JP4084832B1 - Reception device, transmission device, random number seed value acquisition method, and wireless communication system - Google Patents

Abstract

To obtain a seed value in a short time using information assigned to a SACCH (low speed associated control channel).
When an error is detected by a FACCH CRC unit 224, a multiframe synchronization search unit 234 searches for a multiframe synchronization unit from SACCH data blocks stored in a memory 232. The seed value assembling unit 236 cyclically shifts the region before the multi-frame synchronization unit backward from the multi-frame synchronization unit of the SACCH data block stored in the memory 232, and acquires the nonce and the counter code. The nonce error correction decoding unit 242 performs error correction decoding processing on the nonce. The nonce CRC unit 244 performs error detection on the nonce subjected to error correction decoding. When an error is detected by the nonce CRC unit 244, the seed value assembling unit 236 performs error correction decoding processing on the nonce error correction decoding unit 242 based on the value obtained by combining the SACCH data segment of the next frame with the maximum ratio. To do.
[Selection] Figure 5

Description

The present invention relates to a receiving device, a transmitting device, a random number seed value acquisition method, and a wireless communication system , and more particularly, to a receiving device, a transmitting device, a random number seed value acquisition method, and a wireless communication system used in stream encryption communication using a counter mode. .

  As a voice communication method used as a wireless voice communication service, a push-to-talk method called “Press Talk”, which is in a voice transmission state when a transmission button is pressed, is known. Yes. Specifically, in the press talk method, when talking in a group, first, one person presses the call button (press) to talk while talking (talk), and then releases the call button, then another member calls. Talk at the push of a button.

  In this press talk type voice call method, in order to increase confidentiality, a stream encryption method is used which adds (EX-OR) a random number generated using the block cipher counter mode to the voice codec data. It is considered. As a technique using this counter mode, for example, Patent Document 1 is disclosed.

  By the way, a random number generator using the counter mode generates a random number by combining a secret key of a block cipher distributed in advance with a nonce and a counter that is a seed value for generating a random number, and uses this random number. Encrypt or decrypt data.

  In this random number generator, in order to improve confidentiality using a different random number each time, it is necessary to notify a different nonce for each call from the transmission side to the reception side when making a call.

  The nonce is the same within one call, and the counter changes with an arbitrary rule for each frame. This makes it possible to generate different random numbers for each frame from the seed value of the random number.

  FIG. 10 is a diagram illustrating a data series for reporting the nonce and counter transmitted from the transmission side. The data series shown in FIG. 10 is a general frame format sent to the reception side when the call button is pressed on the transmission side, and “SW” arranged at the center of the frame is a sync word (Sync Word). , “TCH-f”, “TCH-b” are TCHs (traffic channels) divided and arranged in the first half (forward) and second half (backward) of the frame, and voice information is assigned, and “FACCH-f”, “FACCH-” “b” is a FACCH (Fast Associated Control Channel) divided and arranged in the first half (forward) and second half (backward) of the frame. In order to transmit the control information at high speed, the TCH is stealed using one frame. “SACCH” is a SACCH (Slow Associated Control Channel), and the control information is the same as that of the TCH. In function channel for transmission to be transmitted using several bits by dividing the control information into a plurality within one frame. Therefore, a multi-frame configuration with a synchronization unit added to indicate the head of the control information is adopted.

  Note that “SW” assigns a different pattern in order to identify whether the functional channel transmitted in the frame is FACCH or TCH. Here, “SW1” represents a pattern indicating FACCH, and “SW2” represents a pattern indicating TCH.

As shown in FIG. 10, conventionally, when the transmitting side makes a call, the transmitted data series is transmitted with a nonce assigned to “FACCH-f” and “FACCH-b” in the first frame. Then, a random number seed value is obtained from the nonce, and decryption is performed using the random number seed value to obtain an audio signal.
JP 2007-13366 A

  However, in the stream cipher communication system using the block cipher counter mode, it is not possible to perform good reception at the start of a call, and if the nonce assigned to the FACCH of the first frame cannot be obtained, the cipher cannot be decrypted. There is a problem that the audio signal is completely annihilated.

  In view of this point, the inventor cannot perform good reception at the start of a call and cannot obtain the nonce assigned to the FACCH of the first frame. By assigning a word), a counter code part (assign a counter code which is a value capable of calculating a counter, details of the counter code will be described later), and receiving a SACCH in which a nonce part (assigning a nonce) is distributed, The present invention has been made to enable the decryption of the encryption and to avoid the problem that the subsequent audio signal is completely destroyed.

  It is not necessary to send a taunter value from the transmission side to the reception side because it is used from the initial value of the counter at the time of FACCH reception, but it is necessary to send the counter on the SACCH because it is received on the SACCH at any timing.

  That is, the transmitting side notifies the receiving side all of the nonce on the FACCH immediately before the call and assumes that the receiving side cannot receive the FACCH. And continuously notify the receiving side using SACCH.

  As a result, even if the receiving side cannot receive the FACCH nonce notified at the start of the call, it uses the SACCH distributed in each transmission frame to obtain a seed value for generating a random number from the nonce and the counter. Then, it is possible to generate a random number using this seed value and a secret key distributed in advance, and to decrypt the received audio signal.

  However, even in this case, if the SACCH multi-frame head cannot be taken, the next multi-frame head is waited for, and there is a new problem that the head-off time becomes long.

  That is, after searching for a multi-frame synchronization unit of SACCH and establishing multi-frame synchronization, it waits until all non-assigned SACCHs with distributed nonces and counters of the next data sequence are received.

  Therefore, even if the line state is recovered from the middle of the multi-frame and SACCH reception can be started, there is a problem that a considerable interruption of speech occurs.

  For example, if each SACCH is 8 bits in one frame, the multiframe length is 24 frames, and the transmission speed is 128 bps, 8 × 24/128 = 1 .. until all SACCH including one nonce and counter are received. Since 5 seconds are required, the head breaks up to about 3 seconds.

The present invention has been made in view of such a point, and in a stream encryption communication system using a block cipher counter mode, even when a call cannot be satisfactorily received at the start of a call and the line state is recovered during the call, the present invention is as much as possible. It is an object of the present invention to provide a receiving device, a transmitting device, a random number seed value acquisition method, and a wireless communication system that can shorten the talk interruption time.

The receiving apparatus of the present invention acquires a nonce from a data sequence transmitted from a communication partner, and uses a counter indicating a frame number, a seed value composed of the nonce, and a secret key shared with the communication partner distributed in advance. A reception apparatus in a stream encryption communication system using a counter mode, which decrypts encrypted data transmitted from the communication partner, and includes a FACCH (Fast Associated Control Channel: Fast Associated Control Channel) with a nonce assigned to the first frame. Control channel), and a SACCH (slow associated control channel: Slow) to which a segment obtained by dividing a message block composed of a multi-frame synchronization unit, a counter, and a nonce is allocated over a plurality of frames following the first frame. Receiving data series with Associated Control Channel) Receiving means, SACCH obtaining means for sequentially obtaining segments allocated to the SACCH of each frame of the received data series, and an area for the length of the message block, and the obtained segments are sequentially written, When the written segment exceeds the message block length, a memory written from the top by a cyclic shift, a multi-frame synchronization unit detecting means for detecting the multi-frame synchronization unit from the segment written to the memory, and the memory Using the segment for the length of the written message block, the detected multi-frame synchronization unit is used as a head, the portion before the multi-frame synchronization unit is cyclically shifted, and the portion after the multi-frame synchronization unit Subsequently arranged to, Cau following said multiframe synchronization unit And a seed value assembling means for assembling a seed value composed of an input and a nonce.

The random number seed value acquisition method of the present invention is used in a reception apparatus having a reception means, a SACCH acquisition means, a memory, a multiframe synchronization unit detection means, and a seed value assembly means, and is transmitted from a communication partner. Acquired from the sequence and used as a seed value together with a counter indicating the frame number together with a secret key shared with the communication partner distributed in advance, and decrypts encrypted data transmitted from the communication partner using the counter mode In the random number seed value acquisition method for acquiring a nonce for the first frame, a FACCH (Fast Associated Control Channel) in which a nonce is assigned to the first frame is arranged in the reception unit, and the first frame A message composed of a multi-frame synchronization unit, a counter and a nonce over a plurality of frames following this frame. A receiving step for receiving the data sequence in which a SACCH (Slow Associated Control Channel) to which a segment obtained by dividing the diblock is allocated is arranged; The segments allocated to the SACCH of the frame are sequentially written in a memory having an area corresponding to the length of the message block. When the segment written in the memory exceeds the message block length, a cyclic shift causes the head to From the SA writing step, the multi-frame synchronization unit detecting means, the multi-frame synchronization unit detecting step for detecting the multi-frame synchronization unit from the segment written in the memory, and the seed value assembling unit, Before being written to memory Using the segment for the length of the message block, the detected multi-frame synchronization unit is cyclically shifted to the head, the part before the multi-frame synchronization unit is cyclically shifted, and the part after the multi-frame synchronization unit is continued. And a seed value assembling step for assembling a seed value composed of a counter and a nonce following the multi-frame synchronization unit.

A transmission apparatus according to the present invention is a transmission apparatus in a stream encryption communication system including the reception apparatus according to claim 1, and is used together with a common secret key distributed in advance when decrypting encrypted data in the reception apparatus. A seed value generating means for generating a seed value consisting of a counter and a nonce, a FACCH arranging means for arranging a FACCH (Fast Associated Control Channel) to which a nonce is assigned in the first frame, SACCH (Slow Associated Control Channel: Slow Associated Control) to which a segment obtained by dividing a block consisting of a multi-frame synchronization unit, a counter code unit as a counter and a nonce unit as a nonce is continuously allocated over a plurality of subsequent frames. Channel) and SACCH placement means And a transmitting means for transmitting a data sequence FACCH and the SACCH is placed, said seed value generating means, a nonce of the seed value, and a unique ID number indicating the own apparatus, from the transmission unit Each time a data series is received at the receiving side, it is generated by arranging a call number that is changed according to an arbitrary rule.

  According to the present invention, in a stream cipher communication system using the block cipher counter mode, even when a call cannot be satisfactorily received at the start of a call and the line state is recovered during the call, the information assigned to the SACCH is used. The seed value can be acquired in a short time, and the head break time can be shortened.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

  A transmitting apparatus and a receiving apparatus in a radio apparatus according to an embodiment of the present invention are secure by a stream encryption method in which a random number is added to audio codec data and transmitted in a press talk type communication system. It provides voice communication services.

1. Operation of Transmitting Device First, the transmitting device in the radio apparatus according to the present embodiment will be described.

  1 includes a speech encoding unit 102, a seed value generation unit 104, a compression conversion unit 151, a secret key storage unit 106, a stream encryption unit 108, a TCH CRC addition unit 110, TCH error correction coding section 112, FACCH CRC addition section 132, FACCH error correction coding section 134, nonce CRC addition section 142, nonce error correction coding section 144, and counter code CRC Addition unit 146, counter code error correction coding unit 148, multiframe synchronization generation unit 150, SACCH configuration unit 152, SW generation unit 160, frame assembly unit 162, modulation unit 164, and radio unit 166 And an antenna 168. The stream encryption unit 108 includes a block encryption module 122 and an addition unit 124.

  The audio encoding unit 102 encodes the input audio signal, adds a CRC (Cyclic Redundancy Check) by the TCH CRC adding unit 110, and outputs the encoded data to the adding unit 124 of the stream encryption unit 108. .

  As shown in FIG. 2, the seed value generation unit 104 stores a seed value composed of a nonce and a counter in an internal memory, and stores the counter from the initial value (U0) for the number of times required for the data length to be transmitted. Increment by one and give to the block cipher module 122. For example, when the random number (N1 bit) output from the block cipher module is used only for the number of bits of TCH (N2 bits, the number of bits before error correction coding) (when N1 ≧ N2), the block cipher module has one frame It will be incremented every time. Hereinafter, for the sake of brevity, the block cipher module is described as being incremented for each frame.

  The nonce that is part of the seed value is notified in plain text. The nonce must avoid duplicate use while the same secret key is used in the same system. Therefore, the nonce is composed of a unique ID number for each transmitting station and a transmitting station call number (a value that is reset after setting or updating a secret key and incremented each time a press talk is performed). .

  The counter is incremented in both the transmitting device and the receiving device during the press talk period in order to generate different random numbers every frame in the counter mode. The initial value of the counter at the time of transmission may be arbitrarily defined, for example, defined as all 0. Note that this counter does not need to be generated by incrementing as long as it is a value that does not overlap during one call, and may be the same rule for both the transmitting device and the receiving device.

  Then, the seed value generation unit 104 outputs the seed value to the block cipher module 122, outputs a nonce to the FACCH CRC adding unit 132 and the nonce CRC adding unit 142, and compresses the counter by the compression conversion unit 151. , Output to the counter code CRC adding unit 146.

  Since the counter may change according to an arbitrary rule for each frame, it is not necessary to send the counter itself from the transmission side to the reception side. Instead, the compression conversion unit 151 performs compression, and a counter code that is a value that can calculate the counter is used instead. can do. For example, if the length of a multiframe is 24 frames, and the counter value of the last frame of each multiframe is U1, it can be expressed as U1 = 24 × U2 + U0, and therefore U2 is a counter code CRC. The data is output to the adding unit 146. However, U0 is the initial value.

  Note that the nonce is updated by the FACCH before the value of the counter code U2 exceeds the display capacity of the counter. As a result, the subsequent SACCH counter is also reset, so that a secure call can be continued even if there is a long press talk call.

  The secret key storage unit 106 is distributed in advance and stores a secret key shared with the receiving apparatus 200 (see FIG. 5). This secret key is used when the block cipher module 122 generates a random number.

  The stream encryption unit 108 encrypts the encoded data output from the TCH CRC adding unit 110. When the communication is started by the press talk, the block cipher module 122 transmits the voice data to be transmitted by combining the seed value output from the seed value generation unit 104 and the secret key K stored in the secret key storage unit 106 in advance. A random number having a length corresponding to the number of frames is generated and output to the adding unit 124. The adding unit 124 encrypts the encoded data output from the TCH CRC adding unit 110 by adding a random number generated by the block cipher module 122 (EX-OR), and encrypts the encrypted data (hereinafter, “encoded data”). , “Encrypted data”) is output to the TCH error correction encoding unit 112.

  The TCH error correction encoding unit 112 performs error correction encoding on the output data of the stream encryption unit 108 and outputs the result to the frame assembly unit 162. The encrypted data output from the TCH error correction encoding unit 112 is assigned to the TCH.

  The FACCH CRC adding unit 132 adds a CRC code to the input nonce and outputs the added nonce to the FACCH error correction encoding unit 134. The FACCH error correction coding unit 134 performs error correction coding on the output data of the FACCH CRC adding unit 132 and outputs the data to the frame assembly unit 162. The nonce output from the FACCH error correction encoding unit 134 is assigned to the FACCH.

  The nonce CRC adding unit 142 adds a CRC code to the input nonce and outputs the added nonce to the nonce error correction encoding unit 144. The nonce error correction encoding unit 144 performs error correction encoding on the output data of the nonce CRC adding unit 142, and outputs the obtained nonce to the SACCH configuration unit 152.

  The counter code CRC adding unit 146 adds a CRC code to the counter code compressed by the compression conversion unit 151 and outputs the CRC code to the counter code error correction encoding unit 148. The counter code error correction coding unit 148 performs error correction coding on the output data of the counter code CRC adding unit 146 and outputs the obtained counter code to the SACCH configuration unit 152.

  Multiframe synchronization generation section 150 generates a multiframe synchronization word for establishing SACCH multiframe synchronization in receiving apparatus 200 (see FIG. 5), and outputs the generated synchronization word to SACCH configuration section 152.

  The multi-frame synchronization word output from the multi-frame synchronization generation unit 150, the counter code output from the counter code error correction encoding unit 148, and the SACCH configuration unit 152 are output from the nonce error correction encoding unit 144. A nonce is used to configure a data block (hereinafter referred to as a SACCH data block) allocated to the SACCH. Details of the SACCH data block will be described later.

  The SW generation unit 160 generates a synchronization word for establishing frame synchronization in the receiving apparatus 200 (see FIG. 5), and outputs the synchronization word to the frame assembly unit 162.

  The frame assembly unit 162 includes the encrypted data output from the TCH error correction encoding unit 112, the nonce output from the FACCH error correction encoding unit 134, the SACCH data block output from the SACCH configuration unit 152, and the SW Using the synchronization word output from generation section 160, a frame of a data sequence to be transmitted is assembled, and the framed data sequence is output to modulation section 164. The details of the frame assembled by the frame assembly unit 162 will be described later.

  Modulation section 164 modulates the data sequence output from frame assembly section 162 and outputs the result to radio section 166. The radio unit 166 performs radio processing such as digital-analog conversion processing and up-conversion on the output signal of the modulation unit 164, and transmits a radio frequency signal to the receiving apparatus 200 via the antenna.

  Note that the transmission of the data series is performed by the transmitting apparatus 100 according to the press talk type communication form, and is transmitted from the 0th frame following the preamble immediately before the call, that is, immediately after pressing the press talk button.

2. Configuration of SACCH Next, details of the SACCH data block will be described with reference to FIG. FIG. 3 is a diagram illustrating an example of a SACCH data block configured by the SACCH configuration unit 152.

  As shown in FIG. 3, the SACCH configuration unit 152 arranges the multiframe synchronization word output from the multiframe synchronization generation unit 150 at the head of the SACCH data block (multiframe synchronization unit), and performs error correction code for counter code. The counter code output from the encoding unit 148 is arranged next to the multiframe synchronization unit (counter code unit), and the nonce output from the nonce error correction encoding unit 144 is arranged next to the counter code unit (nonce part). To do.

  FIG. 3 shows a case where one SACCH data block is 192 bits (multiframe synchronization unit 24 bits, counter code unit 24 bits, nonce unit 144 bits). The configuration content of the counter code part 24 bits includes, for example, the encoding method of the counter code part using a convolutional code of R = 1/2, a constraint length of 5, a tail bit of 4, and an information point of 8 corresponding to time point information. A bit. In addition, for example, the nonce part 144 bits are structured such that the encoding method of the nonce part uses a convolutional code of R = 1/2, a constraint length of 7, a tail bit of 6, an information point of 66 bits (including 10 bits). Is a CRC code, and the other 56 bits have a type of 8 bits, a unique ID number of 24 bits for each transmitting station, and a transmitting station call number of 24 bits).

  The counter code part is incremented and output for each frame from the seed value generation part 104, and is compressed by the compression conversion part 151. Therefore, the counter code part has a different pattern for each multiframe. On the other hand, the multiframe synchronization part and the nonce part of each SACCH data block have the same pattern in all multiframes.

  Here, the SACCH data block is divided into segments of predetermined bits (8 bits in FIG. 3) corresponding to the SACCH (hereinafter referred to as “SACCH data segments”) in the frame assembling unit 162, and a predetermined number N of SACCH data segments are obtained. It is distributed and inserted into “SACCH” of the frame (N = 24 in FIG. 3).

3. Frame Format Next, details of the frame assembled by the frame assembly unit 162 will be described with reference to FIG. FIG. 4 is a diagram illustrating an example of a frame assembled by the frame assembly unit 162.

  In FIG. 4, “SW” indicates a synchronization word, “FACCH-f” and “FACCH-b” indicate FACCH, and “TCH-f” and “TCH-b” indicate TCH. In the data sequence shown in FIG. 4, since the TCH is not arranged in the first frame following the preamble part, it is referred to as the 0th frame for convenience, and thereafter, the 1st frame, the 2nd frame,..., The Nth frame. , ... and so on. Note that the SW enables the receiving apparatus 200 to identify whether the functional channel in the arranged frame is FACCH or TCH. Here, “SW1” indicates FACCH, and “SW2” indicates TCH. The above is the same as FIG.

  The frame assembling unit 162 arranges SW and SACCH side by side for each frame, arranges FACCH in the case of the 0th frame on both sides of the SW + SACCH, and arranges TCH in the frames after the first frame. To do.

  Since SACCH is used when FACCH cannot be received due to fading fluctuation or the like, SACCH in the 0th frame is an unused control channel. A filler pattern (such as all 0) is assigned to an unused control channel. In addition, depending on conditions, the number of frames of control channels not using SACCH can be varied on the assumption that a section in which FACCH cannot be received due to fading fluctuation or the like does not end with one frame. Hereinafter, the variable number is described as 1.

  That is, the frame assembling unit 162 divides the nonce output from the FACCH error correction encoding unit 134 into two and inserts them into “FACCH-f” and “FACCH-b” of the 0th frame.

  Also, the frame assembling unit 162 divides the encrypted data output from the TCH error correction encoding unit 112 and inserts it into “TCH-f” and “TCH-b” in the first and subsequent frames.

  In addition, the frame assembling unit 162 divides the SACCH data block output from the SACCH configuration unit 152 and inserts the SACCH data segment into “SACCH” in the first frame and thereafter.

4). Operation of Receiving Device Next, the receiving device in the radio apparatus according to the present embodiment will be described. FIG. 5 is a block diagram showing a configuration of a receiving apparatus in the radio apparatus according to the present embodiment.

(1) Configuration of Receiving Device The receiving device 200 includes an antenna 202, a radio unit 204, a demodulation unit 206, a frame synchronization detection unit 208, a functional channel decomposition unit 210, a TCH error correction decoding unit 212, and a TCH. CRC section 214, FACCH error correction decoding section 222, FACCH CRC section 224, memory 232, multiframe synchronization search section 234, seed value assembly section 236, nonce error correction decoding section 242, Nonce CRC unit 244, counter code error correction decoding unit 252, counter code CRC unit 254, seed value acquisition unit 260, decompression conversion unit 261, secret key storage unit 262, stream decoding unit 264, A voice decoding unit 266. The stream decryption unit 264 includes a block cipher module 272 and an addition unit 274.

(2) Operation of receiving apparatus (antenna to functional channel decomposition unit, TCH reception, FACCH reception)
Radio section 204 performs radio processing such as down-conversion and analog-digital conversion processing on the signal received via antenna 202 and outputs the result to demodulation section 206. Demodulation section 206 demodulates the baseband frequency signal output from radio section 204 and outputs the demodulated signal to frame synchronization detection section 208 and functional channel decomposition section 210.

  The frame synchronization detection unit 208 obtains the synchronization timing of each frame by detecting “SW” arranged in each frame of the data series output from the demodulation unit 206, and sends a control signal indicating the synchronization timing to the functional channel. The data is output to the decomposition unit 210.

  Based on the synchronization timing information output from the frame synchronization detection unit 208, the function channel decomposition unit 210 converts the data series output from the demodulation unit 206 into function channels “FACCH”, “SACCH”, and “TCH”. Decompose, extract the nonce inserted in the FACCH of the 0th frame and output it to the FACCH error correction decoding unit 222, extract the encrypted data inserted in the TCH of the first frame and thereafter, and extract the error for TCH The SACCH data segment output to the correction decoding unit 212 and inserted in the SACCH after the first frame is extracted and written in the memory 232.

  The TCH error correction decoding unit 212 performs error correction decoding processing on the encrypted data output from the functional channel decomposition unit 210 and outputs the result to the stream decoding unit 264.

  The stream decoding unit 264 is configured in the same manner as the stream encryption unit 108 of the transmission apparatus 100, decodes the encrypted data output from the TCH error correction decoding unit 212, and outputs the decrypted data to the TCH CRC unit 214. The block cipher module 272 generates a random number corresponding to the audio data length to be transmitted by adding the seed value output from the seed value acquisition unit 260 and the secret key K stored in the secret key storage unit 262 in advance. Output to the unit 274. The adding unit 274 decodes the encrypted data output from the TCH error correction decoding unit 212 by adding a random number generated by the block cipher module 272 (EX-OR), and the TCH CRC unit 214. Output to.

  The FACCH error correction decoding unit 222 performs error correction decoding processing on the nonce output from the functional channel decomposition unit 210 and outputs the result to the FACCH CRC unit 224. The FACCH CRC unit 224 performs error detection using a CRC code on the data output from the FACCH error correction decoding unit 222. If no error is detected, the nonce is output to the seed value acquisition unit 260. If detected, in order to obtain a nonce from the SACCH, a control signal indicating a search operation instruction is output to the multiframe synchronization search unit 234.

(3) Memory unit (function when receiving SACCH)
The memory 232 has an area equal to or larger than an integral multiple of the SACCH data block length, and the SACCH data segments are sequentially written by the functional channel decomposition unit 210. In this embodiment, the case where the integer value is 1 is described. Note that when the number of SACCH data segments written by the functional channel decomposing unit 210 exceeds the memory area as time passes, it is cyclically shifted and written again from the beginning of the area of the memory 232.

  In addition, even when the “SACCH” write executed by the functional channel decomposing unit 210 to the memory 232 is synchronously detected by the multi-frame synchronization search unit 234, until the writing to the entire area is completed, that is, the SACCH data block Continue until long.

  When receiving a control signal from the FACCH CRC unit 224, the multiframe synchronization search unit 234 searches for a multiframe synchronization unit from the SACCH data blocks written in the memory 232. Then, when detecting the multiframe synchronization unit, the multiframe synchronization search unit 234 notifies the seed value assembling unit 236 of information indicating the position of the multiframe synchronization unit.

(4) SACCH Assembly and Maximum Ratio Combining Time Diversity The seed value assembling unit 236 reads the SACCH data block from the memory 232 and performs multiframe synchronization with the multiframe synchronization unit detected by the multiframe synchronization search unit 234 as the head. The previous area is cyclically shifted backward to obtain the nonce and counter code. Since the SACCH data blocks are arranged in the order of the counter code part and the nonce part after the multi-frame synchronization part, and the sizes of the counter code part and the nonce part are set in advance, the seed value assembling part 236 And a counter code can be obtained. Then, the seed value assembling unit 236 outputs a nonce to the nonce error correction decoding unit 242 and outputs a counter code to the counter code error correction decoding unit 252.

  Further, when the seed value assembling unit 236 receives CRC error information indicating that an error has been detected from the nonce CRC unit 244, multiframe synchronization is maintained for the nonce error correction decoding unit 242. In this case, the error correction decoding process is performed based on the maximum ratio combined value with the multi-frame SACCH data segment received next.

  When the seed value assembling unit 236 receives CRC error information indicating that an error exists from the counter code CRC unit 254, the seed value assembling unit 236 sends the received multiframe to the counter code error correction decoding unit 252. An error correction decoding process is performed on the counter code of the SACCH data block.

(5) Error Correction and Error Check The nonce error correction decoding unit 242 performs error correction decoding processing on the input nonce, and outputs the nonce to the nonce CRC unit 244. The nonce CRC unit 244 performs error detection on the nonce output from the nonce error correction decoding unit 242 using a CRC code. If no error is detected, the nonce CRC unit 244 outputs the nonce to the seed value acquisition unit 260. If an error is detected, CRC error information indicating that is output to the seed value assembling unit 236, and the nonce is discarded.

  The counter code error correction decoding unit 252 performs error correction decoding processing on the input counter code, and outputs the counter code to the counter code CRC unit 254. The counter code CRC unit 254 performs error detection on the counter code output from the counter code error correction decoding unit 252 using a CRC code, and if no error is detected, the compression conversion unit of the transmission device 100 The counter code compressed in 151 is decompressed by the decompression conversion unit 261 to form a counter.

  On the other hand, if an error is detected, CRC error information indicating that fact is output to the seed value assembling unit 236, and the counter code is discarded.

(6) Seed Value Acquisition Unit The seed value acquisition unit 260 has the same function as that of the seed value generation unit 104 of the transmission device 100, and sends the nonce acquired from the FACCH or SACCH and the counter at that time to the stream decoding unit 264. Output.

  The seed value acquisition unit 260 combines the nonce output from the FACCH CRC unit 224 with the initial value of the counter, or the nonce output from the nonce CRC unit 244 and the counter output from the expansion conversion unit 261. The seed value is acquired by combining, and the seed value is output to the stream decoding unit 264. Thereafter, the counter that is the time point information is incremented for each frame.

  The secret key storage unit 262 is distributed in advance and stores a secret key shared with the transmission apparatus 100 (see FIG. 1). This secret key is used when the block cipher module 272 generates a random number.

(7) Decryption The TCH error correction decoding unit 212 performs error correction decoding processing on the encrypted data output from the functional channel decomposition unit 210 for each frame and outputs the encrypted data to the stream decoding unit 264. The block cipher module 272 in the stream decryption unit 264 generates a random number using the nonce and counter given for each frame from the seed value acquisition unit 260, and the random number and the data subjected to error correction decryption processing by the adder 274 Are added (EX-OR) and output to the CRC unit 214 for TCH.

  The TCH CRC unit 214 performs error detection using the CRC code on the encrypted data output from the stream decoding unit 264. If no error is detected, the TCH CRC unit 214 outputs the encrypted data to the audio decoding unit 266. If an error is detected, the encrypted / decrypted data is discarded.

  The audio decoding unit 266 decodes the encoded data output from the TCH CRC unit 214 and outputs an audio signal. When the encoded data is discarded, processing such as waveform interpolation is performed.

(8) Summary In the reception device configured as described above, when communicating with the transmission device, the same secret key owned by each, and a nonce and a counter acquired from the data sequence transmitted by the transmission device are used. Communication with the communication device is performed using stream encryption.

  In the receiving apparatus, when the nonce cannot be acquired from the FACCH arranged in the 0th frame of the data sequence to be transmitted, the nonce and the counter are acquired using the low-speed SACCH after the first frame.

5. Method for Obtaining Nonce and Counter Next, the operation for obtaining the nonce part and the counter code part in the seed value assembly part 236 will be described with reference to FIG. In FIG. 6, it is assumed that the SACCH data segment written to the head of the memory 232 by the functional channel decomposition unit 210 at the time when frame synchronization is acquired is an intermediate part of the SACCH data block.

  As shown in FIG. 6, after the frame synchronization is established, the multi-frame synchronization search unit 234 receives the SACCH data segment corresponding to the SACCH data block length written in the memory 232 by the functional channel decomposition unit 210 (SACCH reception in FIG. 6). ) Is searched for a multiframe synchronization unit (multiframe synchronization detection in FIG. 6).

  When the multi-frame synchronization unit is detected, the seed value assembling unit 236 retrieves the SACCH data segment written therein from the memory 232, cyclically shifts and rearranges the multi-frame synchronization unit so that the multi-frame synchronization unit comes first, and the SACCH Assemble the data block.

  Since the SACCH data block is arranged in the order of the counter code part and the nonce part in the order of the multi-frame synchronization part, the seed value assembling part 236 starts with the detected multi-frame synchronization part as the head. A SACCH data block can be assembled by moving the SACCH data segment Nb before the multi-frame synchronization section in FIG. 5 after the SACCH data segment Nf following the portion corresponding to the counter code section.

  The seed value assembling unit 236 extracts the counter code inserted into the counter code unit and the nonce inserted into the nonce unit (Nf + Nb in FIG. 6), and the nonce error correction decoding unit 242 and the counter code error correction decoding To the unit 252.

  The counter code and the nonce are separately subjected to error correction decoding processing in the nonce error correction decoding unit 242 and the counter code error correction decoding unit 252, respectively. The counter code obtained here is expanded and converted into a counter by the expansion conversion unit 261 together with the Nb output from the seed value assembling unit 236.

  For example, when the length of the multiframe is 24 frames and the number of bits of the SACCH data segment is 8 bits, the current counter value U1 can be calculated as U1 = 24 × U2 + U0−Nb / 8. That is, the expansion conversion unit 261 multiplies U2 that is a counter code by 24, adds the initial value U0, subtracts Nb / 8, and outputs the result to the seed value acquisition unit 260.

6). Next, the operation of acquiring the nonce and counter of the seed value from the SACCH in the receiving apparatus in the radio apparatus according to the present embodiment will be described in detail with reference to the flowchart.

  7 and 8 are flowcharts for explaining random number seed value acquisition processing in the receiving apparatus in the radio apparatus according to the present embodiment.

  Here, the SACCH allocated in each frame of the received data sequence is 8 bits, and in the data sequence including the seed value, the multiframe synchronization unit is 24 bits, the counter code portion is 24 bits, and the nonce portion is 144 bits. .

  When the receiving device receives a signal sent from the transmitting device via a wireless line, as shown in FIG. 7, in step S1, the frame synchronization detecting unit 208 outputs a signal (demodulated) from the demodulating unit 206. The synchronization word is searched from among the symbols), and if the synchronization word is acquired, the process proceeds to step S2.

  When the synchronization word is acquired from the demodulated symbols, in step S2, the functional channel decomposition unit 210 determines whether the received frame is FACCH or TCH. Specifically, in step S2, the functional channel decomposing unit 210 indicates that the synchronization word of the synchronized frame is “SW1” indicating the 0th frame, or “SW2” indicating the frames after the first frame to which the audio information is assigned. Is determined.

  If “SW1” in step S2, it is determined that the frame is the 0th frame, and the process proceeds to step S3. If “SW2”, it is determined that the frame is the first frame or later including the TCH, and the process proceeds to step S4. Transition.

  In step S3, FACCH reception processing is performed. That is, in step S 3, FACCH error correction decoding section 222 performs error correction decoding processing on the FACCH nonce input from functional channel decomposition section 210, and outputs the result to FACCH CRC section 224. If no error is detected in the FACCH CRC unit 224, the nonce is output from the FACCH CRC unit 224 to the seed value acquisition unit 260, and then the process proceeds to step 4.

  In the above case, since the seed value has been acquired, the process can be terminated without proceeding to step 4, but there may be an oversight error in the FACCH CRC unit 224, so the process proceeds to step 4. It is preferable to continue the processing.

  On the other hand, if an error is detected in the FACCH CRC unit 224, a signal indicating a search operation instruction is output from the FACCH CRC unit 224 to the multiframe synchronization search unit 234, and the process proceeds to step S4.

  In step S4, writing of the SACCH data segment to the memory 232 (SACCH collection process) is started.

  In step S5, the detection number i of the multi-frame synchronization unit is reset (i = 0) and the process proceeds to step S6. In step S6, the reception frame number x is reset (x = 0) and the process proceeds to step S7. . i is used to count the number of detected multiframe synchronization units. That is, a plurality of candidates may be found in detecting the multiframe synchronization unit, and i is the number of candidates.

  In step S7 shown in FIG. 8, it is determined whether or not the SACCH is being collected, that is, whether or not the press talk call is continued. If the call is continued, the process proceeds to step S8, and the press talk is performed. When finished and there are no more SACCH data segments to be written to memory 232, the process ends.

  In step S8, a process of writing the SACCH data segment to the designated address in the memory is performed, and the process proceeds to step S9.

  In the present embodiment, the SACCH data segment is 8 bits, and is distributed to all 24 frames from the first frame except for the unused 0th frame. In step S8, the memory address (x Write SACCH1Byte to mod24).

  FIG. 9 is a diagram for explaining the memory 232 of the reception device in the wireless device according to the embodiment of the present invention. As shown in FIG. 9, in the memory 232, 1 byte is written in each of addresses 0 to 23.

  In step S9, the received frame number x ≧ 2 is determined. If the received frame number x is smaller than 2, the process proceeds to step S10. If x is 2 or more, the process proceeds to step S11.

  Specifically, in step S9, it is determined whether or not the size of the SACCH data segment to be searched is smaller than the size of the multiframe synchronization unit. If the size of the SACCH data segment is smaller than that of the multi-frame synchronization unit, the multi-frame synchronization unit search cannot be performed, and the process proceeds to step S10 to acquire the SACCH data segment of the next frame. Here, since the SACCH data segment is 8 bits and the multiframe synchronization unit is 24 bits, 2 is set as the threshold value.

  In step S10, the received frame number x is incremented (x = x + 1), the process proceeds to step S7, and the process is continued for the next frame.

  In step S11, using the acquired address (memory contents of x mod 24, x-1 mod 24, x-2 mod 24), it is determined whether or not it is a multi-frame synchronization unit. The process moves to S10, and if it is a multi-frame synchronization unit, the process moves to Step S12.

  In step S12, (x-2) mod 24 is added to the array variable of F [i] written in the memory, i is incremented (i = i + 1), and the process proceeds to step S13. That is, F [i] contains the start address of the i-th multi-frame synchronization word candidate.

  In step S13, whether or not the multi-frame in the data sequence has been completed (whether all the received frames in the data sequence have been searched for by the multi-frame synchronization unit) (here, since the data sequence is composed of 24 frames, x ≧ 23) is determined. If it is determined in step S13 that there is a round, that is, if x ≧ 23, the process proceeds to step S14, and if it is not complete, that is, if x is smaller than 23, the process proceeds to step S10.

  In step S14, the variable j is reset (j = 0), and the process proceeds to step S15. In step S15, the array of F [j] is the head of the multi-frame synchronization unit, F [j] +3 to F [j] +5 is the counter code portion, and F [j] +6 to F [j] +23 is the nonce portion. Decoding and error correction are performed, and the process proceeds to step S16.

  In step S16, it is determined whether or not each CRC of the counter code part and the nonce part is OK, that is, whether or not there is an error in the CRC code.

  If the CRC is OK in step S16, that is, if there is no error, the process proceeds to step S17, and if there is an error, the process proceeds to step S18.

  In step S <b> 17, the counter code is extended and converted into a counter by the extension conversion unit 261, and the counter is output to the seed value acquisition unit 260.

  If the CRC is not OK in step S16, j is incremented (j = j + 1) in step S18 to correct the error of the next candidate. In step S19, it is determined whether j <i. That is, the presence or absence of the number of candidates is determined.

  If j <i in step S19, the process proceeds to step S15. If j ≧ i, the process proceeds to step S20. Specifically, in step S19, if j does not exceed the number of detected multiframe synchronization units, a process of reassembling the data series including the seed value is performed using the SACCH (corresponding to the address) written in the memory. .

  If j <i is not satisfied in step S19, that is, if j = i, there are no candidates, and the process proceeds to step S20. In step S20, array variables F [i] and F [j] are cleared, and the number i detected by the multiframe synchronization unit is reset (i = 0), and the process proceeds to step S10.

  Thereafter, when the multi-frame synchronization unit is sequentially detected in step S11, error correction is performed in step S15 to determine whether the CRC is OK. That is, after acquiring 24 or more SACCH data segments, step S9 is always YES, step S13 is always YES, and step S19 is always NO.

  The flow diagram describes the case where the maximum ratio combining is not performed, but the maximum ratio combining can be applied when multiframe synchronization is established.

7). Effect 7.1 Effect 1 (Effect of “notification of random number seed value by SACCH”)
According to the present embodiment, even if the FACCH of the first frame cannot be received, the nonce can be acquired with the SACCH of the subsequent frame, and the passage of time can be known by the counter, so that the stream cipher can be decrypted.

7.2 Effect 2 (Effect by setting “number of unused SACCH frames”)
Even in an environment where a section in which FACCH cannot be received due to fading fluctuation or the like does not end with one frame, the number of unused SACCH frames can be varied, so that the SACCH multiframe synchronization unit can be searched more reliably. Become.

7.3 Effect 3 (Efficient reception using "cyclic shift")
Even if the transmitted signal starts to be received in the middle, the counter and nonce can be acquired if only one multiframe is received, so that the talk head interruption time can be shortened as much as possible.

7.4 Effect 4 (Efficient reception by “synthesis”)
By synthesizing the demodulated symbols at the maximum ratio for the nonce in which the same pattern is repeated for each multiframe, the counter and the nonce can be acquired relatively early even when the line state is unstable.

7.5 Effect 5 (Effect of “Generating Nonce without Duplication”)
The seed value can be set so as not to overlap with other transmitting stations, and can be set to a different value for each call even in the same transmitting station.

8). Summary As above, one embodiment of the present invention has been described. The radio apparatus according to the present invention is not limited to the above embodiment, and can be implemented with various modifications.

  The radio apparatus according to the present invention can be mounted on a mobile station apparatus and a base station apparatus in an SCPC (Single Channel per Carrier) type radio system or a cellular system.

  Here, the case where the present invention is configured by hardware has been described as an example, but the present invention can also be realized by software. For example, an algorithm of the random number seed value acquisition method according to the present invention is described in a program language, and this program is stored in a memory and executed by an information processing means, so that the same function as that of the wireless device according to the present invention is achieved. Can be realized.

  In the stream cipher communication system using the block cipher counter mode, the receiving device, the transmitting device, and the random number seed value acquisition method according to the present invention cannot receive well at the start of a call, and the line state is recovered during the call. However, it has the effect of shortening the talk interruption time as much as possible, and is useful as a push-to-talk or the like used in an audio communication system or video distribution system that transmits and receives encrypted data in real time.

The block diagram which shows the structure of the transmitter which is a communicating party of the receiver in the radio | wireless apparatus which concerns on this Embodiment Diagram showing seed value configuration The figure which shows an example of the SACCH data block comprised in a SACCH structure part The figure which shows an example of the flame | frame assembled by the flame | frame assembly part FIG. 3 is a block diagram illustrating a configuration of a receiving device in the wireless device according to the present embodiment Diagram for explaining operation of obtaining nonce and counter code in seed value assembly unit Flow chart for explaining random number seed value acquisition processing in the receiving apparatus in the radio apparatus according to the present embodiment Flow chart for explaining random number seed value acquisition processing in the receiving apparatus in the radio apparatus according to the present embodiment The figure which uses for description of the memory of the receiver in the radio | wireless apparatus which concerns on one embodiment of this invention The figure which shows the data series which notifies the nonce transmitted from the conventional transmission side

Explanation of symbols

DESCRIPTION OF SYMBOLS 100 Transmission apparatus 200 Reception apparatus 204 Radio | wireless part 208 Frame synchronous detection part 210 Functional channel decomposition | disassembly part 232 Memory 234 Multi-frame synchronous search part 236 Seed value assembly part 242 Nonce error correction decoding part 244 Nonce CRC part 260 Seed value acquisition part

Claims (9)

A nonce is obtained from a data series transmitted from a communication partner, and transmitted from the communication partner using a counter indicating a frame number and a seed value including the nonce and a secret key shared with the communication partner distributed in advance. Receiving apparatus in a stream encryption communication system using a counter mode,
A FACCH (Fast Associated Control Channel) in which a nonce is assigned to the first frame is disposed, and a multiframe synchronization unit, a counter, and a counter are continuously provided over a plurality of frames following the first frame. Receiving means for receiving a data sequence in which a SACCH (Slow Associated Control Channel) to which a segment obtained by dividing a message block consisting of nonce is allocated;
SACCH acquisition means for sequentially acquiring segments allocated to the SACCH of each frame of the received data sequence;
An area for the length of the message block, the acquired segments are sequentially written, and when the written segment exceeds the message block length, a memory written from the beginning by a cyclic shift; and
Multi-frame synchronization unit detecting means for detecting the multi-frame synchronization unit from the segment written in the memory;
Using the segment for the length of the message block written in the memory, the detected multi-frame synchronization unit is headed, the portion before the multi-frame synchronization unit is cyclically shifted, and the multi-frame synchronization unit Seed value assembling means for assembling a seed value composed of a counter and a nonce following the multi-frame synchronization unit, arranged following the latter part,
A receiving apparatus. Error correction means for performing error correction decoding processing on the nonce assembled by the seed value assembling means;
Error detection means for detecting an error with respect to the nonce that has been subjected to error correction decoding;
With
If an error is detected for the nonce, the seed value assembling means outputs segments sequentially written in the memory to the error correcting means,
The receiving apparatus according to claim 1, wherein the error correction means combines the segment output from the seed value assembling means with the nonce used in the previous error correction decoding process, and performs the error correction decoding process again. Used in a receiving apparatus having a receiving means, a SACCH obtaining means, a memory, a multi-frame synchronization unit detecting means, and a seed value assembling means, and obtains a frame number obtained from a data sequence transmitted from a communication partner. Use as a seed value together with a counter together with a secret key shared with the communication partner distributed in advance, and acquire a random seed value for acquiring a nonce for decrypting encrypted data transmitted from the communication partner using the counter mode A method,
In the receiving means, a FACCH (Fast Associated Control Channel) in which a nonce is assigned to the first frame is arranged, and a multi-frame synchronization unit is provided over a plurality of frames following the first frame. Receiving a data sequence in which a SACCH (Slow Associated Control Channel) to which a segment obtained by dividing a message block consisting of a counter and a nonce is allocated; and
In the SACCH acquisition means, segments allocated to the SACCH of each frame of the received data sequence are sequentially written in a memory having an area for the length of the message block, and the segment written in the memory is the message block. If the length is exceeded, an SA write step for writing to the memory from the top by cyclic shift;
A multi-frame synchronization unit detecting step of detecting the multi-frame synchronization unit from the segment written in the memory by the multi-frame synchronization unit detection means;
The seed value assembling means cyclically shifts the detected multi-frame synchronization unit to the head and the part before the multi-frame synchronization unit using a segment corresponding to the length of the message block written in the memory. A seed value assembling step for assembling a seed value consisting of a counter and a nonce following the multiframe synchronization unit, arranged after the multiframe synchronization unit.
Random number seed value acquisition method comprising: The receiving device further includes a correction unit and an error detection unit,
In the error correction means, an error correction step of performing error correction decoding processing on the nonce assembled in the seed value assembly step;
An error detecting step of detecting an error with respect to the nonce subjected to error correction decoding by the error detecting means ;
If an error is detected for the nonce at the seed value assembling means, and the segment output step of outputting the segments are sequentially written into the memory in the error correction means,
At the error correction means, the nonce used in the previous error correction decoding process, by combining the output segments, the random number according to claim 3, further comprising a re-error correction step of again performing error correction decoding processing Seed value acquisition method.   4. The random number seed value acquisition method according to claim 3, wherein the seed value includes a nonce formed by an ID number unique to each transmitting station and a call number that is changed according to an arbitrary rule each time the transmitting station transmits.   The random number seed value acquisition method according to claim 3, wherein the plurality of frames include frames in which the SACCH is unused and the number is variable. A transmission apparatus in a stream encryption communication system comprising the reception apparatus according to claim 1,
A seed value generating means for generating a seed value consisting of a counter and a nonce used together with a common secret key distributed in advance when decrypting the encrypted data in the receiving device ;
FACCH placement means for placing a FACCH (Fast Associated Control Channel) to which a nonce is assigned in the first frame;
A SACCH (low-speed associated control channel) to which a segment obtained by dividing a block consisting of a multi-frame synchronization unit, a counter code unit as a counter and a nonce unit as a nonce is continuously allocated over a plurality of frames following the first frame. : SACCH arrangement means for arranging Slow Associated Control Channel),
Transmitting means for transmitting a data sequence in which the FACCH and the SACCH are arranged;
The seed value generation means arranges the nonce of the seed value, and Yoo nonunique ID number indicating the own apparatus, and a call number to be changed in any rule whenever for receiving a data series from said transmission means on the receiving side transmitting device that generates by.   8. The transmission apparatus according to claim 7, wherein the SACCH arrangement means includes means for changing the number of frames not using the SACCH when the SACCH is arranged over the plurality of frames.   A wireless communication system comprising the receiving device according to claim 1 and the transmitting device according to claim 7.

Images