RU2152690C1 - Method for information protection in wired communication channel and device which implements said method - Google Patents

Abstract

FIELD: communication equipment, in particular, telephone communication for transmission of confidential information. SUBSTANCE: method involves hiding information to be transmitted by means of adding noise to transmission line in working frequency band and subsequent information processing at receiving part by means of subtraction of reference signal produced by noise generator from signal mix of transmitting station and noise generator. Respective device has noise generator, which operates in working frequency band and is connected to transmitting user's line, two-channel digital adaptive filter and commutator. First input of filter is connected to transmitting user's line through analog-to-digital converter. Its second input is connected to output of noise generator. Its second input is connected to output of noise generator. Output of filter is connected to receiving user's line through digital-to-analog converter. EFFECT: temporal-to-spectral and reverse converting prior to subtraction of reference and mix signals. 4 cl, 1 dwg

Description

 The claimed group of inventions relates to communication technology and can be used, in particular, in telephone communication systems for transmitting confidential information.

 There is a method of protecting information, in which they carry out the masking of the transmitted information and its subsequent processing for the recipient (see RF patent N 2054812 according to class H 02 K 1/04, published 02/20/96).

 The disadvantage of this method is the complexity of the process of masking and processing disguised information.

 A device for secreting a spoken signal, comprising a masking device for transmitting information, a device for processing camouflaged information and a switching device (see RF patent N 2054812 according to class H 02 K 1/04, published 02.20.96).

 The known device has a complicated design.

 A known method of secreting the exchange of voice information between subscribers, including multiplying the speech signal by the Walsh function and integrating the result of the multiplication with the formation of its spectrum in the Walsh basis. The components of the spectrum are multiplied to the number K by parallelization and multiplied by the rearranged Walsh functions. After multiplication and summation, the encrypted speech signal is fed to the communication line. The actions of the recipient with the encrypted signal are the reverse of the transmission path (see RF patent N 2032991, class H 04 K 1/02, published on 04/10/95).

 The disadvantage of this method is the insufficient level of information security, since the owner of an identical set of receiving equipment gets access to the transmitted information.

 A secret telephone communication device is known, comprising the first and second Walsh transform blocks, the first and second Walsh inverse transform blocks, an encoder, a decoder, a handset, a telephone, and a Walsh function generator. The first output of the generator is connected to the first inputs of the encoder, decoder, the first and second blocks of the Walsh transform. The second output of the generator is connected to the second inputs of the encoder and decoder. The outputs of the first and second Walsh transform blocks are connected to the first inputs of the telephone set and handset, respectively. The output of the handset is connected to the second input of the first Walsh transform unit, and the first and second outputs of the telephone are connected respectively to the second input of the second Walsh transform unit and the input of the communication line, while the outputs of the encoder and decoder are connected to the second inputs of the first and second inverse transform units, respectively Walsh (see RF patent N 2032991 according to class H 04 K 1/04, published 10.04.95).

 A disadvantage of the known device is its complicated design, since the corresponding complex of equipment must be on both the receiving and transmitting sides of the communication line.

There is a method of classifying speech messages by time segments of a speech signal using a block cipher sequence of N blocks, each of which contains n random numbers that determine the transmission order of n successive segments of a speech signal, in which the cipher sequence is pre-formed and stored, and then the transmission order of the segments of speech is changed signal by reading the stored sequence. Each of the N blocks of the cipher sequence is formed by randomly selecting n numbers from the set of numbers 1, 2, 3, n, 8 ≤ n ≤ 15 without returning, while blocks containing adjacent numbers such that the next number is 1 more than the previous one blocks containing numbers located only on even or only odd positions of the block, the next number being 2 more than the previous one, is excluded from the cipher sequence, the cipher sequence formation process is continued until N ≥ 10 ³ blocks are obtained (see RF patent N 209 7930, class H 04 K 1/00, published 11/27/97).

 A disadvantage of the known method of securing voice messages is the fact that in case of changing the code it is difficult to inform the receiving side.

 A secret communication device is known that contains an amplifier, an analog-to-digital converter (ADC), an adder, a synchronizer output, and a digital-to-analog converter (DAC) connected to its first input, and an ADC, DAC, and a low-pass filter (low-pass filter) on the receiving side. ) On the transmitting side, a code sequence generator, an modulo two adder, a controlled key and a threshold block are introduced, to the input of which and the ADC input the first and second outputs of the amplifier are connected, while the ADC output and the output of the code sequence generator are connected to the first and second outputs of the adder module two. The first output of this adder is connected to the input of the code sequence generator, and the second adder output modulo two is connected through the DAC to the second input of the adder, the output and input of the threshold block are connected respectively to the first and second inputs of the managed key. At the receiving side, an adder modulo two, a code sequence generator, and a series-connected narrow-band filter and a clock synchronizer are introduced. In this case, the output of the managed key through the communication channel is connected to the inputs of the narrow-band filter and the low-pass filter, the output of which is connected to the input of the ADC, the first and second outputs of which are connected respectively to the first input of the adder modulo two and the input of the code sequence generator, the output of which is connected to the second input of the adder modulo two, the output of which is connected to the input of the DAC (see RF patent N2038701, class H 04 K 1/02, published on June 27, 1992).

 The disadvantages of the known device are: the complexity of the design solution, since the same complex of equipment must be installed on both the transmitting and receiving sides.

 The closest in number of essential features to the claimed method is a method of protecting information received via wired communication channels, including masking the transmitted information by noise of the transmission line in the speech frequency range and its subsequent processing for the recipient through a two-channel digital adaptive filter that receives two signals - the main and reference, subtracts the reference signal from the main one, while the main signal is a mixed signal from the transmitting the subscriber and the noise generator, and the reference signal from the noise generator (see RF patent N 2112319 according to class H 04 K 1/00, published 05/27/98).

 The known method of information protection requires for its implementation a special high-performance digital signal processor.

 Closest to the claimed device by the number of essential features is a system for protecting information transmitted via wired channels, comprising a switching device, a masking device for transmitted information in the form of a noise generator in the working frequency range, a device for processing masked information in the form of a two-channel digital adaptive filter, in which the first input is connected via an analog-to-digital converter to the line of the transmitting subscriber, its second input is connected to the output of the generator a. The output of the filter is connected via a digital-to-analog converter to the line of the receiving subscriber (see RF patent N2112319 according to class H 04 K 1/00, published May 27, 1998).

 The well-known information security system requires the use of an expensive high-performance special processor.

 The objective of the claimed group of inventions, united by a single inventive concept, was to develop such a method of protecting information in wired communication channels and devices for its implementation, which, while maintaining the level of information protection would significantly reduce the performance requirements and cost of the special processor used.

 The problem is solved in that in a method of protecting information in wired communication channels, including masking the transmitted information by noise of the transmission line in the operating frequency range and subsequent processing of information for the recipient by subtracting the reference signal from the noise generator from the mixed signal from the transmitting subscriber and the noise generator, before by subtraction, the reference and mixed signals are converted from the time domain to the spectral region, and after subtraction of the mentioned signals, the opposite azovanie processed information signal from the spectral domain to the time domain.

 The problem is also solved by the fact that in the device for protecting information in wired communication channels containing a device for masking transmitted information in the form of a noise generator in the operating frequency range connected to the line of the transmitting subscriber, a two-channel digital adaptive filter and a switching device, while the first input of the filter connected via an analog-to-digital converter to the line of the transmitting subscriber, its second input is connected to the output of the noise generator, and the output of the filter is connected through a digital-to-analog a browser with a receiving subscriber line, a digital adaptive filter is made in the form of a block for converting a signal from the time domain to the spectral region, a digital correlation determinant, a digital block of noise compensation and a block for converting the signal from the spectral region to the time domain, with the first and second outputs of the signal converting unit from the time domain to the spectral region are connected respectively to the first and second inputs of the digital correlation determinant and the digital block of noise compensation, the output of the digital correlation determinant is connected to the third input of the digital noise compensation unit, the output of which is connected to the input of the signal conversion unit from the spectral region to the time domain and with the third input of the digital correlation determinant. The design of the digital block of interference compensation and the digital correlation determinant can be similarly known, described, for example, in the book "Adaptive Filters", ed. K. Cowan and P. Grant.- M .: Publishing house "Mir" - 1989, p. 189.

 A block for converting a signal from a time domain to a spectral region may, for example, be implemented as a fast Fourier transform block or a fast Walsh transform block. A unit for converting a signal from a spectral domain to a time domain may, for example, be implemented as a fast inverse Fourier transform unit or a fast inverse Walsh transform unit.

 The authors did not find in the patent and other scientific and technical literature methods and devices for protecting information in wired communication lines that would contain a combination of features of the claimed method and device, which, according to the authors, indicates compliance with their criterion of "novelty."

The conversion before the operation of subtracting the reference and mixed signal from the time domain to the spectral region and the inverse transformation of the processed information signal from the spectral region to the time domain, implemented in the inventive digital adaptive filter by the signal conversion unit from the time domain to the spectral region, a digital correlation determinant, a digital compensation unit interference and the unit for converting the signal from the spectral region to the time domain, leads to the fact that for the same with by a special prototype, the level of reliability of information protection for the processing of each sample of the input signal requires only 3Log2 (N) +4 multiplication operations (where N is the number of samples equal to the number of filter coefficients), while in the prototype method it is required to perform processing of each sample 2N multiplication operations. Since filtering requires 512-1024 coefficients, when using the proposed method, savings in computing costs by 30-60 times are achieved. This can greatly simplify the hardware implementation of the information protection device. If at the existing level of technology the prototype can be implemented on the basis of a special processor for digital signal processing, providing a speed of 2NF _s multiplications per second (at a sampling frequency of F _s = 10 kHz and N = 400, a performance of 8 million floating point operations per second is required), then the claimed solutions provide a significant reduction in performance requirements and the cost of a special processor.

 Thus, the distinguishing features of the proposed method of information protection and implementing this method of the device in combination with well-known features common to prototypes, achieve a new technical result.

 The drawing shows a diagram of a device for protecting information in wired communication channels.

The information protection device in the wired communication channels includes a noise generator 1 in the operating frequency range (GS), connected to the output line 2 of the transmitting subscriber A ₁ 3 through a digital-to-analog converter (DAC) 4, a two-channel digital adaptive filter 5, including a conversion unit (BPR) 6 the signal from the time domain to the spectral region, a digital correlation determinant (DOC) 7, a digital interference compensation unit (BPC) 8 and an inverse transform unit (OCR) 9 of the signal from the spectral region to the temporal, connected to the receive line 10 user A ₂ 11 through the DAC 12, the switching device 13 and the power supply unit (PSU) 14. The first input of the conversion unit 6 is connected via an analog-to-digital converter (ADC) 15 to line 2, the second input of the PDU 6 is connected to the output of power supply 1, input which through the switching device 13 is connected to the PSU 14 (to the block 14 through the switching device 13 are connected and all the other blocks of the information protection device - these connections are not shown in the drawing). The first and second outputs of Bpr 6 are connected respectively to the first and second inputs of the CSC 7 and BKP 8. The output of the CSC 7 is connected to the third input of the BKP 8, the output of which is connected to the input of the BOP 9 and to the third input of the CSC 7. The output of the BOP 9 is connected through the DAC 12 to the line 10 of the receiving subscriber A ₁ 11. Bpr 6 can be performed, for example, in the form of a block of fast Fourier transform, Walsh and other similar transformations, and block of inverse transform 9 can be performed as a block of inverse Fourier transform, Walsh and other similar transformations. The device for protecting information shown in the drawing is made with the digital version of GS 1. In the case of GS 1 in the analog version, DAC 4 is not required, and the connection of GS 1 with BPR 6 is carried out through an additional ADC.

 A method of protecting information in wired communication channels is implemented when the above-described device circuits are considered, which is considered with respect to telephone wire communication.

If there is no need to transmit confidential information, the switching device 13 directly connects lines 2 and 10, while the power supply 14 is disconnected from the generator 1 and all other blocks of the device. To transfer confidential information from subscriber 3 to subscriber 11, the switching device 13 is moved to a position in which the direct connection between lines 2 and 10 is broken, the generator 1 and all other device units from the power supply 14 are turned on, while the subscriber connected to line 2 hears noise interference from the generator 1. At the same time, the signal from the subscriber 3 and generator 1 is fed to the first input of the conversion unit 6, and the signal from the output of the generator 1 is fed to the second input of the conversion unit 6. The digital adaptive filter 5 is processed It receives both signals and gives the receiving subscriber A ₂ 11 information cleared of interference.

The information processing algorithm is as follows. The inputs of the conversion unit 6 from the time domain to the spectral region receive two signals - the main and reference. After conversion, the spectrum of the reference signal is fed to the first input of the digital correlation determinant 7 and the first input of the interference compensation unit 8, and the spectrum of the main signal is fed to the second input of the digital correlation determinant 7 and the second input of the interference compensation unit 8. A signal is applied to the third input of the digital correlation determinant 8 from the output of the interference compensation unit 8. The interference compensation unit 8 subtracts from the spectrum of the main signal the spectrum of the reference signal with the weights calculated in the block of the digital correlation determinant 7. Weights in the block The digital correlation determinant 7 are adjusted so as to minimize (reduce to zero) and the correlation reference signal at the output of interference compensation unit 8. The difference spectrum is input to the conversion block of the spectral domain to the time domain. Temporary data is sequentially supplied through the DAC 12 to the line 10 of the receiving subscriber A ₂ 11. Processing is performed iteratively. At each iteration, new coefficients of filter 5 and a new sequence (block) of input and output signals of adaptive filter 5 are calculated. As a result, adaptive filter 5 suppresses all correlating components.

 Signal processing operations are performed on data blocks, which reduces computational costs. The following processing operations are performed.

преобразование блока данных опорного канала (генератора шума) в спектральную область.1. Transformation of data from temporal to spectral region:

transforming the data block of the reference channel (noise generator) into the spectral region.

преобразование блока данных основного канала (телефонной линии) в спектральную область.

transforming the data block of the main channel (telephone line) into the spectral region.

2. The operation of convolution (multiplication) for the data block of the reference channel in the spectral region with filter coefficients:
Y (n, f) = H * (n, f) • X (t, f _i ) or y (n, f _i ) = h * (n, f _i ) • (n, f _i ), i - 1 , 2, ... N.

или e(n,f_i) = z(n,f_i) - y(n,f_i).3. The operation of compensation (subtraction) of the data block of the reference channel from the data block of the main channel:

or e (n, f _i ) = z (n, f _i ) - y (n, f _i ).

4. The operation of setting the coefficients of an adaptive filter:
H (n + 1, f) = H (n, f) + k • E (n, f) • X (n, f) or h (n + 1, f _i ) = h (n, f _i ) + k • e (n, f _i ) • x (n, f _i ).

где: FFT, FFTI - операции быстрого прямого и обратного преобразования, например, Фурье;
* - комплексное сопряжение.5. Transformation of data from the spectral region to the temporary:

where: FFT, FFTI - fast forward and reverse transform operations, for example, Fourier;
* - complex pairing.

H (n, f) = | h (n, f ₁ ), h (n, f ₂ ), ... h (n, f _N ) | - vector of adaptive filter coefficients;
N is the number of adaptive filter coefficients.

где M{ } означает усреднение во времени.The adjustment of the adaptive filter coefficients will end under the condition that the corrections become equal to zero on average:

where M {} means time averaging.

This will be achieved provided:
h (n, f) = M {z (n, f) • x (n, f)} / M {x (n, f) • x (n, f)},
that is, provided that the weighting coefficients are equal to the correlation coefficients between the spectral components of the main and reference signal.

Claims (4)

 1. A method of protecting information in wired communication channels, including masking the transmitted information by noise of the transmission line in the operating frequency range and subsequent processing of information for the recipient by subtracting the reference signal from the noise generator from the mixed signal from the transmitting subscriber and the noise generator, characterized in that before said by subtraction, the reference and mixed signals are transformed from the time domain to the spectral region, and after said subtraction, the processed signal from the spectral region to the time domain.  2. A device for protecting information in wired communication channels, including a masking device for transmitted information in the form of a noise generator in the operating frequency range connected to the line of the transmitting subscriber, a two-channel digital adaptive filter and a switching device, while the first input of the said filter is connected via analog-to-digital the converter with the line of the transmitting subscriber, its second input is connected to the output of the noise generator, and the output of the mentioned filter is connected via a digital-to-analog converter with the line it to the receiving subscriber, characterized in that the digital adaptive filter is made in the form of a block for converting a signal from a time domain to a spectral region, a digital correlation determinant, a digital block for compensating interference and a block for converting a signal from a spectral region to a time domain, wherein the first and second outputs of the block transformations of the signal from the time domain to the spectral region are connected respectively to the first and second inputs of the digital correlation determinant and the digital compensation unit ex, the output of the digital correlation determinant is connected to the third input of the digital noise compensation unit, the output of which is connected to the input of the signal conversion unit from the spectral region to the time domain and to the third input of the digital correlation determinant.  3. The device according to claim 2, characterized in that the block for converting a signal from the time domain to the spectral region is made in the form of a fast Fourier transform unit, and the block for converting a signal from the spectral region to temporary is made in the form of a fast inverse Fourier transform block.  4. The device according to claim 2, characterized in that the unit for converting the signal from the time domain to the spectral region is made in the form of a fast Walsh transform unit, and the unit for converting the signal from the spectral region to temporary is made in the form of a fast inverse Walsh transform unit.