SYSTEM AND METHOD FOR CIPHER COMMUNICATION
The present invention relates to a system and method for encrypted communication of voice and/or data and/or fax and/or video, in particular between at least two cryptographic devices each connected to a respective telecommunication apparatus . Today, it is widely desired for secure information transfer to be possible not only between fixed telephone apparatuses, but also through cellular telephones and mobile computing and communication devices, whose widespread adoption and whose consequent extensive use expose users to sever problems linked with the possibility of being subjected to eavesdropping. The GSM standard uses an encryption algorithm (A5) that currently no longer appears to provide adequate security guarantees. Due to digital modulation, it is not possible to listen to the conversation through a normal scanner. The only possibility is to receive the bursts (data packets transmitted over the radio channel) and subsequently to analyse them and decode them. Various working groups are studying the algorithm A5 which is used to encrypt the data transmitted via radio. Additionally, use to this algorithm can be disabled by domestic or foreign telephone operators, making the radio communications easy to intercept. Additionally, the cellular telephony system does not perform an end-to-end communication encryption, but only from a telephone apparatus to a radio base station, transmitting the communication in the clear through the fixed line which could be subject to violations. The most recent technology developments have allowed the widespread adoption of so-called "Bluetooth" devices (ear sets, palmtop computers, telephones) , which can represent an additional element of vulnerability. This is because Bluetooth devices in the "Pairing" phase are particularly vulnerable from the authentication point of view. Moreover, the protections that certain profiles defined in the Bluetooth standard should adopt may not have been implemented by some manufacturer, for example
disabling communication ciphering at the link layer (from Bluetooth device to telephone) .
To the aforesaid risk are more exposed the managers of the large companies that are subjected to industrial espionage activities. Sensitivity to this problem has significantly increased. However, use of cellular telephones continues to expose users to risks of eavesdropping, though they have other alternatives as communication instruments (ciphered electronic mail, or private networks) . Known devices for secure communication between cellular telephones or on fixed lines (ISDN, PSTN) are based on ciphering devices incorporated in telephone apparatuses . Ciphering systems for fixed lines (voice or fax) are an excellent solution for the protection of privacy or of classified information. The security level is very high due to the ciphering algorithms used (which are mostly proprietary) . Ciphering fixed telephony systems have limits linked to the limited flexibility of fixed telephone apparatuses. Some solutions, to enhance the operating flexibility of fixed telephony systems (voice and fax) , are integrated with ciphering cellular telephones (GSM, ETACS) , that are able to communicate with fixed devices, achieving a fixed and mobile private network. The most important limit linked to the widespread adoption of these technologies is the high purchase price of the apparatuses. Moreover, systems based on GSM ciphering limit users in the selection of the telephone apparatus (today there are only very few models, derived from series-produced models which are often obsolete) . The high costs of development and production of these solutions do not allow to make immediately available to users the more innovative models of cellular telephones.
The solution with ciphering device incorporated in the GSM telephone apparatus makes it traceable because it is linked, as are all telephones with this standards, with a serial number (IMEI) that identifies each apparatus accessing the operator's network.
A known approach of some interest, in terms of cost efficiency
and flexibility, is the one in which the cryptographic device is physically coupled outside the cellular telephone. In this case, the cryptographic device is, for example, constructed in the form of a shell or battery cover and is connected to the telephone by means of an infrared port or data cable. While this solution is very secure in cryptographic terms (thanks to the high processing capacity of an external device) , is exposed to the risks of interception deriving from the necessary closeness of the cryptographic device to the cellular telephone whereto it is connected.
The present invention, starting from the notion of said drawbacks, aims to remedy it.
Therefore, one object of the present invention is to provide a system and method for the encrypted communication of voice and/or data and/or fax and/or video, as specified in the preamble of the description, which allow to make fully independent the evolution of the technology of the ciphering means from that of telecommunication apparatuses (telephones), which are subject to rapid obsolescence. Another object of the invention is to provide a system and method for the encrypted communication of voice and/or data and/or fax and/or video, in which the means for communication security through telecommunication apparatuses (in particular, cellular telephones) and mobile device for calculation and communication do not depend on the production decisions of the manufacturers of said apparatuses and devices .
Another object of the invention is to provide a system and method as indicated, that allow physically to separate from each other, at a safe distance, the ciphering means and the related telecommunication apparatuses, to protect the user against the possibility of tampering with said apparatuses.
Yet another object of the invention is to provide a system and method as indicated, that to improve the quality of the ciphering means, to personalise the ciphering algorithm and also to act on the data, on fax and/or video images, as well as on voice calls.
A further object of the present invention is to provide a system and method as specified, which are structurally and functionally simple and economical, whilst maintaining very high levels of protection. In view of said objects, the present invention provides a system for the ciphered communication of voice and/or data and/or fax and/or video, as specified in the preamble to the description, whose essential characteristic is set out in claim 1. The invention further provides a method for the ciphered communication of voice and/or data and/or fax and/or video, as specified in the preamble to the description, whose essential characteristic is set out in claim 24.
Further advantageous characteristics are set out in the dependent claims . The aforesaid claims are understood to be reported herein.
The solution idea, as claimed in the appended claims, allows effectively to achieve the objects set out above. It essentially consists of providing a system for the ciphered communication of voice and/or data and/or fax and/or video, as specified in claim 1, wherein the cryptographic devices are physically independent and separate from the corresponding telecommunication apparatuses .
This solution enables not only always to position at a safe distance the ciphering means and the related telecommunication apparatuses, but it also causes the evolution of the technology of the ciphering means no longer to be dependent on the evolution of telephones, which are subject to rapid obsolescence and to the industrial decisions of their manufacturers . This also allows to improve quality, to obtain structural and functional simplifications and to reduce the costs of cryptographic devices .
According to an advantageous embodiment of the invention, the connection technology used between cryptographic devices and respective telecommunication apparatuses and the Bluetooth standard using, for example, mobile communication devices, incorporating said cryptographic devices . Use of the Bluetooth
technology allows to obtain a solution for ciphering communications (voice and/or data and/or fax and/or video) end- to-end. The selection of a mobile communication device allows the utmost operating flexibility, with the freedom to choose the telephone apparatus (GSM, GPRS, UMTS, POTS, ISDN, satellite) to be used with the sole constraint of Bluetooth compatibility. Example of mobile communication devices usable for the purposes of the invention are the palm-top computer version or the Bluetooth headset. In particular, in this example of embodiment of the system of the invention, the cryptographic device consists of ciphering equipment that, using the GSM data channel, ciphers the data stream bit by bit using public an proprietary algorithms . The GSM telephone is used as a modem, which through the Bluetooth connection is connected to the mobile communication device (e.g., palm-top computer, portable computer, Bluetooth headset) incorporating the cryptographic device. The software that ciphers the communication flow also manages one or more cryptographic keys which are used to communicate with the different groups of users. These characteristics (for the palmtop computer and for the portable computer) allow to dial the number (also from the list of telephone numbers stored in the cellular telephone) , independently of the telephone apparatus which can remain far from the user (in any case within 10 metres or 100 metres, depending on the Bluetooth version in use) .
The reception of a call can also be handled without using the telephone. When the call is received, the cryptographic device performs the negotiation (with asymmetric key) of the session key (with symmetric key) to cipher the communication, in a manner that is transparent to the user.
According to the invention, the method for the ciphered communication of data and voice between at least two cryptographic devices, connected with respective telecommunication apparatuses connected in a common telephone network, e.g. GSM /GPRS / UMTS / POTS / ISDN / satellite, essentially consists of the fact that at least a first user, who
wishes to send a protected communication, operates with a first communication device incorporating a respective cryptographic device and which is physically separate and connected, through wired or wireless local connection means, with a respective telecommunication apparatus, in turn connected in said telephone network, so that said first communication device uses said respective telecommunication apparatus to effect transmissions on voice and/or data and/or fax and/or video line, whilst at least another user, who wishes to receive and decipher the communication sent by the first user, operates with at least another telecommunication apparatus connected to said telephone network and connected, through wired or wireless connection means, with a respective second communication device incorporating a cryptographic device and physically separate from said other telecommunication apparatus, which is used by said second communication device for the reception of transmissions on voice and/or data and/or fax and/or video line. Each mobile communication device is programmed or pre-configured with at least one of the following functions: audio acquisition, data acquisition, fax acquisition, video acquisition, audio reproduction, data display, image display, video display, management of cryptographic keys, ciphering functions, authentication functions, in order to incorporate a cryptographic device. Moreover, each cryptographic device is initialised with at least one cryptographic key and carries out the following operations : ciphers and deciphers the incoming and outgoing audio and/or data and/or fax and/or video, manages the corresponding cryptographic keys associating them to the appropriate group or user, sends the ciphered traffic to said telecommunication apparatuses, and receives the ciphered traffic from said telecommunication apparatuses, whilst said telecommunication apparatuses mutually transfer audio and/or data and/or fax and/or video traffic and communicate locally, each with the respective communication device incorporating the related cryptographic device.
The method according to the invention comprises the steps consisting of: a) initialising the cryptographic means or devices, inserting at least one cryptographic key, b) associating at least one recipient user with at least one corresponding cryptographic key, c) negotiating at least one session key for the communication to be activated, and d) ciphered communication between two or more users provided with said communication devices incorporating respective cryptographic devices through respective telecommunication apparatuses .
Said association between cryptographic keys and users takes place through public key certificates, or said association between cryptographic keys and users takes place through the insertion of corresponding tables into the cryptographic device, or said association between cryptographic keys and users takes place by the user' s entering a code for each group of users with which it is necessary to communicate. The present invention shall become more readily apparent from the detailed description that follows, with reference to the accompanying drawings, provided purely by way of non limiting example, in which:
- fig. 1 is a general diagram showing the general configuration of the system for the ciphered communication of data, voice, fax, video in a first example of embodiment of the invention;
Figures 2 through 9 are diagrams illustrating additional examples of embodiment of the system according to the present invention; - fig. 10 is a block diagram illustrating the flow of the audio data during a protected telephone conversation on a common telephone network, according to the system of the invention; fig. 11 is a block diagram illustrating the ciphering algorithm used in the system according to the invention. With reference to Fig. 1, the system for ciphered communication according to the invention is globally designated with the
number 10. It comprises, at one side and available to a first user who wishes to send a protected communication, a communication device 11 incorporating a cryptographic device and which is physically separated at a safe distance (against communication interception) and connected, through wired or wireless local communication means (e.g., Bluetooth or infrared) 12, with a telecommunication apparatus 13, in turn connected, in known fashion, in a telephone network, e.g. fixed network or GSM,
14. The communication device 11 uses the telecommunication apparatus 13 as modem to perform transmissions on voice and/or data and/or fax and/or video line. In mirror fashion, at the other side and available to another user who desires to receive and decipher the communication sent by the first user, the system 10 comprises a telecommunication apparatus 15 connected, in known fashion, the telephone network 14 and connected, through wired or wireless local communication means 16, with a communication device 17 incorporating a cryptographic device and physically separate relative to the telecommunication apparatus
15, which is used by the communication device 17 as a modem for the reception of transmissions on voice and/or data and/or fax and/or video line.
It should be noted that each mobile communication device 11, 17 incorporates a cryptographic device programmed or configured with at least one of the following functions: audio acquisition, data acquisition, fax image acquisition, video acquisition, audio reproduction, data display, fax image display, video display, management of cryptographic keys, ciphering functions, authentication functions. Moreover, each cryptographic device is initialised with at least one cryptographic key and carries out the following operations : ciphers and deciphers the incoming and outgoing audio and/or data and/or fax and/or video, manages the corresponding cryptographic keys associating them to the appropriate group or user, sends the ciphered traffic to said telecommunication apparatuses, and receives the ciphered traffic from said telecommunication apparatuses. Said telecommunication apparatuses 13, 15 mutually transfer audio, data, fax, video
traffic and locally communicate, each with the respective communication devices 11, 17 incorporating the related cryptographic device.
Said association between cryptographic keys and users takes place:
- through public key certificates,
- or through the insertion of corresponding tables into the cryptographic device,
- or by the user's entering a code for each group of user with which it is necessary to communicate.
Said telecommunication apparatuses 13, 15 are both cellular telephones, both suitably adapted fixed network telephones, or a cellular telephone and an adapted fixed network telephone. It should also be noted that said communication devices incorporating respective cryptographic devices communicate with said telecommunication apparatuses through local wireless connection:
- the ciphered traffic comprises a voice and/or data and/or fax and/or video telephone communication; - the ciphered traffic comprises messages which can be transmitted over the cellular telephone network, in particular said messages are SMS (Short Message Service) , or said messages are MMS (Multimedia Messaging Service) , videos, electronic mail messages; - said communication devices incorporating respective cryptographic devices are provided with a display interface for entering said messages.
Fig. 2 but illustrates a second example of embodiment of the system according to the invention, here globally designated by the number 20.
Said system 20 comprises, at one side and available to a first user who desires to send a protected communication, a Bluetooth headset 21, in which is incorporated a cryptographic device. The incorporation of the cryptographic device in the Bluetooth headset 21 is achieved, in known and not illustrated fashion, by modifying the firmware or modifying the hardware of the headset
to cipher the communications and to manage the cryptographic keys. Said headset 21 is connected to a cellular telephone 23 (GSM, GPRS, UMTS, POTS, ISDN, satellite) through Bluetooth connecting means 22 and uses the telephone as a modem to activate protected data communications through a telephone network (GSM, GPRS, UMTS, satellite) 24. The scheme is specular and comprises, at the other side available to another user who desires to be able to receive and decipher the protected communication, a cellular telephone 25 connected with respect to the telephone network 24 and connected, through Bluetooth connection means 26, to a Bluetooth headset 27 provided with cryptographic device (end-to-end) .
Fig. 3 illustrates a third example of embodiment of the system according to the invention, here globally designated by the number 30.
Said system 30 comprises, at one side and available to a first user who desires to send a protected communication, a Bluetooth palm-top computer 31, incorporating a cryptographic device obtained, in known fashion not illustrated herein, by modifying the hardware and/or installing appropriate software realised to cipher communications and manage the cryptographic keys. The palm-top computer 31 is connected, through Bluetooth connection means 32 (or via wire or through a wireless connection) , with a cellular telephone 33 (connected with respect to a (GSM/UMTS/GPRS/satellite telephone network 34) . The palm-top computer 31 uses the cellular telephone 33 as a modem to perform protected transmissions on the data line. The conversation is carried out using the speaker and the microphone of the palm-top 31 or by means of a wired headset 31.1 or else through a Bluetooth headset (not modified) . The system 30 is mirror-like and it provides for another user to have available a cellular telephone 35 connected with respect to the telephone network 34 and with a ciphering palm-top computer 37, of the same type as the palm-top computer 31, and connected with respect to said cellular telephone 35 by means of Bluetooth connection means 36. The reference number 37.1 designates a headset.
Fig. 4 illustrates a fourth example of embodiment of the system of the invention, in two different variants, according to Figures 4.1 and 4.2 respectively..
In both illustrated variants, the system assures a protected conversation between a cellular telephone user and a user employing a telephone of a fixed line. Figure 4.1
The according to the invention is designated herein by the reference 4.10 and it comprises, at one side and available to a first user who desires to send a protected communication, a Bluetooth headset 4.11, in which is incorporated a cryptographic device (as in the Bluetooth headset 21 of Fig. 2) . Said headset 4.11 is connected to a cellular telephone 4.13 (GSM/UMTS/GPRS/satellite) through Bluetooth connection means 4.12 and uses the telephone itself as a modem to activate protected transmissions of data and/or voice and/or fax and/or video through a GSM /GPRS/ UMTS / POTS / ISDN / satellite telephone network 4.14. At the other side of the network 4.14, and available to another user who wants to be able receive and decipher the protected communication, is connected a fixed telephone 4.15, which is modified by incorporating a cryptographic device therein (or is connected to a ciphering device) , in order to synchronise with the mobile telephones, manage cryptographic keys and cipher/decipher a data and/or voice and/or fax and/or video transmission. Said fixed telephone 4.15 is connected, through Bluetooth connection means 4.16, with respect to a Bluetooth headset, an audio-receiving headset or a wire handset 4.17. If the cryptographic device is not incorporated in the fixed telephone 4.15, then it is incorporated in the Bluetooth headset, or in the audio-receiving headset or in the wire handset 4.17. Figure 4.2
The according to the invention is designated herein by the reference 4.20 and it comprises, at one side and available to a first user who desires to send a protected communication, a Bluetooth palm-top computer 4.21, incorporating a cryptographic
device as in the palm-top computer 31 of Fig. 3. The palm-top computer 4.21 is connected, through Bluetooth connection means 4.22, with a cellular telephone 4.23 (connected with respect to a (GSM/GPRS/UMTS/POTS/ISDN/satellite telephone network 4.24) . The palm-top computer 4.21 uses the cellular telephone 4.23 as a modem to perform protected transmissions on the data and/or voice and/or fax and/or video line. The conversation is carried out using the speaker and the microphone of the palm-top 4.21 or by means of a wired headset 4.21.1 or else through a Bluetooth headset (not modified) .
At the other side of the network 4.24, and available to another user who wants to be able receive and decipher the protected communication, is connected a fixed telephone 4.25, which is modified by incorporating a cryptographic device therein (or is connected to a ciphering device) , in order to synchronise with the mobile telephones, manage cryptographic keys and cipher/decipher a data and/or voice and/or fax and/or video transmission. Said fixed telephone 4.25 is connected via wire 4.26 to a headset or a wire handset 4.27. If the cryptographic device is not incorporated in the fixed telephone 4.25, then it is incorporated in the headset or in the wire handset 4.27.
Fig. 5 illustrates a fifth example of embodiment of the system according to the invention, here designated by the number 50. Said system 50 comprises, at one side and available to a first user who desires to send a protected communication, a Bluetooth headset 51, in which is incorporated a cryptographic device (as in the headset 21 of Fig. 2) . The headset 51 is connected to a cellular telephone 53 (GSM/GPRS/UMTS) through Bluetooth connection means 52 and uses the telephone itself as a modem to activate protected transmissions of data and/or voice and/or fax and/or video through a GSM (or GPRS) or UMTS network 54. At the other end of the network 54 and available to another user who wants to be able to receive and decipher the protected communication, is connected a cellular telephone 55 connected both with respect to the telephone network 54 and with respect
to a ciphering palm-top computer 57, of the same type as the palm-top computer 31, and connected with respect to said cellular telephone 55 by Bluetooth connection means 56. A wire headset 57.1 is also connected to said palm-top computer 57. Fig. 6 illustrates a sixth example of embodiment of the system according to the invention, here designated by the number 60. Said system 60 comprises, at one side and available to a first user who desires to send a protected communication, an integrated palm-top computer 61, incorporating a cryptographic device obtained, in known fashion not illustrated herein, by modifying the hardware and/or installing appropriate software realised to cipher communications and manage the cryptographic keys . Said integrated palm-top computer 61 includes within it an incorporated cellular telephone and communicates therewith through a direct wired connection, whilst said cellular telephone is connected with respect to a GSM/UMTS/ GPRS/ satellite telephone network 64. The integrated palm-top computer 61 uses the incorporated cellular telephone as a modem to perform protected transmissions on the voice and/or on the data line. The conversation is carried out using the speaker and the microphone of the palm-top 61 or by means of a wired headset or else through a Bluetooth headset (not modified) . The system 60 is mirror-like and it provides for another user to have available another integrated palm-top computer 62 of the same type as the palm-top computer 61 and connected with respect to the telephone network 64.
Fig. 7 illustrates a seventh example of embodiment of the system according to the invention, here designated by the number 70. In this case, a first user who wants to send a protected communication uses an integrated palm-top computer 71 of the same kind as the palm-top computer 61 according to the sixth embodiment and which is connected with respect to a GSM/UMTS/GPRS/satellite telephone network 74. On the other side, another user is connected to the same network by means of a Smartphone 75 with pocket PC operating system and connected, through Bluetooth connecting means 76, to a Bluetooth headset 77
provided with incorporated cryptographic device.
Fig. 8 illustrates an eighth example of embodiment of the system according to the invention, here designated by the number 80. Said system 80 comprises, at one side and available to a first user who desires to send a protected communication, a Smartphone 81 with pocket PC operating system, in which is incorporated a cryptographic device obtained in known fashion and not illustrated herein. Said Smartphone 81 is connected with respect to a GSM/GPRS/UMTS/POTS/ISDN/satellite telephone network 84 (the conversation is achieved, for example, using the speaker and the microphone of the Smartphone 81) .
At the other side of the network 84, and available to another user who wants to be able receive and decipher the protected communication, is connected a fixed telephone 85, which is connected by means of a wire 86 to a headset or to a wire handset 87. Said headset or handset 87 is modified, . in known fashion, by incorporating a cryptographic device, in order to manage cryptographic keys and cipher/decipher a data and/or voice and/or fax and/or video transmission. Fig. 9 illustrates a ninth example of embodiment of the system according to the invention, here designated by the number 90. In this case too, a first user who wants to send a protected communication uses a Smartphone 91 of the same kind as the palm- Smartphone 81 according to the eighth embodiment and which is connected with respect to a GSM/UMTS/GPRS/satellite telephone network 94. At the other end of the network 94, and available to another user who wants to be able to receive and decipher the protected communication, is connected a fixed telephone 95, which is connected, Bluetooth connecting means 96, with respect to a Bluetooth headset 97, or to an audio-receiving headset or to a wire headset. Said headset 97, or said headset or handset are modified, in known fashion, incorporating therein a cryptographic device, in order to manage cryptographic keys and cipher/decipher a data and/or voice and/or fax and/or video transmission.
Fig. 10 shows the flow of audio data during a protected
telephone conversation on a common telephone network, according to the system of the invention, between a first apparatus A, including a communication device, which incorporates a cryptographic device and connected, through wired or wireless local connection means, with respect to a corresponding telecommunication apparatus connected in said network, and a second apparatus B, including a communication device, incorporating a cryptographic device and connected, through wired or wireless local connection means, with respect to a corresponding telecommunication apparatus, in turn connected in said network.
During the telephone call, the audio recorded by the microphone of the apparatus A is immediately subdivided into small blocks (of about 1-2 tenths each, depending on the set parameter values) . Each of these blocks is then drawn by an appropriate thread, which processes it (compresses it, ciphers, etc.) and lastly sends it over the GSM data line.
At the other end of the communication, the other apparatus B receives the data from the modem of the telecommunication apparatus and immediately subdivides them into the compressed elementary audio blocks of the Audio codec in use; it then processes them to reconstruct audio blocks to be sent to the audio board for reproduction. Obviously during the telephone call each apparatus manages both the audio captured by the microphone (to be sent) and the audio received by the GSM channel (to be reproduced) . The overall flow is, obviously, two-directional.
Fig. 11 schematically shows the ciphering algorithm used in the system according to the present invention. Said ciphering mechanism is composed by the union of two codes, a public one AES and a proprietary one, which use the hash of the key K reprocessed and subdivided (in similar fashion to the HMAC) into Kl and K2. At each telephone call, two distinct IV1 vectors are generated, whilst the IV2 vector is the same for all telephone calls and can vary only in reference to the context in which the application is used. Fig. 11 refers to a single
direction of the telephone conversation, so an IV1 is used to initialise both the proprietary and the public algorithm. A logic XOR operation is then carried out on the KeyStreams KS1, KS2 produced by the two algorithms, and the result is in turn placed in XOR with the audio bit stream in the clear, thereby producing the ciphered audio bit stream. Deciphering takes place in complementary fashion, exploiting the property of the XOR: the ciphered stream is placed in XOR with the result of the XOR between the two algorithms, the proprietary one and the public one, obtaining the bit stream in the clear again.
It should be noted that in the above examples of embodiment of the system according to the invention, reference is made to a single user who sends a ciphered message and to a corresponding single user who receives it and deciphers it. However, the invention is obviously not limited to this application, as the protected communication and the related deciphering can take place between more than two users or groups of users . Moreover, the operation of the system described and illustrated herein is obviously reversible, since the receiver can, in turn, send a protected communication to the user.