WO1999041877A2 - Method and arrangement for ciphering information transfer - Google Patents

Method and arrangement for ciphering information transfer Download PDF

Info

Publication number
WO1999041877A2
WO1999041877A2 PCT/FI1999/000113 FI9900113W WO9941877A2 WO 1999041877 A2 WO1999041877 A2 WO 1999041877A2 FI 9900113 W FI9900113 W FI 9900113W WO 9941877 A2 WO9941877 A2 WO 9941877A2
Authority
WO
WIPO (PCT)
Prior art keywords
ciphering
information
burst
block
transferred
Prior art date
Application number
PCT/FI1999/000113
Other languages
French (fr)
Other versions
WO1999041877A3 (en
Inventor
Markus Hakaste
Original Assignee
Nokia Mobile Phones Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Mobile Phones Limited filed Critical Nokia Mobile Phones Limited
Priority to JP54107899A priority Critical patent/JP2001520841A/en
Priority to EP99903711A priority patent/EP0976218A2/en
Priority to AU24271/99A priority patent/AU2427199A/en
Publication of WO1999041877A2 publication Critical patent/WO1999041877A2/en
Publication of WO1999041877A3 publication Critical patent/WO1999041877A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0827Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving distinctive intermediate devices or communication paths
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/12Transmitting and receiving encryption devices synchronised or initially set up in a particular manner
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Definitions

  • the invention relates to a method and arrangement for ciphering information transfer.
  • the invention can be advantageously applied in a time division multiple access (TDMA) cellular system offering broadband circuit switched services.
  • TDMA time division multiple access
  • TDMA time division multiple access
  • GSM Global System for Mobile communications
  • each traffic channel uses TDMA frames comprising eight time slots.
  • a call is conventionally established in such a manner that one time slot is reserved for the call and the transmission channel provided by that time slot is then used for the whole duration of the call. If, however, the mobile station moves from the area of a base station to that of another, a handover is carried out and a channel using a new time slot is established between the new active base station and the mobile station.
  • Fig. 1 shows a GSM TDMA frame comprising eight time slots 0 to 7. Separately shown are transmission frame TX and reception frame RX.
  • transmission frame means a frame sent by the mobile station, i.e. an uplink TDMA frame
  • reception frame means a frame received by the mobile station, i.e. a downlink TDMA frame.
  • a cross in Fig. 1 marks the time slot 1 which in the call depicted by the example is used in both uplink and downlink transmission. It should be noted that in the downlink and uplink directions there is a delay between the frames, which is why time slots represented by corresponding numbers are not simultaneous in the different transfer directions.
  • HCSD Broadband high speed circuit switched data
  • the number of uplink time slots may be equal to that of downlink time slots, in which case the configuration is symmetrical, or it may be unequal, in which case the configuration is asymmetrical.
  • Time slots used are specified during call establishment and the system indicates the time slots used as well as the related parameters to the mobile station.
  • Said para- meters include, for example, the ciphering key used in ciphering/deciphering.
  • the number of time slots used can also be changed during a call.
  • Fig. 2 shows a TDMA frame in conjunction with a HSCSD call using two time slots 1 and 2 in the uplink direction TX and three time slots 0 to 2 in the downlink direction RX.
  • Fig. 3 illustrates the use of a time slot in the GSM system.
  • a burst transferred in a time slot contains training sequence symbols TSS 33, two sequences IS1 and IS2 consisting of information symbols, 31 and 32, and tail symbols TS1 and TS2, 30 and 34, respectively.
  • time slots are separated by guard periods GP, 35.
  • a conventional GSM system uses GMSK modulation to modulate the data into the burst.
  • EDGE Enhanced Data rates for GSM Evolution
  • B-O- QAM binary order quadrature amplitude modulation
  • Q-O-QAM quadrature order quadrature amplitude modulation
  • CCM code pulse modulation
  • the symbol rate can be generated from a 13-MHz clock frequency by dividing by 36, for example, while in the conventional GSM system the divisor is 48. Thus the symbol rate becomes 361.111 ksps (kilosymbols per second).
  • Q-O-QAM modulation a symbol comprises 2 bits, so the modulation bit rate is 722.222 kbps (kilobits per second).
  • B-O-QAM modulation a symbol comprises one bit, so the modulation bit rate is 361.111 kbps.
  • Table 1 below lists the most important modulation characteristics of the GSM system and the system using QAM modulation.
  • a burst in one time slot can transfer 208.333 symbols, whereas the GSM system can only transfer 156.25 symbols.
  • Table 2 shows the time slot sequence lengths in the GSM system and in the system based on QAM modulation. The portion of the stealing flag is shown separately in the numbers of information symbols and bits.
  • the ciphering of information transferred is based on the use of the so-called A5 ciphering algorithm.
  • the ciphering algorithm is used to produce a 114-bit pseudo-random ciphering sequence which is used to encrypt the 114 information bits transferred in one burst.
  • a ciphered 114-bit sequence is produced by performing an exclusive-or (xor) operation between the unciphered information and the ciphering sequence.
  • the ciphered information is deciphered at the receiving end by producing the same ciphering sequence and carrying out an xor operation between the ciphering sequence and the received bit sequence.
  • the A5 algorithm is not public but as regards its structure it is a conventional ciphering algorithm using two input parameters.
  • the first input parameter so-called COUNT value
  • COUNT value is derived from the TDMA frame number and transferred on the synchronization channel SCH.
  • the COUNT value is used for producing ciphering blocks for bursts in sequential TDMA frames.
  • the second input parameter is a call specific ciphering key Kc which is transferred on a data transmission channel prior to call establishment.
  • ciphering key Kc is used in time slot 0 if that is in use.
  • the method above is used for creating for all bursts different ciphering bit blocks within a TDMA frame and between TDMA frames.
  • the use of multiple input parameters in the A5 algorithm makes it possible to avoid long text sequences ciphered with one and the same ciphering block. This way, the encryption function of the conventional GSM system can be made comparatively reliable.
  • Ciphering methods for the GSM system are described in more detail in [2], chapter 4.
  • An object of the present invention is to avoid aforementioned disadvantages of the prior art by providing an arrangement in which the attainable reliability of en- cryption is better than in known solutions and in which the level of reliability of encryption can be changed if desired.
  • An essential idea of the invention is that the information transferred in a burst is divided into at least two blocks and said blocks are ciphered in a non-identical manner. Then the ciphering reliability is better as the amount of information encoded with one and the same ciphering algorithm and key is smaller. Furthermore, the level of ciphering reliability can be changed by altering the number and/or size of information blocks in the burst. Since the information block size can be e.g. 114 bits, which is used in the GSM system, application of the invention will not require that the construction of the mobile station be made more complex.
  • Fig. 4 shows in general an arrangement according to the invention for ciphering the information related to a burst.
  • a block contains Y information bits of a burst to be ciphered, divided into s+1 sub-blocks each of which comprises y bits.
  • Sub-blocks are created in accordance with predetermined rules. In the example depicted in Fig. 4, the bits to be transferred first are transferred in the first sub-block, the bits to be transferred second are transferred in the second sub-block, etc. However, other ways of forming the sub-blocks can be applied, too. Since in the situation according to Fig. 4 the number of information bits in a burst, i.e.
  • the block size Y is a multiple of the number of bits y in a sub-block, all sub-blocks are of the same length.
  • a ciphering sequence block 0 to s is formed for each sub-block in a manner described later on.
  • An xor operation is performed between the information bits and ciphering bits, producing Y ciphered information bits for one burst.
  • Fig. 5 shows a situation in which an information bit block related to a burst, comprising Y bits to be ciphered, is divided into sub-blocks 114 bits long.
  • the block size Y is not a multiple of the number of bits y in a sub-block, so the last sub-block s will not be full.
  • the last sub-block s may comprise less than 114 bits.
  • the remaining bits are the most significant bits of the last sub-block and they are binary added to the corresponding bits of the last ciphering block.
  • the ciphering sequence blocks are generated in the same manner as in the situation depicted in Fig. 4, producing after an xor operation a block of Y ciphered information bits for one burst.
  • the method according to the invention for ciphering a TDMA data transfer call wherein transferred information is modulated into at least one burst of a TDMA frame and transferred information is ciphered using a predetermined algorithm and ciphering key, is characterized in that
  • the first block is ciphered using a first ciphering key
  • the second block is ciphered using a second ciphering key, and - said first and second ciphering keys are different from each other.
  • the arrangement according to the invention for ciphering a TDMA information transfer connection in a communications system comprising means for modulating the information to be transferred into at least one burst of a TDMA frame and means for ciphering the information to be transferred using a predetermined algorithm and at least one ciphering key, is characterized in that it further comprises means for dividing the information transferred in said burst into at least two blocks, and means for ciphering the first block using a first ciphering key and the second block using a second ciphering key, said first and second ciphering keys being different from each other.
  • the mobile station comprising means for ciphering a TDMA information transfer connection, including means for modulating the information to be transferred into at least one burst of a TDMA frame and means for ciphering the information to be transferred using a predetermined algorithm and at least one ciphering key, is characterized in that the mobile station further comprises means for dividing the information transferred in said burst into at least two blocks, and means for ciphering the first block using a first ciphering key and the second block using a second ciphering key, said first and second ciphering keys being different from each other.
  • Fig. 1 shows the allocation of a time slot in a TDMA frame in a conventional connection using one time slot
  • Fig. 2 shows the allocation of time slots in a TDMA frame in a HSCSD connection using multiple time slots
  • Fig. 3 illustrates time slot usage in the GSM system
  • Fig. 4 illustrates in accordance with the invention ciphering of information encoded into a burst when the burst comprises an evenly divisible number of information blocks
  • Fig. 5 illustrates in accordance with the invention ciphering of information encoded into a burst when the number of information blocks in the burst is not an evenly divisible figure
  • Fig. 6 shows in the form of flow diagram a method according to the invention for ciphering information transfer when the connection uses one time slot
  • Fig. 7 shows in the form of flow diagram a method according to the invention for ciphering information transfer when the connection uses multiple time slots
  • Fig. 8 shows in the form of block diagram a mobile station according to the invention and its connection to a cellular system.
  • Fig. 6 it will be now described in more detail a method according to the invention for ciphering information transfer on a communications connection using one time slot, and referring to Fig. 7, it will be described a method according to the invention for a communications connection using multiple time slots. Then, referring to Fig. 8, it will be described an arrangement for realizing a mobile station according to the invention.
  • Fig. 6 shows a method according to the invention for ciphering a connection using one time slot, 600.
  • a connection specific ciphering key Kc is created and trans- ferred on the information transfer channel so that both the transmitter and receiver use the same connection key, step 610.
  • normal call establishment is carried out, step 620.
  • Information to be transferred is divided into blocks the size of which in the example case is 114 bits, step 630.
  • a block specific ciphering key Kcs is created in step 650.
  • KcO Kc.
  • the block specific ciphering key is created using the connection specific ciphering key Kc and the sub-block number BM as follows:
  • Kcs(i) Kc(i) xor BMs(i) (1)
  • xor stands for bitwise binary addition.
  • BM(i) stands for 64-bit binary encoding of the sub-block number BM.
  • the sub-block number may obtain values in the range 0 to DIV(Y,114), where Y is the total number of information bits to be ciphered in one burst, i.e. the block size.
  • Index s denotes the sub-block index and i denotes binary form.
  • a block specific ciphering sequence Scs is created, step 660. After that, an information sub-block is ciphered using the ciphering sequence block, producing a ciphered information block Ccs.
  • step 650 If there are still information blocks in the burst to be ciphered, operation returns to step 650.
  • the ciphered information blocks are modulated into the burst and the burst is transmitted to the information transfer channel, step 685. Steps 630 to 685 are continued until the connection is terminated, 699.
  • a received burst is decoded following corresponding deciphering steps.
  • Fig. 7 shows a ciphering method 700 according to the invention in which information transfer in the HSCSD case uses one or more time slots of a TDMA frame.
  • a connection specific ciphering key Kc is created first, step 710.
  • information in each time slot is divided into blocks Ins, step 730.
  • a time slot specific ciphering key Ken is created, where n stands for the number of the time slot in the TDMA frame.
  • the ciphering key Ken is generated using the connection specific ciphering key Kc and time slot number BN as follows:
  • Equation (2) operation «32 represents a 32-bit shift.
  • step 750 a new connection specific ciphering key Kens is created for the information block in the burst on the basis of the sub-block number BM as follows:
  • xor stands for bitwise binary addition
  • BM(i) stands for binary encoding of the value of the sub-block number BM into 64 bits.
  • the time slot number should be indicated using a different part of the bit sequence than that used to indicate the time slot number in the HSCSD solution, lest the effect of the parameters in the multichannel case be canceled. Namely, if the bits in question are summed at the same point of the bit sequence, the reliability of encryption might be degraded because the time slot number and sub-block number are data that a third party could find out. In the HSCSD solution in use, the bits indicating the time slot are situated in the middle of the 64-bit sequence.
  • the ciphering key produced is used to generate a block specific ciphering sequence Sens in step 760 which is used to calculate the ciphered information block Ccns, step 770.
  • Steps 750 to 770 are repeated until all information blocks in the burst have been ciphered, 780, whereafter the burst is generated and transmitted, 785.
  • steps 740 to 785 are repeated until all bursts of the time slots used by the connection have been ciphered and transmitted, 790, after which the operation returns 795 to step 730 until the connection is terminated, 799.
  • the deciphering in the reception is carried out according to steps corresponding to those used in the ciphering in the transmission.
  • Fig. 8 shows in the form of a simplified block diagram a mobile station 800 according to the invention and its connection to a cellular system.
  • the mobile station comprises an antenna 801 to receive a radio-frequency, or RF, signal sent by a base station.
  • the received RF signal is taken e.g. by means of a duplex filter or switch 802 to a RF receiver 811 where the signal is amplified and converted digital.
  • the signal is detected and demodulated in block 812.
  • Block 813 performs deciphering according to the present invention as well as deinterleaving.
  • Signal processing is then performed in block 830 according to whether the information transferred is speech or data.
  • Data can be stored as such in the mobile station's memory 804 or, alternatively, processed data are transferred after signal processing to a possible external device such as a computer. Possible processed speech signal is taken to an earphone (not shown).
  • a control unit controls aforementioned receiving blocks in accordance with a program stored in the unit. The control unit controls block 813 in such a manner that deciphering of data received from the system is carried out as described above.
  • Transmission from a mobile station in accordance with the invention is carried out e.g. as follows. Controlled by a control unit 803, block 833 performs the signal processing and block 821 performs the interleaving and ciphering according to the invention for the processed signal (data/speech) to be transferred. Bursts are generated from the encoded data in block 822 which are modulated and amplified into a transmission RF signal, block 823. The RF signal to be transmitted is taken to an antenna 801 via a duplex filter 802, for example. Also the aforementioned processing and transmission functions are controlled by a control unit 803.
  • control unit controls block 821 in such a manner that the information in each burst is ciphered according to the invention using separate ciphering sequences for each information block.
  • control unit reads from the memory 804 the necessary ciphering parameters.
  • control unit 803 monitors the SCH channel to receive the COUNT value.
  • the COUNT value is received at the beginning of the connection or when the synchronization is restored after a visit outside the coverage area or in connection with a handover.
  • Fig. 8 shows a keypad 831 and display 832 belonging to a normal mobile station.
  • Blocks of a mobile station according to the invention can be formed using known components.
  • the control unit controlling the other units carries out the block control functions in accordance with special software, thus realizing the aforementioned block functions according to the invention.
  • Fig. 8 shows the parts of the cellular system that are used in the call establishment and information transfer.
  • RF signal transmission and reception are carried out through an antenna 850 in a base station 851.
  • An information transfer connection is created from the base station 851 via a base station controller 852 to a switching center 853.
  • the switching center 853 is connected to a home location register 854 and public switched telephone network PSTN, for example.
  • the ciphering and deciphering according to the invention are performed at a base station by means of blocks corresponding to those of a mobile station.
  • the invention is not limited to the GSM system but can be well applied to other systems using the TDMA method and also systems using the code division multiple access, or CDMA, method.
  • the invention is not limited to the modulation methods mentioned above but it can be applied in conjunction with other modulation methods, too.
  • the invention is not limited to data transfer but can be applied to the transfer of speech as well.
  • the invention also comprises ciphering on those signalling channels where new modulation might be needed.
  • Such channels in the GSM/EDGE system could be e.g. the fast associated control channel FACCH, as well as the SACCH and SDCCH channels.
  • configurations more complex than those described can occur in various situations within the scope of the principle of the invention.
  • ETSI STC SMG2 EDGE Tdoc 332/97 Feasibility Study version 1.0, Work Item 184: Improved Data Rates through Optimised Modulation, Ericsson, Nokia, December 1-5, 1997.

Abstract

The invention relates to a method and arrangement for ciphering an information transfer connection. The invention can be advantageously applied in a TDMA (Time Division Multiple Access) cellular system offering broadband circuit switched services. An essential idea of the invention is that the information to be ciphered in a transmission burst is divided into at least two blocks (730) and said blocks are ciphered in ways that are not identical with each other (750 to 770). Then the reliability of ciphering is better because the amount of information encoded using one and the same ciphering algorithm and key is smaller. In addition, the reliability of the ciphering can be varied by changing the number and/or size of the information blocks in a burst.

Description

Method and arrangement for ciphering information transfer
The invention relates to a method and arrangement for ciphering information transfer. The invention can be advantageously applied in a time division multiple access (TDMA) cellular system offering broadband circuit switched services.
The prior art will be now described, discussing first the use of time slots in the GSM (Global System for Mobile communications) system and the coding of information in a burst transferred in a time slot. Then it will be described a known method for ciphering information transfer in said system as well as the disadvantages related to it.
Current mobile communication networks generally use the time division multiple access (TDMA) method. For example, in the GSM system each traffic channel uses TDMA frames comprising eight time slots. In mobile communication systems a call is conventionally established in such a manner that one time slot is reserved for the call and the transmission channel provided by that time slot is then used for the whole duration of the call. If, however, the mobile station moves from the area of a base station to that of another, a handover is carried out and a channel using a new time slot is established between the new active base station and the mobile station.
Fig. 1 shows a GSM TDMA frame comprising eight time slots 0 to 7. Separately shown are transmission frame TX and reception frame RX. Here, transmission frame means a frame sent by the mobile station, i.e. an uplink TDMA frame, and reception frame means a frame received by the mobile station, i.e. a downlink TDMA frame. A cross in Fig. 1 marks the time slot 1 which in the call depicted by the example is used in both uplink and downlink transmission. It should be noted that in the downlink and uplink directions there is a delay between the frames, which is why time slots represented by corresponding numbers are not simultaneous in the different transfer directions.
Broadband high speed circuit switched data (HSCSD) services, in which a call uses more than one time slot in order to speed up the communications rate, have been introduced especially for data transmission services. The number of uplink time slots may be equal to that of downlink time slots, in which case the configuration is symmetrical, or it may be unequal, in which case the configuration is asymmetrical. Time slots used are specified during call establishment and the system indicates the time slots used as well as the related parameters to the mobile station. Said para- meters include, for example, the ciphering key used in ciphering/deciphering. The number of time slots used can also be changed during a call.
Fig. 2 shows a TDMA frame in conjunction with a HSCSD call using two time slots 1 and 2 in the uplink direction TX and three time slots 0 to 2 in the downlink direction RX.
Fig. 3 illustrates the use of a time slot in the GSM system. A burst transferred in a time slot contains training sequence symbols TSS 33, two sequences IS1 and IS2 consisting of information symbols, 31 and 32, and tail symbols TS1 and TS2, 30 and 34, respectively. In addition, time slots are separated by guard periods GP, 35. A conventional GSM system uses GMSK modulation to modulate the data into the burst.
Furthermore, there are new solutions to increase the transfer capacity by changing the method of modulation of the burst transmitted in a time slot. One such solution is the so-called EDGE (Enhanced Data rates for GSM Evolution) system which is now being developed and is based on the GSM system. In that solution, GMSK modulation may be replaced by binary order quadrature amplitude modulation (B-O- QAM), quadrature order quadrature amplitude modulation (Q-O-QAM) or by code pulse modulation (CPM), for example. Possible characteristics of the EDGE system are described e.g. in [1]. To illustrate the invention we will examine in this patent application some of the arrangements to implement the EDGE system discussed in said document. Those arrangements will be below called the "EDGE system" although the characteristics of the eventual implemented EDGE system might be different from those described here.
When using fast modulation, the symbol rate can be generated from a 13-MHz clock frequency by dividing by 36, for example, while in the conventional GSM system the divisor is 48. Thus the symbol rate becomes 361.111 ksps (kilosymbols per second). When using Q-O-QAM modulation, a symbol comprises 2 bits, so the modulation bit rate is 722.222 kbps (kilobits per second). When using B-O-QAM modulation, a symbol comprises one bit, so the modulation bit rate is 361.111 kbps.
Table 1 below lists the most important modulation characteristics of the GSM system and the system using QAM modulation.
Figure imgf000005_0001
Table 1
So, using QAM modulation, a burst in one time slot can transfer 208.333 symbols, whereas the GSM system can only transfer 156.25 symbols.
Table 2 below shows the time slot sequence lengths in the GSM system and in the system based on QAM modulation. The portion of the stealing flag is shown separately in the numbers of information symbols and bits.
Figure imgf000005_0002
Table 2
In the GSM system the ciphering of information transferred is based on the use of the so-called A5 ciphering algorithm. The ciphering algorithm is used to produce a 114-bit pseudo-random ciphering sequence which is used to encrypt the 114 information bits transferred in one burst. A ciphered 114-bit sequence is produced by performing an exclusive-or (xor) operation between the unciphered information and the ciphering sequence. Similarly, the ciphered information is deciphered at the receiving end by producing the same ciphering sequence and carrying out an xor operation between the ciphering sequence and the received bit sequence.
The A5 algorithm is not public but as regards its structure it is a conventional ciphering algorithm using two input parameters. The first input parameter, so-called COUNT value, is derived from the TDMA frame number and transferred on the synchronization channel SCH. The COUNT value is used for producing ciphering blocks for bursts in sequential TDMA frames. The second input parameter is a call specific ciphering key Kc which is transferred on a data transmission channel prior to call establishment.
Different connections and time slots within a TDMA frame are distinguished using separate ciphering keys. If a connection uses more than one time slot, ciphering key Kc is used in time slot 0 if that is in use. In addition, ciphering key Kc is used to produce the ciphering keys Ken (n = 0 to 7) for the other time slots.
The method above is used for creating for all bursts different ciphering bit blocks within a TDMA frame and between TDMA frames. The use of multiple input parameters in the A5 algorithm makes it possible to avoid long text sequences ciphered with one and the same ciphering block. This way, the encryption function of the conventional GSM system can be made comparatively reliable.
Ciphering methods for the GSM system are described in more detail in [2], chapter 4.
Prior- art arrangements, however, have limitations. The reliability of encryption largely depends on how much information is transferred using the same ciphering algorithm and key. The greater the amount of information transferred using the same algorithm/key, the easier it is to crack the encryption. In known arrangements one and the same ciphering algorithm and key are used to code one burst. When the amount of information in the burst is fixed, the encryption has a certain predetermined reliability. Thus, known arrangements do not allow selection of the reliability level of encryption according to need.
Also, when using modulation methods in which greater amounts of data are modulated into one burst, the reliability of the encryption becomes lower. A situation may then occur in which the reliability of encryption is inadequate.
Furthermore, known solutions have the disadvantage that when new modulation methods are introduced, longer information blocks and ciphering sequences have to be handled in conjunction with ciphering, which may call for changes in the transmitter and receiver construction.
An object of the present invention is to avoid aforementioned disadvantages of the prior art by providing an arrangement in which the attainable reliability of en- cryption is better than in known solutions and in which the level of reliability of encryption can be changed if desired.
An essential idea of the invention is that the information transferred in a burst is divided into at least two blocks and said blocks are ciphered in a non-identical manner. Then the ciphering reliability is better as the amount of information encoded with one and the same ciphering algorithm and key is smaller. Furthermore, the level of ciphering reliability can be changed by altering the number and/or size of information blocks in the burst. Since the information block size can be e.g. 114 bits, which is used in the GSM system, application of the invention will not require that the construction of the mobile station be made more complex.
Fig. 4 shows in general an arrangement according to the invention for ciphering the information related to a burst. A block contains Y information bits of a burst to be ciphered, divided into s+1 sub-blocks each of which comprises y bits. Sub-blocks are created in accordance with predetermined rules. In the example depicted in Fig. 4, the bits to be transferred first are transferred in the first sub-block, the bits to be transferred second are transferred in the second sub-block, etc. However, other ways of forming the sub-blocks can be applied, too. Since in the situation according to Fig. 4 the number of information bits in a burst, i.e. the block size Y, is a multiple of the number of bits y in a sub-block, all sub-blocks are of the same length. A ciphering sequence block 0 to s is formed for each sub-block in a manner described later on. An xor operation is performed between the information bits and ciphering bits, producing Y ciphered information bits for one burst.
Fig. 5 shows a situation in which an information bit block related to a burst, comprising Y bits to be ciphered, is divided into sub-blocks 114 bits long. In this case the block size Y is not a multiple of the number of bits y in a sub-block, so the last sub-block s will not be full. As the number of bits in one burst may not necessarily be divisible by 114, the last sub-block s may comprise less than 114 bits. The remaining bits are the most significant bits of the last sub-block and they are binary added to the corresponding bits of the last ciphering block. The ciphering sequence blocks are generated in the same manner as in the situation depicted in Fig. 4, producing after an xor operation a block of Y ciphered information bits for one burst.
The method according to the invention for ciphering a TDMA data transfer call, wherein transferred information is modulated into at least one burst of a TDMA frame and transferred information is ciphered using a predetermined algorithm and ciphering key, is characterized in that
- information transferred in one burst is divided into at least two blocks,
- the first block is ciphered using a first ciphering key,
- the second block is ciphered using a second ciphering key, and - said first and second ciphering keys are different from each other.
The arrangement according to the invention for ciphering a TDMA information transfer connection in a communications system, comprising means for modulating the information to be transferred into at least one burst of a TDMA frame and means for ciphering the information to be transferred using a predetermined algorithm and at least one ciphering key, is characterized in that it further comprises means for dividing the information transferred in said burst into at least two blocks, and means for ciphering the first block using a first ciphering key and the second block using a second ciphering key, said first and second ciphering keys being different from each other.
The mobile station according to the invention, comprising means for ciphering a TDMA information transfer connection, including means for modulating the information to be transferred into at least one burst of a TDMA frame and means for ciphering the information to be transferred using a predetermined algorithm and at least one ciphering key, is characterized in that the mobile station further comprises means for dividing the information transferred in said burst into at least two blocks, and means for ciphering the first block using a first ciphering key and the second block using a second ciphering key, said first and second ciphering keys being different from each other.
Preferred embodiments of the invention are described in the dependent claims.
Embodiments of the invention will now be described in more detail with reference to the accompanying drawing wherein
Fig. 1 shows the allocation of a time slot in a TDMA frame in a conventional connection using one time slot, Fig. 2 shows the allocation of time slots in a TDMA frame in a HSCSD connection using multiple time slots, Fig. 3 illustrates time slot usage in the GSM system,
Fig. 4 illustrates in accordance with the invention ciphering of information encoded into a burst when the burst comprises an evenly divisible number of information blocks, Fig. 5 illustrates in accordance with the invention ciphering of information encoded into a burst when the number of information blocks in the burst is not an evenly divisible figure, Fig. 6 shows in the form of flow diagram a method according to the invention for ciphering information transfer when the connection uses one time slot, Fig. 7 shows in the form of flow diagram a method according to the invention for ciphering information transfer when the connection uses multiple time slots, and
Fig. 8 shows in the form of block diagram a mobile station according to the invention and its connection to a cellular system.
Figs. 1 to 3 were already discussed above in conjunction with the description of the prior art, and Figs. 4 and 5 were discussed in conjunction with the general description of the invention.
Referring to Fig. 6, it will be now described in more detail a method according to the invention for ciphering information transfer on a communications connection using one time slot, and referring to Fig. 7, it will be described a method according to the invention for a communications connection using multiple time slots. Then, referring to Fig. 8, it will be described an arrangement for realizing a mobile station according to the invention.
Fig. 6 shows a method according to the invention for ciphering a connection using one time slot, 600. First, a connection specific ciphering key Kc is created and trans- ferred on the information transfer channel so that both the transmitter and receiver use the same connection key, step 610. In conjunction with that, normal call establishment is carried out, step 620. Information to be transferred is divided into blocks the size of which in the example case is 114 bits, step 630.
Next, a block specific ciphering key Kcs is created in step 650. The first 114-bit block is advantageously encoded using the same ciphering sequence as in the normal single-slot case because KcO = Kc. For all subsequent sub-blocks 1 to s it is used distinct ciphering sequences derived from the corresponding connection specific ciphering keys Kcl to Kcs.
The block specific ciphering key is created using the connection specific ciphering key Kc and the sub-block number BM as follows:
Kcs(i) = Kc(i) xor BMs(i) (1)
In the equation above, xor stands for bitwise binary addition. BM(i) stands for 64-bit binary encoding of the sub-block number BM. The sub-block number may obtain values in the range 0 to DIV(Y,114), where Y is the total number of information bits to be ciphered in one burst, i.e. the block size. Index s denotes the sub-block index and i denotes binary form.
In a system using the new modulation method the number of information bits to be ciphered in the burst is advantageously 200 to 400. If the number of bits to be ciphered is e.g. 300, the number of sub-blocks is DIV(300,114) = 2. Then the sub- block numbers 0, 1 and 2 are binary-encoded such that the bit sequence contains 62 zeros followed by the two least significant bits, which have the value 00, 01 or 10, depending on the sub-block.
Using a block specific ciphering key, a block specific ciphering sequence Scs is created, step 660. After that, an information sub-block is ciphered using the ciphering sequence block, producing a ciphered information block Ccs.
If there are still information blocks in the burst to be ciphered, operation returns to step 650. When all information blocks in the burst have been ciphered, 680, the ciphered information blocks are modulated into the burst and the burst is transmitted to the information transfer channel, step 685. Steps 630 to 685 are continued until the connection is terminated, 699.
A received burst is decoded following corresponding deciphering steps.
Fig. 7 shows a ciphering method 700 according to the invention in which information transfer in the HSCSD case uses one or more time slots of a TDMA frame. Here, too, a connection specific ciphering key Kc is created first, step 710. After the call has been established, 720, information in each time slot is divided into blocks Ins, step 730. Then, in step 740, a time slot specific ciphering key Ken is created, where n stands for the number of the time slot in the TDMA frame. The ciphering key Ken is generated using the connection specific ciphering key Kc and time slot number BN as follows:
Kcn(i) = Kc(i) xor (BN « 32(0) (2)
In equation (2), operation «32 represents a 32-bit shift.
Then, in step 750, a new connection specific ciphering key Kens is created for the information block in the burst on the basis of the sub-block number BM as follows:
Kcns(i) - Ken (i) xor BMs (i) (3)
As mentioned above in conjunction with the description of Fig. 6, xor stands for bitwise binary addition and BM(i) stands for binary encoding of the value of the sub-block number BM into 64 bits. It should be noted here that the time slot number should be indicated using a different part of the bit sequence than that used to indicate the time slot number in the HSCSD solution, lest the effect of the parameters in the multichannel case be canceled. Namely, if the bits in question are summed at the same point of the bit sequence, the reliability of encryption might be degraded because the time slot number and sub-block number are data that a third party could find out. In the HSCSD solution in use, the bits indicating the time slot are situated in the middle of the 64-bit sequence.
The ciphering key produced is used to generate a block specific ciphering sequence Sens in step 760 which is used to calculate the ciphered information block Ccns, step 770. Steps 750 to 770 are repeated until all information blocks in the burst have been ciphered, 780, whereafter the burst is generated and transmitted, 785. Correspondingly, steps 740 to 785 are repeated until all bursts of the time slots used by the connection have been ciphered and transmitted, 790, after which the operation returns 795 to step 730 until the connection is terminated, 799.
Also in the case of a multislot connection, the deciphering in the reception is carried out according to steps corresponding to those used in the ciphering in the transmission.
Fig. 8 shows in the form of a simplified block diagram a mobile station 800 according to the invention and its connection to a cellular system. The mobile station comprises an antenna 801 to receive a radio-frequency, or RF, signal sent by a base station. The received RF signal is taken e.g. by means of a duplex filter or switch 802 to a RF receiver 811 where the signal is amplified and converted digital. Then the signal is detected and demodulated in block 812. Block 813 performs deciphering according to the present invention as well as deinterleaving. Signal processing is then performed in block 830 according to whether the information transferred is speech or data. Data can be stored as such in the mobile station's memory 804 or, alternatively, processed data are transferred after signal processing to a possible external device such as a computer. Possible processed speech signal is taken to an earphone (not shown). A control unit controls aforementioned receiving blocks in accordance with a program stored in the unit. The control unit controls block 813 in such a manner that deciphering of data received from the system is carried out as described above.
Transmission from a mobile station in accordance with the invention is carried out e.g. as follows. Controlled by a control unit 803, block 833 performs the signal processing and block 821 performs the interleaving and ciphering according to the invention for the processed signal (data/speech) to be transferred. Bursts are generated from the encoded data in block 822 which are modulated and amplified into a transmission RF signal, block 823. The RF signal to be transmitted is taken to an antenna 801 via a duplex filter 802, for example. Also the aforementioned processing and transmission functions are controlled by a control unit 803. Especially the control unit controls block 821 in such a manner that the information in each burst is ciphered according to the invention using separate ciphering sequences for each information block. To that end, the control unit reads from the memory 804 the necessary ciphering parameters. In addition, the control unit 803 monitors the SCH channel to receive the COUNT value. The COUNT value is received at the beginning of the connection or when the synchronization is restored after a visit outside the coverage area or in connection with a handover.
In addition, Fig. 8 shows a keypad 831 and display 832 belonging to a normal mobile station. Blocks of a mobile station according to the invention can be formed using known components. However, the control unit controlling the other units carries out the block control functions in accordance with special software, thus realizing the aforementioned block functions according to the invention.
Furthermore, Fig. 8 shows the parts of the cellular system that are used in the call establishment and information transfer. RF signal transmission and reception are carried out through an antenna 850 in a base station 851. An information transfer connection is created from the base station 851 via a base station controller 852 to a switching center 853. In addition to other base station systems of the system, the switching center 853 is connected to a home location register 854 and public switched telephone network PSTN, for example.
On the communications system side, the ciphering and deciphering according to the invention are performed at a base station by means of blocks corresponding to those of a mobile station.
It should be noted that in the downlink and uplink directions of a connection it is possible to use different time slot numbers as well as different ciphering and modulation methods. In addition, the number of time slots used, the size/number of information blocks in a burst and the modulation method can be changed also during the connection.
Above the invention was described using certain embodiments as examples. It is however obvious that the invention is not limited to those embodiments but can be freely modified within the limits defined by the claims set forth below.
It should be especially noted that the invention is not limited to the GSM system but can be well applied to other systems using the TDMA method and also systems using the code division multiple access, or CDMA, method. Similarly, the invention is not limited to the modulation methods mentioned above but it can be applied in conjunction with other modulation methods, too. Furthermore, the invention is not limited to data transfer but can be applied to the transfer of speech as well. The invention also comprises ciphering on those signalling channels where new modulation might be needed. Such channels in the GSM/EDGE system could be e.g. the fast associated control channel FACCH, as well as the SACCH and SDCCH channels. Furthermore, configurations more complex than those described can occur in various situations within the scope of the principle of the invention.
References
[1] ETSI STC SMG2 EDGE Tdoc 332/97: Feasibility Study version 1.0, Work Item 184: Improved Data Rates through Optimised Modulation, Ericsson, Nokia, December 1-5, 1997.
[2] Draft ETS 300 929: GSM 03.20 - version 5.1.0. Digital cellular telecommunic- ations system (phase 2+); Security related network functions, European Telecommunications standards Institute, March 1997, 51 pp.

Claims

Claims
1. A method for ciphering a communications connection wherein information to be transferred is modulated into at least one burst and the information to be transferred is ciphered according to a predetermined algorithm and ciphering key, characterized in that
- information transferred in one burst is divided into at least two blocks,
- the first block is ciphered using a first ciphering key (Kcnl),
- the second block is ciphered using a second ciphering key (Kcn2), and
- said first and second ciphering keys are different from each other.
2. The method of claim 1, characterized in that the size (y) of said block is substantially smaller than the amount of information (Y) transferred in one burst.
3. The method of claim 1 or 2, characterized in that the number (s) of information blocks transferred in a burst is changed during the connection.
4. The method of any one of the preceding claims, characterized in that the size (y) of the information blocks transferred in a burst is changed during the connection.
5. The method of any one of the preceding claims, characterized in that said ciphering key (Kens) is generated on the basis of a parameter (COUNT) transferred on an information transfer channel.
6. The method of any one of the preceding claims, characterized in that said information transfer connection substantially complies with the EDGE system.
7. An arrangement for ciphering an information transfer connection in a communications system, said arrangement comprising means for modulating the information to be transferred into at least one burst and means for ciphering the information to be transferred by means of a predetermined algorithm and at least one ciphering key, characterized in that it further comprises means for dividing the information transferred in said burst into at least two blocks, and means for ciphering the first block using a first ciphering key and the second block using a second ciphering key, said first and second ciphering keys being different from each other.
8. A mobile station comprising means for ciphering an information transfer connection, said means including means for modulating the information to be transferred into at least one burst and means for ciphering the information to be transferred by means of a predetermined algorithm and at least one ciphering key, characterized in that the mobile station further comprises means for dividing the information transferred in said burst into at least two blocks, and means for ciphering the first block using a first ciphering key and the second block using a second ciphering key, said first and second ciphering keys being different from each other.
PCT/FI1999/000113 1998-02-13 1999-02-12 Method and arrangement for ciphering information transfer WO1999041877A2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
JP54107899A JP2001520841A (en) 1998-02-13 1999-02-12 Method and apparatus for encrypting information transmission
EP99903711A EP0976218A2 (en) 1998-02-13 1999-02-12 Method and arrangement for ciphering information transfer
AU24271/99A AU2427199A (en) 1998-02-13 1999-02-12 Method and arrangement for ciphering information transfer

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FI980339A FI107669B (en) 1998-02-13 1998-02-13 Method and arrangement for encrypting data transmission
FI980339 1998-02-13

Publications (2)

Publication Number Publication Date
WO1999041877A2 true WO1999041877A2 (en) 1999-08-19
WO1999041877A3 WO1999041877A3 (en) 1999-09-30

Family

ID=8550857

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FI1999/000113 WO1999041877A2 (en) 1998-02-13 1999-02-12 Method and arrangement for ciphering information transfer

Country Status (6)

Country Link
US (1) US6813355B1 (en)
EP (1) EP0976218A2 (en)
JP (1) JP2001520841A (en)
AU (1) AU2427199A (en)
FI (1) FI107669B (en)
WO (1) WO1999041877A2 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1253797A2 (en) * 2001-04-23 2002-10-30 Motorola, Inc. Communication system, communication unit and method for dynamically changing an encryption key
WO2003003648A1 (en) * 2001-06-29 2003-01-09 Sepura Limited Encrypted communications systems
JP2003513569A (en) * 1999-10-29 2003-04-08 テレフオンアクチーボラゲット エル エム エリクソン(パブル) Base station having first and second base units
JP2003534746A (en) * 2000-05-23 2003-11-18 ノーテル ネットワークス リミテッド Method of controlling a channel between a wireless terminal and a cellular wireless communication infrastructure
WO2004057461A2 (en) * 2002-12-19 2004-07-08 Ntt Communications Corporation Data division method and device using exclusive or calculation

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7224801B2 (en) * 2000-12-27 2007-05-29 Logitech Europe S.A. Wireless secure device
WO2003065618A1 (en) * 2002-01-30 2003-08-07 Lg Electronics Inc. Method for scrambling packet data using variable slot length and apparatus thereof
US8121292B2 (en) * 2002-02-26 2012-02-21 Qualcomm Incorporated Method and apparatus for scrambling information bits on a channel in a communications system
FI20021222A (en) * 2002-06-20 2003-12-21 Nokia Corp Interleaving of pieces of information
US7421075B2 (en) * 2003-12-15 2008-09-02 Microsoft Corporation Wireless online cryptographic key generation method
US8098817B2 (en) 2003-12-22 2012-01-17 Intel Corporation Methods and apparatus for mixing encrypted data with unencrypted data
US7693284B2 (en) * 2004-09-23 2010-04-06 Motorola, Inc. Method and apparatus for encryption of over-the-air communications in a wireless communication system
JP4781890B2 (en) * 2006-04-11 2011-09-28 日本電信電話株式会社 Communication method and communication system
US8406248B2 (en) * 2007-04-13 2013-03-26 Hart Communication Foundation Priority-based scheduling and routing in a wireless network
US8296826B1 (en) * 2008-02-29 2012-10-23 Amazon Technologies, Inc. Secure transfer of files
WO2009155006A2 (en) * 2008-05-27 2009-12-23 Viasat, Inc . Fault tolerant modem redundancy
US8165618B1 (en) * 2011-02-24 2012-04-24 Research In Motion Limited Methods and systems for slow associated control channel signaling
US9185080B2 (en) * 2011-08-12 2015-11-10 Intel Deutschland Gmbh Data transmitting devices, data receiving devices, methods for controlling a data transmitting device, and methods for controlling a data receiving device

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1991018460A1 (en) * 1990-05-19 1991-11-28 Rolf Trautner Process for the blockwise coding of digital data
EP0518315A2 (en) * 1991-06-13 1992-12-16 Mitsubishi Denki Kabushiki Kaisha System and method for blockwise encryption of data
GB2264373A (en) * 1992-02-05 1993-08-25 Eurologic Research Limited Data encryption.
WO1995010906A1 (en) * 1993-10-14 1995-04-20 Irdeto B.V. System and apparatus for blockwise encryption/decryption of data
US5511123A (en) * 1994-08-04 1996-04-23 Northern Telecom Limited Symmetric cryptographic system for data encryption
US5638445A (en) * 1995-09-19 1997-06-10 Microsoft Corporation Blind encryption
WO1998000949A1 (en) * 1996-06-28 1998-01-08 Teledyne Industries Inc. Methods for generating variable s-boxes from arbitrary keys of arbitrary length

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5008938A (en) * 1990-03-09 1991-04-16 Motorola, Inc. Encryption apparatus
US5018197A (en) * 1990-07-30 1991-05-21 Zenith Electronics Corporation Secure video decoder system
US5410599A (en) * 1992-05-15 1995-04-25 Tecsec, Incorporated Voice and data encryption device
US5450547A (en) * 1992-10-01 1995-09-12 Xerox Corporation Bus interface using pending channel information stored in single circular queue for controlling channels of data transfer within multiple FIFO devices
US5594795A (en) * 1994-07-05 1997-01-14 Ericsson Inc. Method and apparatus for key transforms to discriminate between different networks
US5740075A (en) * 1994-09-12 1998-04-14 Bell Atlantic Network Services, Inc. Access subnetwork controller for video dial tone networks
US5594797A (en) 1995-02-22 1997-01-14 Nokia Mobile Phones Variable security level encryption
JPH09168006A (en) * 1995-12-15 1997-06-24 Hitachi Ltd Communication equipment and communication method
US5825889A (en) * 1996-10-15 1998-10-20 Ericsson Inc. Use of duplex cipher algorithms for satellite channels with delay
US5924121A (en) * 1996-12-23 1999-07-13 International Business Machines Corporation Adaptive writeback of cache line data in a computer operated with burst mode transfer cycles
US6259789B1 (en) * 1997-12-12 2001-07-10 Safecourier Software, Inc. Computer implemented secret object key block cipher encryption and digital signature device and method
US6192129B1 (en) * 1998-02-04 2001-02-20 International Business Machines Corporation Method and apparatus for advanced byte-oriented symmetric key block cipher with variable length key and block
US6243470B1 (en) * 1998-02-04 2001-06-05 International Business Machines Corporation Method and apparatus for advanced symmetric key block cipher with variable length key and block
US6192026B1 (en) * 1998-02-06 2001-02-20 Cisco Systems, Inc. Medium access control protocol for OFDM wireless networks

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1991018460A1 (en) * 1990-05-19 1991-11-28 Rolf Trautner Process for the blockwise coding of digital data
EP0518315A2 (en) * 1991-06-13 1992-12-16 Mitsubishi Denki Kabushiki Kaisha System and method for blockwise encryption of data
GB2264373A (en) * 1992-02-05 1993-08-25 Eurologic Research Limited Data encryption.
WO1995010906A1 (en) * 1993-10-14 1995-04-20 Irdeto B.V. System and apparatus for blockwise encryption/decryption of data
US5511123A (en) * 1994-08-04 1996-04-23 Northern Telecom Limited Symmetric cryptographic system for data encryption
US5638445A (en) * 1995-09-19 1997-06-10 Microsoft Corporation Blind encryption
WO1998000949A1 (en) * 1996-06-28 1998-01-08 Teledyne Industries Inc. Methods for generating variable s-boxes from arbitrary keys of arbitrary length

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003513569A (en) * 1999-10-29 2003-04-08 テレフオンアクチーボラゲット エル エム エリクソン(パブル) Base station having first and second base units
JP2003534746A (en) * 2000-05-23 2003-11-18 ノーテル ネットワークス リミテッド Method of controlling a channel between a wireless terminal and a cellular wireless communication infrastructure
EP1253797A2 (en) * 2001-04-23 2002-10-30 Motorola, Inc. Communication system, communication unit and method for dynamically changing an encryption key
EP1253797A3 (en) * 2001-04-23 2003-03-05 Motorola, Inc. Communication system, communication unit and method for dynamically changing an encryption key
WO2003003648A1 (en) * 2001-06-29 2003-01-09 Sepura Limited Encrypted communications systems
WO2004057461A2 (en) * 2002-12-19 2004-07-08 Ntt Communications Corporation Data division method and device using exclusive or calculation
WO2004057461A3 (en) * 2002-12-19 2005-02-24 Ntt Comm Corp Data division method and device using exclusive or calculation
US7616766B2 (en) 2002-12-19 2009-11-10 Ntt Communications Corporation Data division method and device using exclusive or calculation

Also Published As

Publication number Publication date
US6813355B1 (en) 2004-11-02
FI980339A0 (en) 1998-02-13
FI980339A (en) 1999-08-14
FI107669B (en) 2001-09-14
WO1999041877A3 (en) 1999-09-30
JP2001520841A (en) 2001-10-30
AU2427199A (en) 1999-08-30
EP0976218A2 (en) 2000-02-02

Similar Documents

Publication Publication Date Title
US6813355B1 (en) Method and arrangement for ciphering information transfer
KR100406245B1 (en) Information encryption method
US5594797A (en) Variable security level encryption
AU648960B2 (en) Resynchronization of encryption systems upon handoff
EP1213943B1 (en) Key conversion system and method
KR960007808B1 (en) Authentication system for digital cellular communications
US5060266A (en) Continuous cipher synchronization for cellular communication system
EP0446194B1 (en) Continous cipher synchronization for cellular communication system
CA2377292C (en) System and method for providing secure communications between wireless units using a common key
US9326135B2 (en) Method and apparatus for secure communication in a digital two way radio protocol
EP0943195B1 (en) Use of duplex cipher algorithms for satellite channels with delay
KR20060094520A (en) Cellular modem processing
JP2009521851A (en) Method and apparatus for determining and / or communicating parameter switching point information in a wireless communication system including a wireless terminal supporting multiple wireless connections
WO2006039001A2 (en) Crypto-synchronization for secure communication
EP0757459B1 (en) Cryptographic system for wireless communications
EP2563055A1 (en) Method and devices for reducing detectability of an encryption key
EP1428403B1 (en) Communications methods, systems and terminals
WO2002017655A2 (en) Method and apparatus for generating an unique encryption key stream for each data block in a frame
EP2381613B1 (en) Enhancing security of communication systems
JPH01164139A (en) Call signal concealing method in radio call system

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

AK Designated states

Kind code of ref document: A3

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
ENP Entry into the national phase

Ref country code: JP

Ref document number: 1999 541078

Kind code of ref document: A

Format of ref document f/p: F

WWE Wipo information: entry into national phase

Ref document number: 1999903711

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1999903711

Country of ref document: EP

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

NENP Non-entry into the national phase

Ref country code: CA

WWW Wipo information: withdrawn in national office

Ref document number: 1999903711

Country of ref document: EP