JP2578021B2 - Secret telephone device - Google Patents

Description

Description: BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a confidential telephone device capable of performing conversation by encrypting voice on a telephone.

[Conventional technology]

As an analog encryption method for directly encrypting a voice signal, a spectrum inversion encryption method (for example, Imamura, Hattori, Kozono: "Effect of speech quality improvement by compander and emphasis in voice spectrum inversion secret story", IEICE (B), J64-B, 5, pp. 425-432 (Showa 56-05)), a method of exchanging the time sequence and frequency of sampled audio (for example, NSJayant, RVCox, BJMcDermott)
and AMQuinn: “Analog scramblers for speech base
d on sequential permutations in time and frquenc
y ", Bell Syst. Tech. J. 62, 1, pp. 25-46 (Jan. 1983)), a method of inverting the polarity of a sampled voice according to a certain rule (for example, see S. Asakawa, F. Sugiyama and
M. Nakamura: “Avoice scrambler for mobil communicat
ion ", IEEE Trans. Veh Technol. 29, 1, pp. 81-86 (Feb. 19
80)). In addition, FFT (Faest Fourier Trans
form: FFT scramble method applying fast Fourier transform (for details, for example, Matsunaga, Okawa, Sakurai, Koga:
"Full-duplex analog confidential device using FFT and its basic operation", IEICE (A), J72-A, 4, pp. 692-702 (Sho 64-0)
4) has been proposed.

Also, in the same way as encrypting the message,
A digital encryption system has been proposed in which an audio signal is encoded and then encrypted.

Currently, as a security measure for digital communications, either the sender or the receiver determines the encryption key and sends the same encryption key to the other party, and then encrypts the data (plaintext) to be sent on the transmission side with the encryption key, and encrypts the encrypted text. The transmitting side and the receiving side use a method in which the cipher text received with the above cipher key is subjected to inverse conversion of the cipher, that is, decryption, and the original plain text is restored. For the encryption algorithm used in these, it is essential to disclose the encryption algorithm in order to perform encrypted communication with an unspecified partner. DES as a typical example of the algorithm public type encryption (for details of the DES algorithm, see, for example, DWDavies and WLPrice
(Translated by Kamizono): "Network Security", Nikkei McGraw-Hill, 1985 pp.55-84), FEAL (For details on the FEAL algorithm, see, for example, Miyaguchi, Shiraishi, Shimizu: "FEAL
-8 Cryptographic Algorithm ", Research Report, Vol. 37, No. 4/5, 1988
pp. 321-372).

Next, the encryption usage format (for details of the encryption usage format, for example,
DWDavies and WLPrice (Translated by Kamizono): "Network Security", Nikkei McGraw-Hill, 1985 pp.85
-102) has the following four formats.

 ECB format (Electronic Codebook mode).

 CBC format (Cipher Block Chaining mode).

 CFB format (Cipher Feedback mode).

 OFB format (Output Feedback mode).

Further, in order to enhance the security of the encrypted communication, a multilayered encryption key is used. (For details on multi-layered encryption keys, see, for example, Tsujii and Kasahara editors: "Cryptography and Information Security," Shokodo,
1990 pp.150-154) For example, in a two-layer system, if the encryption key used to encrypt / decrypt information data for a very short time is the data key (DK), the DK must be delivered to the other party in advance. The DK is encrypted with the encryption key (MK) sent to the other party by some means (for example, direct delivery to the person by registered mail) and transmitted, and the other party decrypts the DK with the MK and both parties use this encryption key as the encryption key. There is a method of performing encrypted communication. Hereinafter, data obtained by encrypting the DK with this MK is referred to as “encrypted DK”.

[Problems to be solved by the invention]

The first three methods of the analog encryption method have drawbacks such as weak encryption strength, difficulty in conversation due to signal processing delay, and deterioration of decrypted sound quality due to encryption. The last method has drawbacks such as difficulty in conversation due to signal processing delay, deterioration of decoded sound quality due to encryption, and time required to switch from normal conversation to encrypted conversation state. In the analog encryption method, even if a callee (voice signal notifying that there is an incoming call from a third party) sent from the network is received, it is received as an incomprehensible noise during an encrypted call, and the ringtone Cannot receive the service during a call because it cannot recognize

Before the ISDN service started, the transmission network was based on analog transmission, and digital transmission required about 20 times the frequency band of analog transmission to transmit the same voice signal, and analog transmission was used. No digital telephone encryption has ever been realized from a cost standpoint. However, as ISDN spreads, it is conceivable to conduct telephone conversations by encrypting them using a digital encryption system. In this case, a stream cipher may be applied in order to increase the cipher strength. However, if the other party does not know the start time of the cipher of the stream cipher, it cannot be decrypted. That is, it is necessary to simultaneously start the operation of the encryptor and the decryptor of the telephones that are in conversation with each other. But,
Since a telephone does not have a protocol such as a transmission control procedure for data communication, a means for notifying the other party of the encryption start time is required. In addition, it is necessary to confirm that the person who answers the other party's phone is the person who wants to talk. Therefore, in a normal (unencrypted) conversation, after confirming the other party, the conversation is switched to the encrypted conversation. At this time, it is necessary to easily synchronize encryption and decryption. If there is an incoming call from a third party (incoming call), the operation of the encryptor and the decryptor of the other party's phone is stopped at the same time, the other party is put on hold, and the third party talks with the third party,
When the call with the third party is completed, it is necessary to call the other party again.

Looking at the IV (initial variable) set in the encryptor / decryptor before starting the encryption / decryption processing, see the detailed description of IV, for example, DWDaviesand WLPrice (Translated by Kamizono: “Network Security”, Nikkei McGraw-Hill) If the value of IV to be set is always constant, unless the encryption key is changed, the beginning of the encrypted message tends to have the same bit pattern every time (especially for telephones). (Since there is no sound at the start of encryption in this case), there is a possibility that the message (speech) can be decrypted from the bit pattern.

SUMMARY OF THE INVENTION It is an object of the present invention to provide a secret telephone device that can easily switch from non-encrypted conversation to phonetic conversation, has a function of transmitting and receiving an encryption key and an initial variable, and can perform encryption with high encryption strength. It is in.

[Means for solving the problem]

According to the secret telephone apparatus of the present invention, an encryptor for encrypting an input signal in a stream cipher format, an encrypted output from the encryptor, and a first selector for switching and transmitting an unencrypted signal An encryption / decryption device for decrypting a received input signal in a stream cipher format, a second selector for switching and receiving a decrypted output of the decryption output device and the received input signal, The selector is assumed to transmit an unencrypted signal, and M first (M is an integer of 2 or more) consecutively transmitted by the signal generated first among the encryption start instruction and the first interrupt signal. A transmission control unit for transmitting an initial variable and an encryption key, then transmitting a second character, and then encrypting and transmitting voice data with the encryptor; and always transmitting the second selector. Acquisition of received input signal When the N first characters (N ≦ M and N is a positive integer) are detected consecutively as the reception input signal, the first character
, And then the first,
A receiving control unit for setting data other than the second character in the initial variable register and the key register, and detecting the output of the encryption / decryption device when the second character is detected.

(Operation)

 With such a configuration, it operates as follows.

-Step 1 The transmitting side The same value (character) is not repeated in the voice data. Therefore, in reverse, by continuously transmitting an arbitrary character (the first character) instead of voice data, the receiver is informed that the data to be transmitted is not voice data. The encryption key to be used and the initial variables for the cryptographic operation are sent.

More specifically, when there is an encryption start instruction, M first characters are continuously transmitted instead of the audio data that has been transmitted, and then data set from outside (the encryption key to be used in the encryption conversation). And initial variables for cryptographic operations).

Receiving side If the first character is continuously received during voice reception of voice data (hereinafter referred to as reception in the case of a character), it is recognized that data other than the first character to be received is not voice data, and other voice data other than the subsequent voice data is recognized. Are used as encryption keys and initial variables for cryptographic operations.

Specifically, the first character is set to N (where N ≦ M)
Until a plurality of consecutive characters are received, the received data is audio data. If N consecutive first characters are received, then the first character or the second character is discarded and the first character is discarded.
If it is data other than the character or the second character, the data (the encryption key and the initial variable transmitted by the transmitting side) are set in the register.

Step 2 Sender The encryption of voice data is started from the data following the second character.

Specifically, one second character is transmitted according to the encryption start instruction, and then the audio data is encrypted and transmitted.

On the receiving side, when the second character is detected, the subsequent data (encrypted audio data) is decoded to be audio data.

〔Example〕

Hereinafter, an embodiment of the present invention will be described with reference to the drawings.

FIG. 1 shows the configuration of an embodiment of a secret telephone apparatus (digital telephone with an encryption function) according to the present invention. This device comprises a main body 1, a handset 2 connected to the main body 1,
A line termination unit (DSU) 3 for connecting to a subscriber line 4 of an Integrated Services Digital Network (ISDN).

In the main unit 1, a microprocessor unit 5 for controlling the entire main unit, a memory unit 6 including a ROM for storing a program to be executed by the microprocessor unit 5 and a RAM for temporarily storing data, and decoding an encrypted audio signal A receiver 8 for outputting a voice signal 20 to the receiver 2r of the handset 2 and a transmitter 9 for transmitting the voice signal 21 from the transmitter 2s of the handset 2 with or without encryption. A layer 3 control unit 10 for controlling the ISDN D channel layer 3 by the processor unit 5 and a key input control unit 12 for controlling each key input of the push button dial 15 and the encryption switch 17 are connected to the internal bus 19. I have. Further
A driver / receiver 13 that performs interface conversion with the DSU 3 and a layer 1 and 2 control unit 14 that controls the layer 1 of the ISDN B channel and the layers 1 and 2 of the D channel are provided. The button dial 15 is used for inputting a telephone number or for inputting an encryption key known only to the parties involved in the call, and an encryption switch 17 is used for instructing the start and decryption of the call contents. Is a toggle switch, and repeats an encryption start instruction and a decryption instruction each time it is pressed.

The B channel signal 22 from the layer 1 and 2 control unit 14 is supplied to the receiving unit 8, the B channel signal 23 from the transmitting unit 9 is supplied to the layer 1 and 2 control unit 14, and the push button dial 15
Is supplied to the key input control unit 12, the encryption request signal 27 of the encryption switch 17 is supplied to the key input control unit 12, the CPU interrupt signal 30 from the receiver 8 is supplied to the microprocessor unit 5, CPU interrupt signal 31 from transmitter 9
Are supplied to the microprocessor unit 5.

FIG. 2 shows the internal configuration of the transmitting section 9 and the receiving section 8 of FIG. The transmission control section 41 controls the entire transmission section 9. IDL register 42, SD register 43, EOC register on internal bus 19
44, KEY register 45, SIV register 46, M register 47, and control register 48 are connected. The IDL register 42 is a first character (hereinafter, this 1-byte character is referred to as "IDL character") by the microprocessor unit 5.
Is set, and the SD register 43 stores the microprocessor unit 5
The transmission IV (initial variable) and signalized DK are set by the microprocessor. The EOC register 44 sets a second character (hereinafter, this one-byte character is referred to as "EOC character") by the microprocessor unit 5, and the KEY register
Reference numeral 45 denotes an encryption key input from the push button dial 15 in FIG. 1 or a data key generated from the encryption DK is set by the microprocessor unit 5, and an SIV register 46 sets a transmission IV by the microprocessor unit 5. , M
The register 47 stores a value indicating the number of consecutive IDL characters transmitted (hereinafter, this value is referred to as “M”) in the microprocessor unit 5.
In the control register 48, an operation instruction to the transmission control unit 41 and the reception control unit 73 is set by the microprocessor unit 5.

The encoder 49 converts the audio signal 21 (analog signal) from the transmitter 2s of the handset 2 in FIG. 1 into a 1-byte (8-bit) digital signal. The conversion of this analog signal into a digital signal is based on CCITT recommendation G.711. The selector 50 is a 1-byte-wide selector, and the transmission control unit 41
The output signal 63 of the encoder 49, the IDL character 56 from the IDL register 42, the data 57 such as the transmission IV or the encryption DK from the SD register 43, and the EOC register 44
And outputs the selected EOC character 58. The encryptor 51 encrypts a 1-byte digital signal in units of 1 byte. An 8-bit feedback of an OFB format which is a stream encryption format is applied to the encryption format.
The selector 52 is a 1-byte-wide selector, and is a transmission control unit.
It is controlled by 41 and selects and outputs one of the output signal 64 of the selector 50 and the output signal 65 of the encryptor 51. The parallel / serial converter 53 converts the 1-byte width parallel data of the output signal 66 of the selector 52 into 1-bit width serial data, and outputs it as the B channel signal 23. Counter 54 is ID
Each time one L character is transmitted, the count value increases by one. Comparator 55 has a calculated output 70 of counter 54 and M register
When the content of the signal 61 coincides with the signal 61, the output 71 is turned on to notify the transmission control unit 41. The encryption key (generally 8 bytes) 59 from the KEY register 45 is composed of the encryptor 51 and the decryptor.
Supplied to 78. From the transmission control unit 41, a signal 72 for controlling the selector 50, a signal 67 for controlling the encryptor 51, a signal 68 for controlling the selector 52, a signal 69 for controlling the counter 54, and an interrupt to the microprocessor unit 5 are generated. CPU interrupt signal 3
1 is output.

The receiving control section 73 controls the entire receiving section 8. The N register 74, the RD register 75, and the RIV register 76 are connected to the internal bus 19. The N register 74 has a value indicating the number of consecutive receptions of IDL characters (hereinafter, this value is referred to as “N”: N ≦ M). The RD register 75 is set by the processor unit 5 and the selector RD register 75 is controlled by the control signal 95 from the reception control unit 73.
The data (receiver IV or encrypted DK, etc.) in the output 89 of the latch 79 is latched, and the RIV register 76 sets the receive IV by the microprocessor unit 5. The serial / parallel converter 77 uses one bit (of the B channel signal 22). The serial data having a width is converted into parallel data having a width of 1 byte.
Is decoded in byte units. The selector 79 is a 1-byte wide selector, which is controlled by the output 92 of the reception control unit 73, and outputs the output signal 87 of the serial / parallel converter 77 and the decryption unit 78.
Output signal 88 is selected and output. The codec 80 converts the digital signal of the output signal 89 (1 byte width) of the selector 79 into an audio signal (analog signal). When the electronic sound generation circuit 81 switches from the normal conversation to the encrypted conversation state, or switches from the encrypted conversation state to the normal conversation, the IDL character, the reception IV, the EOC
In order to prevent a sound other than a voice signal of a character or the like from being received and flowing as an unpleasant sound from the handset 2r of the handset 2, another sound (analog signal) is generated by the electronic sound generation circuit 18 instead of the unpleasant sound. This sound is used to inform the receiver that switching from normal conversation to the encrypted conversation state or switching from the encrypted conversation state to normal conversation is in progress. Doubles as well.

The selector 82 is an analog signal selector, which is controlled by the output 94 of the receiving control unit 73 and the output of the code decoder 80.
90 and an output 91 of the electronic sound generation circuit 81 are selected and output. Comparator 83 is connected to output signal 89 of selector 79 and EOC.
When the content of the output EOC character 58 of the register 44 matches, the output 96 is turned on. The output of the comparator 84 is turned on when the output signal 89 of the selector 79 and the content of the output IDL character 56 of the IDL register 42 match. The counter 85 increases the count value by 1 when the output 97 of the comparator 84 is on, and becomes 0 when the output 97 of the comparator 84 is off. The comparator 86 outputs the count value output 98 of the counter 85 and the output of the N register 74.
When the content of 99 matches, the output 100 is turned on and the reception control unit 73 is notified.

A signal 92 for controlling the encryption decoder 78 and the selector 79 from the reception control unit 73, a signal 94 for controlling the selector 82, a signal 95 for controlling the RD register 75, and a CPU interrupt signal 30 for generating an interrupt to the microprocessor unit 5 Is output.

As described above, if the initial variables of the encryption device 51 and the encryption / decryption device 78 are kept constant, the decryption becomes easy. Therefore, before encrypting the voice and transmitting, the random value generated by the transmitting side
The IV is set as an IV (initial variable) (sending IV), and this IV is set before starting encryption processing on the sending side, and the same IV is transmitted to the receiving side. When the receiver receives the IV (receiver IV), the receiver sets the IV for encryption / decryption processing, and thereafter starts encryption communication in this state.

INDUSTRIAL APPLICABILITY The present invention can be applied to a digital telephone that performs speech communication by encoding voice using an information channel (B channel) of an ISDN basic interface subscriber line. The operation of the present invention will be described below with reference to FIGS. 1, 2 and 3 taking this digital telephone as an example.

The circuit-switched call setup function provided by the ISDN service (for details on the ISDN circuit-switched service and its call setup function, see, for example, Nippon Telegraph and Telephone Corporation: “Technical Reference IN
S-Net Service Interface Volume 3 (Layer 3
Circuit-switching bias), using the Telecommunications Association, 1989), a digital telephone with an encryption function on the transmitting side to which the present invention is applied (hereinafter referred to as "X telephone"), and an encryption function on the receiving side to which the present invention is applied. Digital telephone (hereinafter "Y
In a digital telephone with an encryption function for receiving a call to an X telephone to which the present invention is applied (hereinafter, referred to as a "Z telephone"), the B channel of the X telephone and the B channel of the Y telephone are connected. Explanation will be made from the point of time.

Before encrypting voice and making a call, the person who picked up the handset of the Y telephone should check whether the person who called the X telephone is the person to talk to in order to prevent leakage to a third party. You need to make sure. As a confirmation method, first, it is determined from the conversation content. If the person who picks up the handset of the Y telephone is not the one who wants to talk to the person who calls the X telephone, he or she may hang up at that time. As the next confirmation method, both sides enter the encryption key from the push-button dial of each telephone and press the encryption switch with some means, for example, the encryption key (a combination of numbers known only to the parties) sent in advance by mail. And start an encrypted call.
If the encryption key entered on the Y telephone side is incorrect, communication becomes impossible even if the IV is the same (a meaningless sound is heard from both handsets), and the contents of the call are not leaked to the other party. Also, even if an attempt is made to eavesdrop on an ISDN line or anywhere on the line, eavesdropping is not possible unless the telephone content to which the present invention is applied is decrypted using the same encryption key and IV.

On the other hand, when there is an incoming call from the Z telephone to the X telephone during the encrypted telephone call between the X telephone and the Y telephone (even during the encrypted telephone call, the incoming call is notified from the network via the D channel and can be recognized). First, it is necessary to make an unencrypted call between the X telephone and the Z telephone for the purpose of confirming the other party, as in the case of the previous X telephone and the Y telephone. Is sent, it is necessary to return to a normal unencrypted call between the X telephone and the Y telephone.

As described above, in order to realize the cryptographic communication by the digital telephone with the cryptographic function, it is necessary to start and end the cryptographic communication at an arbitrary time.

Next, the above operation will be described in detail for the transmitting side and the receiving side of the telephone.

Sender The sender has six phases of operation.

In the first operation phase, the input audio signal is transmitted without encryption (hereinafter, referred to as “phase 1”).

The second operation phase includes a process from the microprocessor unit.
In response to the IDL transmission instruction, M IDL characters are transmitted, and the state transitions to phase 3 (hereinafter, referred to as “phase 2”).

In the third operation phase, when there is no data to be transmitted (transmission IV set by the microprocessor unit, encryption DK, etc.) (during underrun), an IDL character is transmitted as a time fill character and transmitted. When there is data, the data is transmitted. (Hereinafter “Phase 3”
Described).

In the fourth operation phase, one EOC character is transmitted according to an encryption start instruction from the microprocessor unit,
Until transition to phase 5 (hereinafter, referred to as “phase 4”).

In the fifth operation phase, the input audio signal is encrypted and transmitted (hereinafter, referred to as “phase 5”).

In the sixth operation phase, in response to a decryption instruction from the microprocessor unit, M encrypted IDL characters are transmitted, and the state transits to phase 1 (hereinafter, referred to as “phase 6”).

Prior to the start of the operation, the microprocessor unit 5 sets an IDL character in the IDL register 42 of the transmitting unit 9, sets an EOC character in the EOC register 44 of the transmitting unit 9 by executing the initial program, and The number M of IDL characters continuously transmitted is set in the M register 47, and the N
The number of consecutive receptions N of IDL characters is set in the register 74, and the control register 48 is instructed to set the transmission control unit 41 and the reception control unit 73 to the initial state.
0, the key input control unit 12 is set in an operable state.

Phase 1 The output 21 (analog signal) of the transmitter 2 s of the handset 2 in FIG. 1 is converted into a 1-byte digital signal by the encoder 49 of the transmitter 9. At this time, the output 72 of the transmission control unit 41 instructs the selector 50 to select the output 63 of the encoder 49, and the output 68 outputs the output of the selector 50 to the selector 52.
Instruct the user to select 64. Therefore, in this phase, a normal (unencrypted) audio signal is transmitted to the output 23 of the transmitting section 9 in FIG. (See 110 in FIG. 3.) Also, if the person who picked up the handset of the Y telephone during the operation of this phase is the other party who wants to talk to the person who called the X telephone, both of them will have the push button dial 15 of each telephone.
For example, after inputting a key #, a key of a specific number is input, and then an encryption key is input.
The microprocessor unit 5 sets the input encryption key in the KEY register 45 of the transmission unit 9. The content set in the KEY register 45 is set as an encryption key in the encryptor 51 and the decryptor 78 (when the encryption key is not multilayered).

-Phase 2 After confirming that both parties have completed the input of the encryption key in phase 1, either one of them or both parties press the encryption switch 17 for instructing to start encryption attached to the telephone. When the cryptographic switch 17 is pressed, the signal 27 is turned on.
And instructs the control register 48 to transmit IDL, and generates a random value based on the timer value and the like,
That is, for example, a value corresponding to the current time of the clock is generated, and this value is set in the SIV register 46 as the transmission IV (hereinafter referred to as “SIV”). S set in SIV register 46
The IV data is set in the encryptor 51 as a transmission IV.

When the other party presses the encryption switch 17 earlier than this side, the receiving control unit 73 of the receiving unit 8 reports to the microprocessor unit 5 that the N consecutive IDL characters have been received by the CPU interrupt signal 30. (Details will be explained on the receiving side). Upon receiving this report, the microprocessor unit 5 performs the same operation as when the encryption switch 17 is pressed, as described above.
At the same time as issuing an IDL transmission instruction, a random value is generated based on the timer value and the like, and this value is set in the SIV register 46 as the transmission IV.

According to an IDL transmission instruction from the microprocessor unit 5,
The transmission control unit 41 instructs the selector 50 to select the output 56 of the IDL register 42 at the output 72, turns on the signal 69, and starts the counter 54. Counter 54 is IDL
Every time one character is transmitted, the count value is incremented by +1. When the count value output 70 reaches the value M set in the M register 47, the output 71 of the comparator 55 is turned on, and the transmission control unit
In response, the CPU 41 reports the completion of the phase 2 to the microprocessor unit 5 by the CPU interrupt signal 31, and shifts to the operation of the phase 3.

Therefore, in this phase, the output 23 of the transmitter 9 in FIG.
M IDL characters are transmitted, and transition to phase 3 is made (see 111 in FIG. 3).

・ Phase 3 1-byte data to be sent next (SIV or encrypted D
If K) is set in the SD register, the transmission control unit 41
Instructs the selector 50 to select the output 57 of the SD register 43 through the signal 72. If data to be transmitted next (such as SIV or encrypted DK) is not set in the SD register 43 (during underrun), the transmission control unit 41
Through the selector 50 to select the output 56 of the IDL register 42. Although not shown, the transmission control unit 41
Thus, the presence / absence of data in the SD register 43 and its transmission can be managed.

Therefore, in this phase, if there is data to be transmitted (data set from the microprocessor unit) at the output 23 of the transmitter 9 in FIG. 1, the data is transmitted (see 112 in FIG. 3) and transmitted. When there is no data to be output (during underrun), an IDL character is transmitted (see FIG. 113). Both SLV and encryption DK are 8 bytes, for example,
These are set in the SD register 43 by the microprocessor unit 5 one byte at a time, and are sequentially transmitted. When the encryption DK is used, the master key MK is held in the microprocessor unit 5, and the data key DK input by operating the dial 15 is used.
Is encrypted by the microprocessor unit 5 with the master key MK to create an encrypted DK, which is set in the SD register 43.

Here, the conditions for using the data code (bit pattern) used in the present invention are as follows.

• The IDL character and EOC character can be any bit pattern, but they must be different.

-The data set in the SD register 43 must be a bit pattern other than IDL characters or EOC characters. However, since the SIV data is generated at random and the data key DK can be arbitrarily dialed, the SIV data and the encrypted DK may match the ID character and the EOC character. Therefore, for example, when transmitting the SIV data and the encrypted DK to the other party, in order to use a bit pattern other than the IDL character or the EOC character, 1-byte data is divided into upper 4 bits and lower 4 bits, and each is as follows. JIS code "0" ~ "9",
The data is represented by 8 bits of each of “A” to “F”, and 1-byte data is changed to 2-byte representation, and the data is sequentially set in the SD register 43 and transmitted. Also, IDL characters or EOC characters use codes other than "0" to "9", "A" to "F".

・ Phase 4 In response to an encryption start instruction from the microprocessor unit 5,
That is, the SIV data and the encrypted DK data are sequentially set from the microprocessor unit 5 to the SD register 43. When the setting of all the data in the SD register 43 is completed, the microprocessor unit 5 is instructed. The transmission control unit 41 instructs the selector 50 to select the output 58 of the EOC register 44 through the signal 72, transmits one EOC character, and transitions to the operation of phase 5.

Therefore, in this phase, the output 23 of the transmitter 9 in FIG.
One EOC character is transmitted (see 114 in FIG. 3).

・ Phase 5 The output 72 of the transmission control unit 41 is transmitted to the selector 50 by the encoder 49.
, An output 67 instructs the encryptor 51 to start encryption, and an output 68 instructs the selector 52 to select the output 65 of the encryptor 51.

Therefore, in this phase, the output key 23 of the transmitting section 9 shown in FIG. 1 has the encryption key set from the push-button dial 15 or the data key obtained by decrypting the encryption DK sent from the other party by the microprocessor section 5 with the master key MK. Using the DK, an encrypted audio signal is transmitted using SIV as an initial variable (internal initial value) (see 115 in FIG. 3).

If there is an incoming call from the Z telephone to the X telephone during this phase operation (the incoming call is notified via the D channel), the layer 3 control unit 10 detects this and notifies the microprocessor unit 5. . The microprocessor unit 5 receives the information such as the caller number from the layer 3 control unit 10 in response to the information and displays the caller number and the like on a display (not shown) to notify that the incoming call has occurred from the Z telephone. . The person calling the X telephone sees this display, confirms the caller number, and presses the encryption switch 17 (encryption end instruction). Crypto switch
When the key 17 is pressed, the key input control unit 12 notifies the microprocessor unit 5 of an encryption end instruction. In response to this, the microprocessor unit 5 instructs the transmission control unit 41 to transition to phase 6.

Phase 6 The output 72 of the transmission control unit 41 instructs the selector 50 to select the output 56 of the IDL register 42, and turns on the signal 69 to start the counter 54. Thus, every time one encrypted IDL character is transmitted, the count value of the counter 54 is incremented by +1. When the value of the count value output 70 of the counter 54 reaches the value M set in the M register 47, the comparator 55 The output 71 is turned on, and the operation transits to the phase 1 operation.

Therefore, in this phase, M encrypted IDL characters are transmitted to the output 23 of the transmitting section 9 in FIG. 1, and the phase shifts to phase 1 (transmission of an unencrypted audio signal) (FIG. 3).
116).

Receiver The receiver has four phases of operation.

In the first operation phase, after the call is set, the received voice signal is output as it is, and N consecutive IDL characters are detected (hereinafter referred to as "phase 1").

In the second operation phase, when an IDL character is detected, the IDL character is abandoned. When an EOC character is detected, a transition is made to phase 3, and when other data (such as SIV or encrypted DK) is detected, output is performed. (Hereinafter referred to as “Phase 2”).

In the third operation phase, the received signal (encrypted voice signal) is decrypted, and N consecutive encrypted IDL characters are detected (hereinafter, referred to as “phase 3”).

The fourth operation phase is performed until the decoded data detects a character other than an IDL character (hereinafter, referred to as “phase 4”).

Phase 1 After the call is set, the output 92 of the reception control unit 73 instructs the selector 79 to select the output signal 89 of the serial / parallel converter 77. Is output, and the output 94 instructs the selector 82 to select the output 90 of the code decoder 80.
Voice from the other party is output to the receiver 2r of the handset 2 in FIG.

After the call is set, the counter 85 is operating, so that the IDL character transmitted before the other party starts to encrypt the voice can be detected at any time. Each time the comparator 84 detects one IDL character, the count value of the counter 85 is incremented by +1.
The output 97 of 4 is turned off and the counter 85 becomes 0). When the value of the count output 98 of the counter 85 reaches the value N set in the N register 74, the output 100 of the comparator 86 is turned on, and the reception control unit 73 receives this and transitions to the operation of phase 2.

Therefore, in this phase, the received voice signal (digital signal) is directly converted to analog and output as the output 20 of the receiver 8 in FIG.
Until an individual is detected (see 120 in FIG. 3).

Phase 2 In phase 2, the output 94 of the reception control unit 73 instructs the selector 82 to select the output 91 of the electronic sound generation circuit 81. Therefore, the electronic sound generation circuit is output from the handset 2r of the handset 2 in FIG. The sound of 81 is played.

When the IDL character is received on the signal 89, the comparator 8
The output 97 of 4 is turned on to notify the reception control unit 73. At this time, the reception control unit 73 does nothing (discards the received IDL character). Further, when the EOC character is received on the signal 89, the output 96 of the comparator 83 is turned on and notifies the reception control unit 73. Receiving control section 73 receives this and makes a transition to the operation of phase 3 (the received EOC character is discarded). If data other than IDL characters and EOC characters (SIV or encrypted DK, etc.) is received on signal 89,
The reception control unit 73 turns on the output 95 and reports that the data has been received to the microprocessor unit 5 by the CPU interrupt signal 30. At this time, the output 95 is turned on, and the data on the signal 89 is latched in the RD register 75.

Therefore, in this phase, if an IDL character is detected, the IDL character is abandoned. If an EOC character is detected, the EOC character is abandoned, and a transition is made to phase 3, and other data (SIV or encrypted DK, etc.) is received. In this case, it is output (see 121 in FIG. 3).

At this time, the microprocessor 5 converts the data expressed in 2 bytes into 1-byte data in the microprocessor unit 5, sets the SIV in the RIV register 76, and encrypts the DK (when the encryption key is multi-layered). Is decrypted by the microprocessor unit 5 using the master key MK, and the data key DK is stored in the KEY register 4.
Set to 5.

Phase 3 The output 92 of the reception control unit 73 instructs the encryption / decryption unit 78 to start the decoding operation of the reception data (encrypted audio signal), and outputs the output 88 of the encryption / decryption unit 78 to the selector 79. Instruct the user to make a selection. The output 94 of the receiving control unit 73 instructs the selector 82 to select the output 90 of the code decoder 80. The decoded voice is the handset 2 in FIG.
Flows from the receiver 2r.

Here, if the same encryption key and IV as the other party are set in the decoder 78, the encrypted audio signal can be completely restored to the original audio, but if either the encryption key or IV is different, The encrypted audio signal cannot be restored to the original audio.

If a third party receives an incoming call during a crypto conversation,
It is necessary to temporarily decrypt the call between the telephone and the other party. For this reason, the other party informs the telephone of a request for decrypting the call (transmits one encrypted EOC character next to the M encrypted IDL characters). At this time, since the counter 85 is operating in the phase 3, the count value of the counter 85 is incremented by +1 each time the comparator 84 detects one IDL character (the signal 89 becomes ID).
If the character is not an L character, the output 97 of the comparator 84 is turned off and the counter 85 becomes 0.) If the value of the output 98 of the counter 85 becomes the value N set in the N register 74, the output 100 of the comparator 86 becomes 100. Is turned on to notify the reception control unit 73. Receiving control section 73 receives this and makes a transition to the operation of phase 4.

Therefore, in this phase, the encrypted voice signal is decoded and output as an analog signal at the output 20 of the receiver 8 shown in FIG. 1, and when N encrypted IDL characters are detected consecutively N times, the phase 4 is output. (122 in FIG. 3)
reference).

Phase 4 In phase 4, the output 94 of the reception control unit 73 instructs the selector 82 to select the output 91 of the electronic sound generation circuit 81. Therefore, the electronic sound generation circuit is output from the handset 2r of the handset 2 in FIG. The sound of 81 is played.

The selector 79 selects the output 88 of the abbreviation decoder 78,
At this time, if a signal other than the IDL character is received on the signal 89, the output 97 of the comparator 84 is turned off and the reception control unit 73 is notified.
The receiving control unit 73 receives this and makes a transition to the operation of phase 1.

Therefore, this phase shifts to phase 1 when the decoded data is other than the IDL character (see 123 in FIG. 3). In other words, the conversation is terminated with the normal party, the normal conversation state is returned by the instruction to terminate the encryption, and the initial state is established when the line is disconnected, while the output of the held electronic sound generation circuit 81 is supplied to the handset 2r in the held telephone. When the hold is released, the state returns to the non-cipher normal conversation enabled state.

〔The invention's effect〕

As understood from the above description, the present invention has the following effects.

Since encryption algorithms such as DES and FEAL and a stream encryption format are used, the encryption strength is high. In addition, there is no time delay in conversation, and the effects of bit errors on the line can be minimized.

Since encryption and decryption are performed using digital signals, there is no deterioration in decrypted sound quality due to encryption.

Since the encryption and decryption processes are performed in units of the output width of the encoder 49 (in the embodiment, in units of 8 bits), the signal processing delay is small. This makes the conversation difficult.

It is possible to automatically transmit an encryption key when an IV (initial variable) and an encryption key are multi-layered before encryption starts. In the above-described embodiment, since another voice is being generated while these are being transmitted, there is no discomfort, and it can be confirmed that this is a stage before switching from the normal conversation to the encrypted conversation state.

The transmitting side automatically transmits a predetermined number of first characters at the start of encryption, and the receiving side generates a bit error on the transmission line because the number of consecutively detected first characters to be received is smaller than the number of transmitted characters. However, this specific character can be easily detected.

Since the decryption on the receiving side may be started after the second character, it is suitable for the stream cipher format.

The encryption end function can use the encryption start function on both the transmitting side and the receiving side, so that the structure can be simplified.

Because of the simple configuration, the hardware scale is small,
It is a range that can be easily integrated into one chip with current LSI technology,
The device can be realized at low cost.

[Brief description of the drawings]

FIG. 1 is a block diagram showing an embodiment of the present invention, FIG. 2 is a block diagram showing an example of the internal configuration of a receiver 8 and a transmitter 9 in FIG. 1, and FIG. 3 is a transmitter and a receiver. FIG. 6 is a transition diagram showing a state of the operation of FIG. DESCRIPTION OF SYMBOLS 1 ... Main body, 2 ... Handset, 3 ... Line terminator, 4 ... ISDN subscriber line, 5 ... Microprocessor section, 6 ... Memory section, 8 ... Receiver section, 9 ... Transmitter section ,Ten
... Layer 3 control unit, 12 ... Key input control unit, 13 ... Driver / receiver, 14 ... Layer 1 and 2 control unit, 15 ... Push button dial, 17 ... Encryption switch, 41 ... Transmission Control unit, 42 ... IDL register, 43 ... SD register, 44 ... E
OC register, 45… KEY register, 46… SIV register,
47 ... M register, 48 ... Control register, 49 ... Encoder, 51 ... Encryptor, 53 ... P / S, 54 ... Counter, 55 ...
... Comparator, 73 ... Reception control unit, 74 ... N register, 75 ...
... RD register, 76 ... RIV register, 77 ... S / P, 78 ...
Codec, 80: Code decoder, 81: Electronic sound generation circuit, 83, 84, 86: Comparator, 85: Counter.

Continuation of the front page (56) References JP-A-54-3402 (JP, A) JP-A-59-74744 (JP, A) JP-A-60-12038 (JP, A) JP-A-61-292436 (JP) JP-A-63-63232 (JP, A) JP-A-63-261933 (JP, A) JP-A-56-143744 (JP, A) JP-A-62-76876 (JP, A) 4-81039 (JP, A) JP-A-4-150339 (JP, A) Journal of the Institute of Electronics, Communication, Vol. 65, No. 8, August 1982, p. 832-834, Akaiwa "Secret Story Technology" (Issued 57-8-25) Ikeno, Koyama "Modern Cryptography Theory" 3rd edition (Hiramoto-5-20) IEICE P. 67-76

Claims (1)

(57) [Claims] An encryptor for encrypting an input signal in units of n bits in a stream encryption format, an encrypted output from the encryptor, and an unencrypted n
A first selector for switching and transmitting a bit code signal, an encryption decoder for decoding a received input signal into an n-bit code signal in a stream cipher format, a decrypted output of the decryptor and the reception input n A second selector for switching and taking in the bit code signal, and always setting the first selector to output an unencrypted signal, and generating the first of an encryption start instruction signal and a first interrupt signal. A first character is continuously transmitted by a signal (M is an integer of 3 or more), an initial variable and an encryption key are transmitted, and then a second character is transmitted. A transmission control unit for encrypting and transmitting the data, and a second selector which normally takes in the received input signal, and continuously receives the first characters as N (N ≦ M and N ≦ M) as the received input signal. Is a positive integer Upon detection, the first interrupt signal is generated. Data other than the first and second characters received thereafter are set in an initial variable register and a key register. When the second character is detected, A telephone control unit for receiving an output of the encryption / decryption device.