example via a data network such as the Internet or a communication line such as a telephone line or wireless link.
- Still further, the above-mentioned demand is satisfied by an encryption device for encrypting information signals. The device comprises a component adapted to split, based on multiple analysis subband filters, an input information signal into a set of signal subbands; a component adapted to perform an encryption operation on one or more subbands of the set of subbands; and a component adapted to synthesize, based on multiple synthesis subband filters, the encrypted set of subbands into an output information signal, wherein a particular synthesis filter is the product of all analysis filters except the analysis filter corresponding in subband to the particular synthesis filter.
- The above-mentioned demand is also satisfied by a decryption device for decrypting information signals. The decryption device comprises a component adapted to split, based on multiple analysis subband filters, an input information signal into a set of signal subbands; a component adapted to perform a decryption operation on one or more subbands of the set of subbands; and a component adapted to synthesize, based on multiple synthesis subband filters, the decrypted set of subbands into an output information signal, wherein a particular synthesis filter is the product of all analysis filters except the analysis filter corresponding in subband to the particular synthesis filter.
- Regarding still another aspect, the above-mentioned demand is also satisfied by a further encryption device for encrypting information signals. This device comprises a component adapted to split, based on multiple analysis subband filters, an input information signal into a set of signal subbands; a component adapted to perform an encryption operation on one or more subbands of the set of subbands, wherein the encryption operation comprises replacing at least one subband by noise; and a component adapted to synthesize, based on multiple synthesis subband filters, the encrypted set of subbands into an output information signal.
- A corresponding device for decrypting information signals also satisfies the above demand and comprises a component adapted to split, based on multiple analysis subband filters, an input information signal into a set of signal subbands; a component adapted to perform a decryption operation on one or more subbands of the set of subbands, wherein the decryption operation comprises removing at least one subband which represents noise; and a component adapted to synthesize, based on multiple synthesis subband filters, the decrypted set of subbands into an output information signal.
- The abovementioned demand is further satisfied by an encryption (decryption) device comprising the encryption device as outlined above and the decryption device as outlined above. The encryption (decryption) device may be adapted to the encryption (decryption) of voice or speech signals and may be particularly configured as an add-on device for mobile phones.
- The abovementioned demand is still further satisfied by a communication device, wherein the communication device comprises at least one of the encryption device and the decryption device as outlined above. The communication device may comprise a mobile phone, wherein the encryption device and/or decryption device may be implemented as hardware, software, or a combination thereof. Another implementation of the communication device comprises a headset connectable to a mobile phone. For example, the headset may be an external headset with processing capabilities for connection with a mobile phone via Bluetooth or a similar wireless connection technique.
- Any of the above-outlined devices may be implemented based on an FPGA (Field-Programmable Gate Array). Additionally or alternatively, at least a portion of a circuitry of any one of the above-outlined devices may be adapted for parallel processing. For example, the parallel processing may be realized based on the aforementioned prototype subband filter. An implementation of the above-mentioned headset may comprise an encryption and/or decryption device implemented on an FPGA with parallel processing capabilities.
- In the following, the invention will further be described with reference to exemplary embodiments illustrated in the figures, in which:
- Fig. 1
- schematically illustrates an embodiment of a system for encrypting and decrypting an information signal;
- Fig. 2
- illustrates functional blocks of an encryption device of the system of
Fig. 1 ; - Fig. 3
- is a flow diagram illustrating an operation of the encryption device of
Fig. 2 ; - Fig. 4
- illustrates functional blocks of a decryption device of the system of
Fig. 1 ; - Fig. 5
- is a flow diagram illustrating an operation of the decryption device of
Fig. 4 ; - Fig. 6
- is a flow diagram illustrating encryption operations performed by the encryption device of
Fig. 2 ; - Fig. 7
- is a flow diagram illustrating decryption operations performed by the decryption device of
Fig. 4 ; and - Figs. 8a-d
- illustrate functional aspects of the analysis / synthesis filters of the devices of
Figs. 2 and4 . - In the following description, for purposes of explanation and not limitation, specific details are set forth in order to provide a thorough understanding of the current invention. It will be apparent to one skilled in the art that the current invention may be practiced in other embodiments that depart from these specific aspects. For example, the skilled artisan will appreciate that the current invention may be practised not only with mobile (cellular, cordless) phones or more general with mobile or wireless communications, but also with wireline communications, i.e. wireline, landline or stationary phones including, e.g. IP phones ("Voice over IP").
- The techniques described below may not only be applied to encryption and decryption of digital voice or speech signals, but to any kind of audio signals or more generally information signals including, for example, video signals, facsimilie data, electronic files (file transfer) or electronic data. Besides that, the techniques described herein may not only be used in conjunction with digital signal processing, but also analogue signal processing.
- Those skilled in the art will further appreciate that functions explained hereinbelow may be implemented using individual hardware circuitry, but also using software functioning in conjunction with a programmed microprocessor, field-programmable gate array (FPGA), application specific integrated circuit (ASIC) and/or one or more digital signal processors (DSPs). Further, instead of being provided as an add-on to, e.g., cellular phones, an encryption and/or decryption device may also be implemented purely software-based depending on the processing capabilities of current or future general purpose processing hardware available for, e.g., mobile phones.
-
Fig. 1 illustrates an embodiment of asystem 100 for the encryption and decryption of digital audio signals. The system comprises an analogueaudio input device 102, an Analogue-to-Digital(A/D)unit 104, anencryption device 106 and acellular phone 108 in communication via amobile network 110 with a receivingmobile phone 112, adecryption device 114, a Digital-to-Analogue (D/A)unit 116 and an analogueaudio output device 118. Theaudio input device 102 may be a microphone, while theaudio output device 118 may be a loudspeaker. - The
encryption device 106 may be a hardware add-on which may or may not be specifically adapted to themobile phone 108. For example, theencryption device 106 may be connected to a conventional interface to themobile phone 108, such as a headset interface as it is conventionally used for hands-free operation of mobile phones. In this way, the encryption device may replace a headset or may be connected in between the headset and the mobile phone. The A/D-unit 104 may be provided on a common hardware with either one or both of themicrophone 102 andencryption device 106 or may be provided as a stand-alone unit. In some configurations theaudio input 102 may be a microphone integrated inmobile phone 108. - A user speaks into the
audio input device 102, which generates an analogue electrical representation of the voice or speech input. The electrical signal is provided to the A/D-unit 104, which samples the signal and generates adigital representation 120 thereof. Thedigital voice signal 120 is input to theencryption device 106, which encrypts the signal as will be described in detail further below. Theencrypted output signal 122 is provided to themobile phone 108 in digital or analogue form. In the embodiment described here it is assumed that theencryption device 106 outputs digital encrypted voice signals. - The
signal 122 provided to themobile phone 108 is transmitted via themobile network 110 towards the receiving party, i.e.mobile phone 112. From there, the received encrypted voice signal is forwarded 124 to thedecryption device 114. It depends on the details of the implementation whether the receivedencrypted voice signal 124 is provided to thedecryption device 114 in digital or analogue form. In the embodiment described here, it is assumed that thesignal 124 is input to the decryption device as a digital signal. - The
decryption device 114 decrypts theencrypted voice signal 124. The decryptedvoice signal 126 is fed to the D/A-unit 116 which provides an analogue representation of theaudio signal 126 to theaudio output 118. Thedecryption device 114 may, for example, be connected in between themobile phone 112 and a headset which includes the D/A-unit 116 andaudio output 118. As one alternative, the D/A-unit 116 may be implemented on a common hardware with thedecryption device 114. In some configurations theaudio output 118 may be aloudspeaker 118 integrated inmobile phone 112. - Any of the
encryption device 106 and thedecryption device 114 may, for example, be implemented on an FPGA platform and may, depending on the concrete operational environment, include A/D-converter and/or D/A-converter, although these are illustrated as separate units inFig. 1 . An encryption device (decryption device) may further comprise various connectors for microphone, earphones, USB port, Ethernet interface, RS-232 port, etc. -
Fig. 2 illustrates functional building blocks of theencryption device 106 ofFig. 1 . Theinput voice signal 120 is processed by ananalysis filter bank 204, a scalar-to-vector conversion unit 206, atransformation component 208, apermutation component 210 and anoise generator 212 associated therewith, afurther transformation component 214, a vector-to-scalar conversion unit 216 and asynthesis filter bank 218, which outputs the encrypted audio signal 122 (cf.Fig. 1 ). - An operation of the
encryption device 106 will now be described with reference to the flow diagram ofFig. 3 . Generally, theencryption device 106 operates to encrypt digital information signals, more particularly thedigital voice signal 120. In other embodiments, an input information signal may be an analogue signal. An encryption device may then comprise an A/D-unit similar to A/D-unit 104 ofFig. 1 . - In
step 302, theinput voice signal 120 is provided to theanalysis filter bank 204, which operates to split theinput voice signal 120 into a set of signal subbands. It is assumed that thefilter bank 204 is a polyphase filter bank comprising multiple analysis subband filters (component filters) generating a set of interleaved subbands. While in the example illustrated inFig. 2 theinput signal 120 is split into 16subbands 220, in other embodiments a smaller or larger number of subbands may be configured. The multiple analysis filters of thefilter bank 204 may be derived from a single prototype subband filter, which may be a standardized or a proprietary lowpass finite impulse response (FIR) filter. The desired number of analysis subband filters (polyphase component filters), may be derived therefrom by using a factorization technique. - In
step 304, at least one encryption operation is performed on one or more subband of the set ofsubbands 220 generated by thefilter bank 204. Details on the encryption operations will be described with reference toFig. 6 further below. As a result of the encryption operations performed, instep 306 an encrypted set ofsubbands 222 is provided to thesynthesis filter bank 218, which operates to synthesize the encrypted set ofsubbands 222 into theoutput voice signal 122. Thefilter bank 218 may be configured similarly as theanalysis filter bank 204, i.e. may also be a polyphase filter bank comprising multiple (synthesis) subband filters. As will be discussed further below, the synthesis filters are adjusted in a way complementary to the analysis filters offilter bank 204. Specifically, each of the synthesis filters is a product of all analysis filters offilter bank 204 except the analysis filter which corresponds in subband to the particular synthesis filter. The reasons for this choice will be discussed with reference toFigs. 8a-8d . -
Fig. 4 illustrates functional building blocks of thedecryption device 114 ofFig. 1 . The encryptedinput voice signal 124 is processed by ananalysis filter bank 402, a scalar-to-vector conversion unit 404, atransformation component 406, apermutation component 408, anoise remover 410, afurther transformation component 412, a vector-to-scalar conversion unit 414 and asynthesis filter bank 416, which outputs the decrypted audio signal 126 (cf.Fig. 1 ). - An operation of the
decryption device 114 will be described with reference to the flow diagram ofFig. 5 . Generally, thedecryption device 114 operates to decrypt digital information signals, more particularly thedigital voice signal 124. In other embodiments, an encrypted input information signal may be an analogue signal. A decryption device may then comprise an A/D-unit. Generally, the components 402 - 416 may be configured similar in various aspects to the components 204 - 218 of theencryption device 106. A repetition of such aspects is therefore omitted. - In
step 502, theanalysis filter bank 402 operates to split the (encrypted)input voice signal 124 into a set of signal subbands. The analysis subband filters of thefilter bank 402 may be configured similar to the filters offilter bank 204 in theencryption device 106. For example, the same prototype filter may be used to derive the filters for thebanks step 504, at least one decryption operation is performed on one or more of the set ofsubbands 418 output by theanalysis filter bank 402. Details on the decryption operations will be described with reference toFig. 7 below. Instep 506, the decrypted set ofsubbands 420 is provided to thesynthesis filter bank 416, which operates to synthesize, based on multiple synthesis subband filters, the decrypted set ofsubbands 420 into the decrypted output voice signal 126 (cf.Fig. 1 ). -
Fig. 6 illustrates encryption operations which may be performed in the course ofstep 304 ofFig. 3 and which are described taking reference of theencryption device 106 inFig. 2 . Instep 602 the signal subbands generated infilter bank 204 are transformed into frequency subbands. Specifically, the scalar-to-vector conversion unit 206 converts the signal subbands 220 into avector 224 which is then input into thetransformation component 208. This component performs an Inverse Discrete Fourier Transformation (IDFT) of theinput vector 224. The resulting output is a set offrequency subbands 226. It is to be noted that the scalar-tovector conversion unit 206 operates to specifically configure thesubbands 220 for input to theIDFT component 208. In other embodiments, a component different fromunit 206 may be provided. In still other embodiments, no component at all may be provided and the subbands generated by the filter bank may be input directly into a transformation component. Similar considerations hold for the vector-to-scalar conversion unit 216 discussed below. - In
step 604, thepermutation component 210 performs a permutation of at least two of the set ofsubbands 226. This permutation may be performed the same all the time or may be varied in time during the operation of theencryption device 106. A time variation of the permutation may be performed following a fixed predefined scheme and/or may be controlled dependent on properties of the voice signal to be encrypted. As an example, a signal energy may be detected for at least a subset of the set of frequency subbands. Permutations may then, for example, be performed on those subbands containing most of the signal energy. This will in typical situations lead to an appropriate encryption of voice or similar information carrying signals, as an insufficient scrambling due to a permutation of empty subbands is avoided. Further, the permutation process may be easily reverted in the decryption device without the need for an extra signalling. Consider a permutation of the two subbands containing most of the signal energy: Performing exactly the same processing in the decryption device would revert the permutation and would in this way decrypt the encrypted signal. However, in some embodiments in which time-varying encryption is applied, parameters for properly controlling a decryption may be signalled to the decryption device. Such signalling may be performed in-line, i.e. embedded within the encrypted information signal, or in any other way. - In
step 606, thenoise generator 212 operates to replace at least one of the frequency subbands 226 by noise. The noise may be, for example, white noise which may or may not be randomly generated. An intensity of the noise has to be sufficient such that the speech signal becomes unrecognizable and that cryptoanalytic attacks on the encrypted information signal are prevented. The noise intensity may be predetermined or may be controlled based on, for example, a signal energy measured from one or more of the subbands or theinput information signal 120. For instance, the signal energies measured for controlling a permutation process may also be used for controlling the noise to be injected into the signal. In some embodiments, an in-line signalling may be imprinted on the noise in order that the decryption device may properly control a decryption, as discussed above. - The subband(s) to be replaced by noise may be fixed. For example, a frequency subband known to generally carry low signal energy for the case of human speech may be chosen. Additionally or alternatively, based on a measurement of subband signal energies, one or more subbands containing a signal energy below a predetermined threshold or containing the lowest signal energy in the set of subbands may be selected for noise injection.
- In
step 608, thetransformation component 214 perform the inverse transformation to the transformation performed by thetransformation component 208. In the embodiment illustrated inFig. 2 , thetransformation component 214 performs a Discrete Fourier transformation (DFT). The resulting vector 230 is fed to the vector-to-scalar conversion unit 216 which outputs the encrypted set ofsignal subbands 222 to thesynthesis filter bank 218, as has been described already above. - While the
steps Fig. 6 as following on each other, it is to be noted that subband permutation and noise injection may be performed in any order and may also be performed in parallel to each other. Further, an encryption device may perform only one of these operations. For example, a particular encryption device may only perform the subband permutation or may only perform noise injection. Still other encryption devices may be set into different confidentiality modes according to a desired confidentiality level (security level). Such a level may be measured, for example, by estimates of the efforts (processing power) required for an attacker to decrypt the encrypted information signal. The device confidentiality modes may differ from each other by switching on or off or configuring in different ways one or more of the above encryption operations. Moreover, such a multi-mode encryption (or decryption) device may be manually or automatically adjusted to its decryption (or encryption) counterpart, which may be of a different model series etc., at the other end of the communication line. -
Fig. 7 illustrates decryption operations which may be performed in the course ofstep 504 ofFig. 5 and which are described taking reference of thedecryption device 114 ofFig. 4 . It is generally to be noted that many units and components of thedecryption device 114 may operate similarly to the corresponding units and components of the encryption device 106 (in some embodiments, all units and components may operate similar). In particular, thefilter banks device 114 may exactly correspond to thefilter banks device 106. In case of a combined device for encryption and decryption, which may be used in an ongoing communication to encrypt outgoing signals and decrypt incoming signals in an alternating fashion, one and the same combination of analysis filter bank and synthesis filter bank may be used for the encryption and the decryption. Thus, only a single analysis filter bank and a single synthesis filter bank may be required. Similarly, only one set of encryption and decryption components may be required for performing the encryption and decryption operations (however, the noise injection cannot simply be reverted). - In
step 702 theencrypted signal subbands 418 are transformed into frequency subbands. Thecomponents encryption device 114 may operate similar to thecomponents Fig. 2 ; therefore the detailed description ofstep 602 applies similarly also to thecomponents transformation component 406 is a set offrequency subbands 422. Instep 704, thepermutation component 408 operates to perform a permutation of at least two subbands from the set ofsubbands 422. In order for a successful decryption, the permutation performed by thepermutation component 210 in theencryption device 106 has to be reverted. How to correctly reverse the permutation process performed in theencryption device 106 depends on the details thereof. - In case a fixed permutation scheme is implemented by the
permutation device 210, the reverse permutation scheme will also be a fixed scheme, and may even be exactly the same scheme. In case the permutation is varied in time according to a prescribed scheme, thecomponent 408 may apply a similar scheme, however, some time synchronization would then be required betweencomponents permutation component 408. Such signalling mechanism may comprise in-line signalling, which may for example be imprinted on the noise by thenoise generator 212 inFig. 2 . - In case a permutation is controlled by parameters related to properties of the current information signal, both the
permutation components permutation component 408 may act exactly similar as thepermutation component 210 in order to revert the permutation performed therein. - In
step 706, thenoise remover 410 operates to remove noise from those subbands to which noise has been added by thenoise generator 212 in theencryption device 106. In case thenoise generator 212 replaces a signal by noise in fixedly prescribed subbands, thenoise remover 410 may replace noise by silence (zero signal energy) in these subbands. In case thenoise generator 212 determines subbands with low signal energy, thenoise remover 410 has to detect the one or more subbands of the set ofsubbands 422 which contain noise. Thecomponent 410 requires decision logic in this respect in order to decide whether a subband is filled, for example, by white noise. In case thenoise generator 212 in theencryption device 106 imprints a particular "noise ID" signature on the noise, thenoise remover 410 may specifically search for such noise ID in the set offrequency subbands 422. In case such a noise ID is detected in a frequency subband, the signal in this subband is replaced by silence. - In
step 708, thetransformation components frequency subbands 424. The back transformation may be performed in a way as has been described with reference to thecomponents encryption device 106; this description may therefore be referred to. - The sequence of
steps steps - Turning to the configuration in detail of the filter banks in the
encryption device 106 anddecryption device 114, it is generally to be noted that the analysis and synthesis of the unencrypted voice signal in theencryption device 106 and of the encrypted voice signal in thedecryption device 114 may be performed in the same way. Therefore, while for the sake of brevity in the following it is only referred to theanalysis filter bank 204 andsynthesis filter bank 218 of theencryption device 106, it is to be understood that these considerations hold similarly for theanalysis filter bank 402 and thesynthesis filter bank 416 of thedecryption device 114. - In order to minimize speech deterioration during encryption and decryption of a voice signal, it is required that the synthesis subband filters are configured complementary to the analysis subband filters. More specifically, one or more of each of the filter functions for the synthesis subband filters may be configured as the product of all filter functions of the analysis filters except the filter function for the analysis filter corresponding in subband to the synthesis filter to be configured. A derivation is presented in the following proving plausibility of this concept.
- The analysis filters (filter functions, polyphase components or subphase filters of the analysis filter bank) are denoted as Ei, i = 0, 1, ..., M-1; i.e., there are M polyphase components in the analysis filter bank. Further, H denotes the product of all analysis filters Ei ,
-
Fig. 8a schematically illustrates a signal processing system accepting a digital input signal x [n] and providing an output signal y [n]. The signal x [n] is processed by M branches, each branch applying the product of filter functions F1(z), F2(z), ..., FM(z) =u[n]. As the system ofFig. 8a is intended as a model for the encryption and decryption of an information signal without signal deterioration, it is demanded that the behaviour of the system should be all-pass, i.e. x[n] = y[n] (ignoring factors of 1/M). Let X(z), Y(z) and Uk(z) represent the z-transforms of x(z), y(z) and uk(z). In this case, -
-
Fig. 8b illustrates the system ofFig. 8a wherein the filter functions F(z) have been rearranged. Still, the system behaviour is all-pass. An identity matrix may be inserted at the point A indicated inFig. 8b , which also leaves the operation of the system unchanged. - In order to apply the system arranged as in
Fig. 8b to the analysis and synthesis of information signals, we identify the filter functions F(z) with the polyphase coefficients E(z) and insert at the point A inFig. 8b the product of the inverse and direct FFT matrices as the identity matrix. The resulting filter H is depicted inFig. 8c . Insertion of H as shown inFig. 8c into the system ofFig. 8b leads to the system of inFig. 8d , which schematically illustrates an operation principle ofencryption device 106 ordecryption device 114. Note that the encryption or decryption operations discussed above are performed at the point indicated byarrow 802. - Assuming the filter bank (set of analysis filters) 204 of the
device 106 is represented by the set offilters 804 inFig. 8d , thefilter bank 218 is represented by the set offilters 806 inFig. 8d . The synthesis filters 806 are complementary to the analysis filters 804. For example, the synthesis filter corresponding to the analysis filter E0 (i.e. the synthesis filter which corresponds to the analysis filter in the 0th subband) is E1 E2 ... EM-1 , the synthesis filter corresponding to the analysis filter E1 is E0 E2 ... EM-1 , etc., and the synthesis filter corresponding to the analysis filter EM-1 is E0 E1 ,.. EM-2 . - In an embodiment in which the
multiple analysis filters 804 are derived from a single prototype subband filter E, the synthesis filters 806 can be constructed based only on the prototype E in order to achieve an optimal reconstruction of the original input information signal x[n]. The original signal is approximated as - The above-described approach allows static and dynamic filter banks. For instance, the signal subbands can be varied in time, i.e. non-uniform filter banks can be realized, wherein the bit distribution of the encoding is proportional to the complexity of the information carried in each subband. In this way, the signal subbands may be varied in time based on an energy distribution of the information signal in frequency. In other embodiments, the signal subbands may be varied in time according to a predefined scheme, which would have to be known to the receiver also. As a general example for a time-variation, in a non-uniform filter bank one or more of the vertical stages of the analysis and synthesis filter banks may be omitted leading to ½ or ¼ of the resolution.
- The techniques proposed herein allow an optimized reconstruction of the original information signal after encryption and decryption. This is based on the fact that the filters used in the synthesis phase of the encryption and decryption devices are configured complementary to the filters used in the analysis phase, and this avoids alias components appearing in the synthesized signal. At the same time, the complementary approach allows a simplified construction of the synthesis filters, which are based on the analysis filters. In case a prototype (or sample or template) filter is used for construction of the analysis filters, the construction of the synthesis filters is also particularly simplified. In some embodiments the prototype filter, which may be provided e.g. in the form of a hardware implementation, is re-used for all filters of the analysis and synthesis filter banks. This allows a considerable reduction of resource usage, power consumption and size of the encryption or decryption device.
- Further, employing subband-based technology allows parallel processing which in turn leads to low energy consumption and/or a minimization of latency being an important factor for man-man synchronous communication. The parallel processing may, for example, ensure that latency is uniformly distributed across the frequency spectrum. An FPGA may be used for implementing the parallel processing, which further reduces complexity and power consumption. In another approach to save processing efforts, the number of encoded and encrypted bits may be selected based on, for example, the distribution of signal energy over the frequency spectrum. The proposed techniques allow further optimizations related to a detection and deletion of silence periods in the voice signal.
- The conventional encryption by frequency permutation often do not lead to a satisfying scrambling of the original signal, which is basically due to the relatively narrowband nature of human speech in a transmission channel. As proposed herein, confidentiality can be increased by exploiting the typically non-uniform distribution of energy in the information signal over the frequency spectrum. For example, a signal energy distribution of frequency subbands can be determined. Preferably subbands carrying high signal energy may be permuted. Moreover, it is proposed the option to add noise to subbands, for example subbands of low signal energy. Vice versa, a given desired level of confidentiality may be reached - employing the techniques proposed herein - with less processing efforts, which serves to reduce the processing efforts and required bandwidths. Further, a decryption device may be configured to ignore some of the frequency bands which the device knows to contain noise, which may lead to further savings in terms of processing resources, energy consumption, etc.
- It is also proposed an encryption/decryption system with a configurable level of security (confidentiality), i.e. a system allowing an adjustment of the complexity of the encryption operation(s). For example, different security levels may be defined based on the number of frequency bands permuted and/or the number of frequency bands which are replaced by noise. The analysis of the (frequency) subbands, for example with regard to the distribution of the signal energy, may also be adjusted according to the required security level, i.e. complexity of encryption or decryption operations.
- On the other hand, an encryption and/or decryption system operating according to the techniques proposed herein may also be implemented on a common hardware with a communication device, for example in a smartphone, notebook, etc.
- The proposed techniques allow implementing an encryption device, decryption device or combined device on a simplified circuitry with small footprint and which is straightforwardly connectable to a communication device such as a mobile phone and with minimal requirements on processing power, memory and/or power supply. No further external peripheral devices may be needed.
- While the current invention has been described in relation to its preferred embodiments, it is to be understood that this description is for illustrative purposes only. Accordingly, it is intended that the invention be limited only by the scope of the claims appended hereto.
Claims (16)
- A method of encrypting information signals, the method comprising the steps of- splitting (302), based on multiple analysis subband filters (204), an input information signal (120) into a set of signal subbands (220);- performing (304) an encryption operation on one or more subbands of the set of subbands; and- synthesizing (306), based on multiple synthesis subband filters (218), the encrypted set of subbands (222) into an output information signal (122),wherein a particular synthesis filter is the product of all analysis filters except the analysis filter corresponding in subband to the particular synthesis filter.
- A method of decrypting information signals, the method comprising the steps of- splitting (502), based on multiple analysis subband filters (402), an input information signal (124) into a set of signal subbands (418);- performing (504) a decryption operation on one or more subbands of the set of subbands; and- synthesizing (506), based on multiple synthesis subband filters (416), the decrypted set of subbands (420) into an output information signal (126),wherein a particular synthesis filter is the product of all analysis filters except the analysis filter corresponding in subband to the particular synthesis filter.
- The method according to claim 1 or 2,
wherein the product of all analysis subband filters (204, 402) is all-pass. - The method according to any one of the preceding claims,
wherein the multiple analysis filters (204, 402) are derived from a single prototype subband filter. - The method according to any one of the preceding claims,
wherein the encryption or decryption operation comprises transforming (602) the signal subbands (220, 418) into frequency subbands (226, 422). - The method according to any one of the preceding claims,
wherein the encryption or decryption operation comprises a permutation (604) of at least two subbands. - The method according to claim 6,
wherein the permutation is varied in time. - The method according to any one of claims 1 and 3 to 7,
wherein the encryption operation comprises replacing (606) at least one subband by noise. - The method according to any one of claims 1 and 3 to 8,
wherein the number of signal subbands is varied in time. - A method of encrypting information signals, the method comprising the steps of- splitting (302), based on multiple analysis subband filters (204), an input information signal (120) into a set of signal subbands (220);- performing (304) an encryption operation on one or more subbands of the set of subbands, wherein the encryption operation comprises replacing (606) at least one subband with noise; and- synthesizing (306), based on multiple synthesis subband filters (218), the encrypted set of subbands (222) into an output information signal (122).
- A method of decrypting information signals, the method comprising the steps of- splitting (502), based on multiple analysis subband filters (402), an input information signal (124) into a set of signal subbands (418);- performing (504) a decryption operation on one or more subbands of the set of subbands, wherein the decryption operation comprises removing (706) noise from at least one subband; and- synthesizing (506), based on multiple synthesis subband filters (416), the decrypted set of subbands (420) into an output information signal (126).
- A computer program product comprising program code portions for performing the method according to any one of the preceding claims when the computer program product is executed on one or more computing devices.
- An encryption device (106) for encrypting information signals, comprising:- a component (204) adapted to split, based on multiple analysis subband filters, an input information signal (120) into a set of signal subbands (220);- a component (206 - 216) adapted to perform an encryption operation on one or more subbands of the set of subbands; and- a component (218) adapted to synthesize, based on multiple synthesis subband filters, the encrypted set of subbands (222) into an output information signal (122),wherein a particular synthesis filter is the product of all analysis filters except the analysis filter corresponding in subband to the particular synthesis filter.
- A decryption device for decrypting information signals, comprising:- a component (402) adapted to split, based on multiple analysis subband filters, an input information signal (124) into a set of signal subbands (418);- a component (404 - 414) adapted to perform a decryption operation on one or more subbands of the set of subbands; and- a component (416) adapted to synthesize, based on multiple synthesis subband filters, the decrypted set of subbands (420) into an output information signal (126),wherein a particular synthesis filter is the product of all analysis filters except the analysis filter corresponding in subband to the particular synthesis filter.
- An encryption and decryption device comprising the encryption device according to claim 13 and the decryption device according to claim 14, adapted in particular as an add-on device for mobile phones.
- A communication device, in particular a mobile phone or a headset connectable to a mobile phone, comprising at least one of the encryption device according to claim 13 and the decryption device according to claim 14.
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP08390001A EP2178235B1 (en) | 2008-10-17 | 2008-10-17 | Encryption of information signals |
AT08390001T ATE527768T1 (en) | 2008-10-17 | 2008-10-17 | ENCRYPTION OF INFORMATION SIGNALS |
CY20111101254T CY1112183T1 (en) | 2008-10-17 | 2011-12-16 | CODING OF INFORMATION SIGNS |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP08390001A EP2178235B1 (en) | 2008-10-17 | 2008-10-17 | Encryption of information signals |
Publications (2)
Publication Number | Publication Date |
---|---|
EP2178235A1 true EP2178235A1 (en) | 2010-04-21 |
EP2178235B1 EP2178235B1 (en) | 2011-10-05 |
Family
ID=40427843
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP08390001A Active EP2178235B1 (en) | 2008-10-17 | 2008-10-17 | Encryption of information signals |
Country Status (3)
Country | Link |
---|---|
EP (1) | EP2178235B1 (en) |
AT (1) | ATE527768T1 (en) |
CY (1) | CY1112183T1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20180026533A (en) * | 2015-07-06 | 2018-03-12 | 자일링크스 인코포레이티드 | Variable bandwidth filtering |
US20210288807A1 (en) * | 2018-07-10 | 2021-09-16 | Cirrus Logic International Semiconductor Ltd. | System and method for performing biometric authentication |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB1465923A (en) * | 1973-04-03 | 1977-03-02 | Siemens Ag | Camouflaged speech signal transmission systems |
US4829378A (en) * | 1988-06-09 | 1989-05-09 | Bell Communications Research, Inc. | Sub-band coding of images with low computational complexity |
US4959863A (en) * | 1987-06-02 | 1990-09-25 | Fujitsu Limited | Secret speech equipment |
-
2008
- 2008-10-17 EP EP08390001A patent/EP2178235B1/en active Active
- 2008-10-17 AT AT08390001T patent/ATE527768T1/en not_active IP Right Cessation
-
2011
- 2011-12-16 CY CY20111101254T patent/CY1112183T1/en unknown
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB1465923A (en) * | 1973-04-03 | 1977-03-02 | Siemens Ag | Camouflaged speech signal transmission systems |
US4959863A (en) * | 1987-06-02 | 1990-09-25 | Fujitsu Limited | Secret speech equipment |
US4829378A (en) * | 1988-06-09 | 1989-05-09 | Bell Communications Research, Inc. | Sub-band coding of images with low computational complexity |
Non-Patent Citations (2)
Title |
---|
SMITH M J T ET AL: "EXACT RECONSTRUCTION TECHNIQUES FOR TREE-STRUCTURED SUBBAND CODERS", IEEE TRANSACTIONS ON ACOUSTICS, SPEECH AND SIGNAL PROCESSING, IEEE INC. NEW YORK, USA, vol. ASSP-34, no. 3, 1 June 1986 (1986-06-01), pages 434 - 441, XP000828453, ISSN: 0096-3518 * |
WADA S ET AL: "SPECTRUM SCRAMBLING BY MEANS OF QMF BANKS FOR SECURE COMMUNICATION", IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS,COMMUNICATIONS AND COMPUTER SCIENCES, ENGINEERING SCIENCES SOCIETY, TOKYO, JP, vol. E78-A, no. 8, 1 August 1995 (1995-08-01), pages 1042 - 1045, XP000536063, ISSN: 0916-8508 * |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20180026533A (en) * | 2015-07-06 | 2018-03-12 | 자일링크스 인코포레이티드 | Variable bandwidth filtering |
JP2018524930A (en) * | 2015-07-06 | 2018-08-30 | ザイリンクス インコーポレイテッドXilinx Incorporated | Variable bandwidth filtering |
KR102644069B1 (en) | 2015-07-06 | 2024-03-05 | 자일링크스 인코포레이티드 | Variable bandwidth filtering |
US20210288807A1 (en) * | 2018-07-10 | 2021-09-16 | Cirrus Logic International Semiconductor Ltd. | System and method for performing biometric authentication |
US11799657B2 (en) * | 2018-07-10 | 2023-10-24 | Cirrus Logic Inc. | System and method for performing biometric authentication |
Also Published As
Publication number | Publication date |
---|---|
CY1112183T1 (en) | 2015-12-09 |
EP2178235B1 (en) | 2011-10-05 |
ATE527768T1 (en) | 2011-10-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8855303B1 (en) | Cryptography using a symmetric frequency-based encryption algorithm | |
Mosa et al. | Chaotic encryption of speech signals | |
EP2772001B1 (en) | Dynamic encryption method | |
Belmeguenai et al. | A novel approach based on stream cipher for selective speech encryption | |
Elshamy et al. | Efficient audio cryptosystem based on chaotic maps and double random phase encoding | |
TW201342873A (en) | Speech scrambling method, encryption/decryption method and scrambling equipment | |
KR20200135128A (en) | Symmetric quantum cryptography key based encryption device for voice communication | |
Slimani et al. | Encryption of speech signal with multiple secret keys | |
EP2178235B1 (en) | Encryption of information signals | |
WO2007120006A1 (en) | Method and apparatus for voice signal encryption/decryption | |
Manjunath et al. | Speech encryption using circulant transformations | |
Hermassi et al. | A joint encryption-compression codec for speech signals using the ITU-T G. 711 standard and chaotic map | |
CN106412812A (en) | Bluetooth voice communication method, Bluetooth voice communication system and Bluetooth headset | |
Mossa | Security enhancement for AES encrypted speech in communications | |
CN102307346B (en) | Method for security of mobile phone communication and security mobile phone | |
CN104994500B (en) | A kind of speech security transmission method and device for mobile phone | |
CN102035925A (en) | Novel secure telephone and secure communication method thereof | |
Ridha et al. | Modified blind source separation for securing end-to-end mobile voice calls | |
Su et al. | Hierarchical selective encryption for G. 729 speech based on bit sensitivity | |
JP2013098869A (en) | Voice system | |
Jameel et al. | Transform-domain and DSP based secure speech communication system | |
Kim et al. | On the voice and image data encryption using advanced encryption standard (AES) in counter mode for multimedia broadcasting | |
Ameen et al. | Design and Hardware Implementation of a Speech Cipher System | |
CN202218292U (en) | Secure mobile phone | |
JPH04304727A (en) | Data ciphering device, data decoder and data ciphering decoder |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MT NL NO PL PT RO SE SI SK TR |
|
AX | Request for extension of the european patent |
Extension state: AL BA MK RS |
|
17P | Request for examination filed |
Effective date: 20100930 |
|
GRAP | Despatch of communication of intention to grant a patent |
Free format text: ORIGINAL CODE: EPIDOSNIGR1 |
|
AKX | Designation fees paid |
Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MT NL NO PL PT RO SE SI SK TR |
|
GRAS | Grant fee paid |
Free format text: ORIGINAL CODE: EPIDOSNIGR3 |
|
GRAA | (expected) grant |
Free format text: ORIGINAL CODE: 0009210 |
|
AK | Designated contracting states |
Kind code of ref document: B1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MT NL NO PL PT RO SE SI SK TR |
|
REG | Reference to a national code |
Ref country code: GB Ref legal event code: FG4D |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: EP |
|
REG | Reference to a national code |
Ref country code: IE Ref legal event code: FG4D |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R096 Ref document number: 602008010231 Country of ref document: DE Effective date: 20111201 |
|
REG | Reference to a national code |
Ref country code: NL Ref legal event code: VDEP Effective date: 20111005 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: SI Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20111005 |
|
LTIE | Lt: invalidation of european patent or patent extension |
Effective date: 20111005 |
|
REG | Reference to a national code |
Ref country code: GR Ref legal event code: EP Ref document number: 20110402998 Country of ref document: GR Effective date: 20120206 |
|
REG | Reference to a national code |
Ref country code: AT Ref legal event code: MK05 Ref document number: 527768 Country of ref document: AT Kind code of ref document: T Effective date: 20111005 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: BE Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20111005 Ref country code: NO Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120105 Ref country code: LT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20111005 Ref country code: IS Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120205 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: SE Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20111005 Ref country code: MC Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20111031 Ref country code: NL Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20111005 Ref country code: HR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20111005 Ref country code: LV Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20111005 Ref country code: PT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120206 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: DK Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20111005 Ref country code: EE Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20111005 Ref country code: CZ Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20111005 Ref country code: SK Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20111005 Ref country code: BG Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120105 |
|
PLBE | No opposition filed within time limit |
Free format text: ORIGINAL CODE: 0009261 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: RO Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20111005 Ref country code: PL Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20111005 Ref country code: IT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20111005 |
|
26N | No opposition filed |
Effective date: 20120706 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R097 Ref document number: 602008010231 Country of ref document: DE Effective date: 20120706 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: AT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20111005 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: MT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20111005 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: ES Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120116 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: LU Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20111017 |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: PL |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: FI Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20111005 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: LI Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20121031 Ref country code: CH Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20121031 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: TR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20111005 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: HU Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20111005 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: PLFP Year of fee payment: 8 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: PLFP Year of fee payment: 9 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: PLFP Year of fee payment: 10 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: PLFP Year of fee payment: 11 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: GB Payment date: 20230912 Year of fee payment: 16 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: FR Payment date: 20230912 Year of fee payment: 16 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: GR Payment date: 20231019 Year of fee payment: 16 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: IE Payment date: 20231019 Year of fee payment: 16 Ref country code: DE Payment date: 20231026 Year of fee payment: 16 Ref country code: CY Payment date: 20230913 Year of fee payment: 16 |