JPH01225250A - Voice packet enciphering device - Google Patents

Voice packet enciphering device

Info

Publication number
JPH01225250A
JPH01225250A JP63051087A JP5108788A JPH01225250A JP H01225250 A JPH01225250 A JP H01225250A JP 63051087 A JP63051087 A JP 63051087A JP 5108788 A JP5108788 A JP 5108788A JP H01225250 A JPH01225250 A JP H01225250A
Authority
JP
Japan
Prior art keywords
packet
encryption
voice
voice packet
packets
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
JP63051087A
Other languages
Japanese (ja)
Inventor
Tadatoshi Okubo
大久保 忠利
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NEC Corp
Original Assignee
NEC Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by NEC Corp filed Critical NEC Corp
Priority to JP63051087A priority Critical patent/JPH01225250A/en
Publication of JPH01225250A publication Critical patent/JPH01225250A/en
Pending legal-status Critical Current

Links

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)
  • Use Of Switch Circuits For Exchanges And Methods Of Control Of Multiplex Exchanges (AREA)

Abstract

PURPOSE:To secure ciphering intensity without lowering a throughput by accumulating plural voice packets to a buffer circuit and totally enciphering a long block. CONSTITUTION:The voice packet to be sent from a packet exchange 1 to voice packet enchiphering device 2 is accumulated in a buffer circuit 3. Then, when the prescribed number of the packets are accumulated, the packets are wholly transferred to an enchiphering circuit 4 as one block. The enchiphering circuit 4 cipheres this input and sends it to a MODEM line. Thus, without lowering the throughput, the enchiphering intensity can be secured.

Description

【発明の詳細な説明】 〔産業上の利用分野〕 本発明は音声パケット暗号装置に関し、特にパケット交
換網を介して行う音声通信における音声パケットを暗号
化するための音声パケット暗号装置に関する。DETAILED DESCRIPTION OF THE INVENTION [Field of Industrial Application] The present invention relates to a voice packet encryption device, and more particularly to a voice packet encryption device for encrypting voice packets in voice communications performed via a packet switching network.

〔従来の技術〕[Conventional technology]

パケット交換方式は近時よく知られている。この交換方
式は蓄積交換方式の一種で、端末機器から送出されたデ
ータをいったん交換器内に蓄積しつつ交換網内を高速で
転送して通信相手の端末機器に届けるものであり、また
この場合、データはある一定長に分割されたうえこれら
分割ブロックの先頭に、宛先情報、誤り制御情報、転送
順番号等の情報を含んだヘッダが付与されたパケットデ
ータとして取扱われる。Packet switching systems are well known these days. This switching method is a type of store-and-forward method in which data sent from a terminal device is temporarily stored in the exchange and then transferred at high speed within the switching network and delivered to the terminal device of the communication partner. The data is divided into a certain length and treated as packet data in which a header containing information such as destination information, error control information, and transfer order number is added to the beginning of each divided block.

パケット交換網としての基本的構成は、交換機能を有す
るパケット交換機、および一般端末に対するパケット組
立分割機能ならびにトラヒック集束機能を有するパケッ
ト多重化装置等がある。The basic configuration of a packet switching network includes a packet switch having a switching function, a packet multiplexing device having a packet assembly and division function for general terminals, and a traffic convergence function.

パケット交換機は、通信ルートの設定、非パケット端末
からのデータをパケットデータの形式に組立るかもしく
は分割するほかシステムの管理制御等を行なう。The packet switch sets communication routes, assembles or divides data from non-packet terminals into packet data format, and also manages and controls the system.

また、パケット多重化装置は、多数の端末からのデータ
をパケット交換機との間の通信回線上にパケット形式で
多重化する集線、ならびにパケット交換機と同様に、非
パケット端末を収容するためのパケットの組立・分割を
パケット交換機より低位のレベルで行なう。In addition, a packet multiplexer is a concentrator that multiplexes data from a large number of terminals in packet format on a communication line between it and a packet switch, and, similar to a packet switch, a packet multiplexer that multiplexes data from a large number of terminals in packet format on a communication line between the packet switch and the packet switch. Assembly and division are performed at a level lower than that of a packet switch.

このようなパケット交換網は、多重通信が可能であるこ
とのほか、回線の利用効率の向上、異種端末間での通信
可能、ビット誤り率の低下といったさまざまな長所を有
しその利用が拡大されつつあり、通信内容の秘匿化を図
った暗号通信もこのパケット交換網を介して行なわれる
場合が増加しつつある。In addition to being capable of multiplex communication, such packet-switched networks have various advantages such as improved line usage efficiency, communication between different types of terminals, and lower bit error rates, and their use is expanding. Increasingly, encrypted communications designed to keep the contents of communications confidential are also being conducted via these packet switching networks.

従来、このようなパケット交換網を介してブロック暗号
を用いて音声信号の暗号通信を行う場合、暗号化処理の
スルーブツトと暗号強度の兼合いが問題となっていた。Conventionally, when performing encrypted communication of audio signals using a block cipher via such a packet switching network, there has been a problem in balancing the throughput of the encryption processing with the strength of the encryption.

即ち、ブロック暗号の性質として、処理ブロック長を大
きくとると暗号強度は上がる。これを用いて暗号強度を
上げるために処理ブロック長を大きくとることにすると
、音声パケットのブロック長を暗号化ブロックに合わせ
るわけにはいかないので、受信したデータに意味のない
ダミーデータを付与して大きいブロック長として暗号化
することになる。すると、ブロック暗号の処理時間はブ
ロック長が大きい程大きくなるので音声バケッチョが1
パケツト受信される都度処理時間のかかる大ブロック長
暗号化を行うので著しくスループットが低下する。一方
、スループットを上げるために暗号化ブロック長を音声
パケットの長さに合わせると今度は暗号強度が低下する
。音声通信以外の通信では暗号強度のためスループット
を犠牲にしてもそれほど影響は出ないが、音声パケット
の場合、暗号化のスループットが低下すると音質の劣化
につながるので問題になる。That is, as a property of block ciphers, the encryption strength increases as the processing block length increases. If we decide to increase the processing block length to increase the encryption strength using this, the block length of the voice packet cannot be matched to the encryption block, so meaningless dummy data is added to the received data. It will be encrypted as a large block length. Then, the processing time of the block cipher increases as the block length increases, so the voice bacchio is 1
Since large block length encryption, which takes processing time, is performed each time a packet is received, throughput is significantly reduced. On the other hand, if the encrypted block length is matched to the length of the voice packet in order to increase throughput, the encryption strength will decrease. For communications other than voice communications, sacrificing throughput does not have much of an impact due to the strength of encryption, but in the case of voice packets, a decrease in encryption throughput is a problem because it leads to deterioration of sound quality.

第2図及び第3図に従来の暗号装置の音声パケット暗号
化のダイミングチャートを示す。FIGS. 2 and 3 show dimming charts for voice packet encryption by a conventional encryption device.

第2図は暗号化ブロック長を受信した音声パケット長と
同じにとった場合のもので暗号装置が音声パケット暗号
化のために専有される時間は短く、他のおいている時間
を他のデータの暗号化に用いることはできるが、暗号化
ブロック長が短いので暗号強度は低い。Figure 2 shows the case where the encrypted block length is the same as the length of the received audio packet. Although it can be used for encryption, the encryption strength is low because the encryption block length is short.

第3図は、受信した音声パケットにダミーデータを付与
して暗号化ブロック長を大きくした場合のもので、暗号
装置が音声パケット暗号化のためには、とんと占有され
ており、他のデータの暗号化には利用することができな
い、ただし、暗号強度は高められている。Figure 3 shows the case where the encrypted block length is increased by adding dummy data to the received voice packet. It cannot be used for encryption, but the encryption strength is increased.

〔発明が解決しようとする課題〕[Problem to be solved by the invention]

上述したように、従来の暗号装置で音声パケットを暗号
化する場合は、暗号強度及び暗号装置の使用効率のいず
れかが犠牲になるという欠点がある。As described above, when voice packets are encrypted using a conventional encryption device, there is a drawback that either the encryption strength or the usage efficiency of the encryption device is sacrificed.

本発明の目的は上述した欠点を除去し、パケットをバッ
ファに蓄積し、まとめて長ブロック化して暗号化するこ
とにより、暗号強度と暗号装置の使用効率のいずれも確
保できる音声パケット暗号装置を提供することにある。An object of the present invention is to eliminate the above-mentioned drawbacks, and provide a voice packet encryption device that can ensure both encryption strength and usage efficiency of the encryption device by accumulating packets in a buffer and collectively encrypting them into long blocks. It's about doing.

〔課題を解決するための手段〕[Means to solve the problem]

本発明の装置は、パケット交換網を介して送受信する音
声パケットデータを暗号化して送受信する音声パケット
暗号装置において、前記暗号装置の受信側に有するバッ
ファ回路に複数の音声パケットを蓄積しまとめて長ブロ
ックの暗号化を施すことによりスループットを低下させ
ることなく暗号強度を確保する手段を備えて構成される
The device of the present invention is a voice packet encryption device that encrypts and transmits and receives voice packet data transmitted and received via a packet switching network, in which a plurality of voice packets are stored in a buffer circuit on a receiving side of the encryption device and are collectively lengthened. It is configured to include a means for encrypting blocks to ensure encryption strength without reducing throughput.

〔実施例〕〔Example〕

次に、図面を参照して詳細に説明する。 Next, a detailed description will be given with reference to the drawings.

第1図は本発明の音声パケット暗号装置の一実施例の構
成を示すブロック図である。FIG. 1 is a block diagram showing the configuration of an embodiment of the voice packet encryption device of the present invention.

第1図に示す実施例の構成は、パケット交換機1、音声
パケット暗号装置2からなり、さらに音声パケット暗号
装置2はバッファ回路3.暗号化回路4からなる。The configuration of the embodiment shown in FIG. 1 consists of a packet switch 1, a voice packet encryption device 2, and a buffer circuit 3. It consists of an encryption circuit 4.

パケット交換機1から音声パケット暗号装置2に送られ
てきた音声パケットはバッファ回路3に蓄積され、所定
数のパケットが蓄積されるとすべてを1ブロツクとして
暗号化回路4へ転送される。Voice packets sent from the packet switch 1 to the voice packet encryption device 2 are accumulated in a buffer circuit 3, and when a predetermined number of packets are accumulated, all the packets are treated as one block and transferred to the encryption circuit 4.

暗号化回路4はこの入力を暗号化、モデム回線へ送出す
る。この間の事情を第2図、第3図と同様のタイミング
チャートで第4図に示す。暗号強度を考慮した長ブロッ
ク長でしかも装置の使用効率がよいことがわかる。The encryption circuit 4 encrypts this input and sends it to the modem line. The situation during this time is shown in FIG. 4 using a timing chart similar to FIGS. 2 and 3. It can be seen that the long block length takes encryption strength into consideration, and the device usage efficiency is good.

〔発明の効果〕〔Effect of the invention〕

以上説明したように本発明によれば、パケット交換網を
介して送受信する音声パケットデータを暗号化して送受
信する暗号装置において、暗号装置の受信側にバッファ
を設け、複数の音声パケットを蓄積しまとめて長ブロッ
ク長の暗号化を施すことにより、暗号装置の使用効率を
下げずに暗号強度を大幅に向上することができるという
効果がある。As explained above, according to the present invention, in a cryptographic device that encrypts and transmits/receives voice packet data transmitted and received via a packet switching network, a buffer is provided on the receiving side of the cryptographic device to accumulate and summarize a plurality of voice packets. By performing long block length encryption using the encryption method, it is possible to significantly improve the encryption strength without reducing the usage efficiency of the encryption device.

【図面の簡単な説明】[Brief explanation of the drawing]

第1図は本発明の音声バット暗号装置の一実施例の構成
を示すブロック図、第2図は従来の音声パケット暗号装
置で暗号化ブロック長と受信した音声パケット長とを同
じにとる方式の場合の暗号化タイミングチャート、第3
図は従来の音声パケット暗号装置で受信した音声パケッ
トにグミ−データを付加して暗号化ブロック長を大きく
とる方式の場合の暗号化タイミングチャート、第4図は
本発明の音声パケット暗号装置の暗号化タイミングチャ
ートである。 1・・・パケット交換機、2・・・音声パケット暗号装
置、3・・・バッファ回路、4・・・暗号化回路。 代理人 弁理士  内 原  音 栴l 図 乍3 VFIG. 1 is a block diagram showing the configuration of an embodiment of the voice packet encryption device of the present invention, and FIG. 2 is a block diagram showing the configuration of a conventional voice packet encryption device in which the length of the encrypted block is the same as the length of the received voice packet. Encryption timing chart for case 3
The figure is an encryption timing chart in the case of a method in which gummy data is added to voice packets received by a conventional voice packet encryption device to increase the encrypted block length, and FIG. 4 is an encryption timing chart of the voice packet encryption device of the present invention. This is a timing chart. DESCRIPTION OF SYMBOLS 1...Packet switch, 2...Audio packet encryption device, 3...Buffer circuit, 4...Encryption circuit. Agent Patent Attorney Uchihara Otosa I Figure 3 V

Claims (1)

【特許請求の範囲】[Claims] パケット交換網を介して送受信する音声パケットデータ
を暗号化して送受信する音声パケット暗号装置において
、前記暗号装置の受信側に有するバッファ回路に複数の
音声パケットを蓄積しまとめて長ブロックの暗号化を施
すことによりスループットを低下させることなく暗号強
度を確保する手段を備えて成ることを特徴とする音声パ
ケット暗号装置。In a voice packet encryption device that encrypts and transmits and receives voice packet data via a packet switching network, a plurality of voice packets are stored in a buffer circuit on the receiving side of the encryption device and encrypted as a long block. 1. A voice packet encryption device comprising means for ensuring encryption strength without reducing throughput.
JP63051087A 1988-03-03 1988-03-03 Voice packet enciphering device Pending JPH01225250A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP63051087A JPH01225250A (en) 1988-03-03 1988-03-03 Voice packet enciphering device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP63051087A JPH01225250A (en) 1988-03-03 1988-03-03 Voice packet enciphering device

Publications (1)

Publication Number Publication Date
JPH01225250A true JPH01225250A (en) 1989-09-08

Family

ID=12877036

Family Applications (1)

Application Number Title Priority Date Filing Date
JP63051087A Pending JPH01225250A (en) 1988-03-03 1988-03-03 Voice packet enciphering device

Country Status (1)

Country Link
JP (1) JPH01225250A (en)

Similar Documents

Publication Publication Date Title
KR100838556B1 (en) Efficient transmission of cryptographic information in secure real time protocol
US7120791B2 (en) Bridged cryptographic VLAN
US6704866B1 (en) Compression and encryption protocol for controlling data flow in a network
JP3983281B2 (en) Method and apparatus for providing encryption protection of a data stream in a communication system
KR101357026B1 (en) Air-interface application layer security for wireless networks
JP2002044135A (en) Encryption device and encryption communication system
US6081600A (en) Method and apparatus for signaling privacy in personal communications systems
JP2006262531A (en) Method for encryption of information and data communication system
US20040158706A1 (en) System, method, and device for facilitating multi-path cryptographic communication
JP2013030890A (en) Communication device and communication method
CN109714295B (en) Voice encryption and decryption synchronous processing method and device
CN103686616B (en) A kind of method of cluster group call security encryption synchronization
CN114826748A (en) Audio and video stream data encryption method and device based on RTP, UDP and IP protocols
JPH01225250A (en) Voice packet enciphering device
KR20090024604A (en) Method of transmitting and receiving data in wireless communication system
JPS60260254A (en) Ciphering processing system
JP2563921B2 (en) Secret communication system
JPH0646052A (en) Encipherment system in high speed transport mechanism
JPH012439A (en) Cryptographic device control method
GB2168573A (en) Packet switched system
CN115865499A (en) Payload compatible encryption system of military and civil integration optical transmission network based on slices
KR20060003375A (en) Processor and method for end-to-end encryption synchronisation
Ramaswamv Design of a secure packet voice communication system in wide area networks
Jabalameli et al. An add-on for security on concurrent multipath communication SCTP
KR20070059894A (en) A method for controlling security channel in the mac security network and terminal device using the same