1
SECURE MESSAGING COMMUNICATION
SYSTEM
TECHNICAL FIELD OF THE INVENTION
This invention relates in general to the field of electronic systems and more particularly to an improved secure communication system and method of operation.
BACKGROUND OF THE INVENTION
2
systems may comprise, for example, personal digital assistants, personal computers or other devices which are capable of text messaging. According to this embodiment of the present invention, relatively simple encryption methods can 5 be used sequentially to encapsulate an electronic message. The encryption key value can be used to access the encryption selection table which specifies the encryption methods and the sequence in which they are to be applied.
10 BRIEF DESCRIPTION OF THE DRAWINGS
As the use of portable electronic devices and the growth of voice and data networks have become more pervasive, one of the most important applications of these systems has been the ability to provide point to point communication capability. These communications take the form of either real time communications in the form of voice communications or in the form of near real time communications in the form of electronic mail messages or other text messaging technologies.
Unfortunately, as networks have grown larger and as electronic devices have become more numerous, the risk of the improper interception of these messages has grown. At the same time, as the use of communication and messaging technologies has increased, the value of the information that is being transmitted has grown rapidly. The confluence of these two factors results in a great deal of highly valuable information being transmitted on a relatively insecure transmission topology.
The lack of security in data communications has been addressed in large part by the development of more sophisticated encryption algorithms. Unfortunately, the ubiquitous availability of powerful computing platforms has made it possible to defeat relatively simple encryption algorithms. This risk has forced developers to create very complex encryption algorithms. While these algorithms are difficult to defeat, they are also time consuming and require a great deal of processing power to use.
Accordingly, a need has arisen for a secure communications system and method which provide relatively high security without consuming the processor resources and time associated with undefeatable, complex encryption algorithms.
A more complete understanding of the present invention may be acquired by referring to the accompanying figures in which like reference numbers indicate like features and 15 wherein:
FIG. 1 is a block diagram illustrating one potential architecture of a secure communication system constructed according to the teachings of the present invention;
FIG. 2 is a block diagram illustrating a communication 20 device constructed according to the teachings of the present invention;
FIG. 3 illustrates one embodiment of an encryption selection table which may be used in a secure communication system constructed according to the teachings of the present 25 invention;
FIG. 4 is a flow diagram illustrating a method of secure communications for the exchange of encrypted text information which may be used in accordance with the teachings of the present invention;
30 FIG. 5 is a functional block diagram illustrating a secure communication system that may be used to provide for real time voice communications in accordance with the teachings of the present invention;
FIG. 6 is a diagram illustrating one embodiment of an
35 encryption selection table which may be used in a secure communication system constructed according to the teachings of the present invention to implement real time voice communications; and
FIGS. 7 and 8 are flow diagrams which illustrate methods
40 of sending and receiving, respectively, real time encrypted voice communications using a secure communication system constructed according to the teachings of the present invention.
SUMMARY OF THE INVENTION 45 DETAILED DESCRIPTION OF THE DRAWINGS
In accordance with the teachings of the present invention, a secure data communications systems is provided that substantially eliminates problems and disadvantages associated with prior solutions.
In accordance with one embodiment of the present invention, a method communicating in a secure fashion is provided that comprises providing two copies of a encryption selection table, one copy in each of two communication devices to be used to form a secure communication system. The encryption selection table is accessed using a table key which is calculated as a function of a private periodic key and a public variable key. The private periodic key is a value shared by the persons using the communication system. The public variable key is a value which is broadcast publicly enough to be accessible by both parties using the communication system and which varies over time.
According to a further embodiment of the present invention, the secure communication method of the present invention is operable to enable communication between two electronic messaging systems which are coupled through a data communication network. The electronic messaging
Referring to FIG. 1, a secure communication system 10 is illustrated which comprises a data communication network 12. Network 12 may comprise, for example, a public data
50 communication network such as the Internet or various forms of private or semiprivate networks such as local area networks, wide area networks, virtual private networks or the like. Data communication network 12 is utilized by electronic devices 14 and 16 to exchange electronic mes
55 sages which may comprise, for example, electronic mail messages, short text messages or other forms of communication which are subject to misappropriation and therefore need to be encrypted prior to transmission and decrypted prior to reading. As shown in FIG. 1, electronic device 14
60 may comprise a personal digital assistant or other similar personal electronic device. Device 14 may be connected to the network 12 through either a permanent or temporary land line or as shown in FIG. 1, through a wireless connection. Device 14 functions as either a sending or a receiving
65 device for electronic messages sent through network 12. Similarly, device 16 may comprise a personal digital assistant or similar device or as shown in FIG. 1, device 16 may
3
comprise a personal computer which is connected to network 12 through a local area network and router connection 18 shown in FIG. 1. As with device 14, device 16 may act as either a sending or receiving device to exchange electronic messages through network 12. 5
According to the teachings of the present invention, it is not preferable or perhaps even feasible for devices 14 or 16 to utilize highly complex encryption techniques that cannot be defeated. This is due to the fact that undefeatable encryption technologies require either a great deal of time to 10 implement or require an inordinate amount of processing power to implement. According to the teachings of the present invention, simple electronic devices such as device 14 and 16 which have limited processing resources and which have a limited amount of time to perform encryption 15 technologies can still be used to send relatively secure messages through the data network 12. According to one embodiment of the present invention, simple encryption techniques can be used as long as each of the devices 14 and 16 are able to implement several disparate encryption meth- 20 ods in synchronization with each other. In this manner, a party attempting to defeat the encryption technique must not only undo the encryption but they must also successfully guess which method was used. According to a further embodiment of the present invention, the multiple disparate 25 encryption techniques can be combined in sequence to further inhibit such piracy. The system of the present invention uses an encryption selection table which is resident on each sending and receiving device to enable the accurate encryption and decryption of messages. 30
FIG. 2 is a functional block diagram which illustrates some of the components which may be used to construct an electronic device such as device 14 which may be used in the secure communication system of the present invention. While the details of FIG. 2 will be described with reference 35 to device 14, it should be understood that the architecture could be applied to any sending or receiving device that uses the secure communication techniques of the present invention. Referring to FIG. 2, device 14 includes a central processing unit 20 which interfaces with the user of the 40 device through user interface 22. User interface 22 may comprise, for example, a suitable display and input devices such as keypads, touch screens, pointing devices, voice recognition systems and the like. The central processing unit 20 communicates with the network 12 through a commu- 45 nication interface 24. Communication interface 24 may comprise a wireless communication system which would comprise RF receivers and transmitters or it may comprise a wireline connection which would comprise suitable line signaling systems such as modem connections, network 50 connections or the like.
Device 14 also comprises data storage system 26. Data storage system 26 may comprise both volatile and nonvolatile memory systems. For example, data storage system 26 may comprise a suitable amount of dynamic random 55 access memory. In addition, data storage system 26 may comprise magnetic or SRAM memory systems which are non-volatile in nature. In general, device 14 and specifically central processing unit 20 uses data storage system 26 to store programmatic instances of encryption algorithms and 60 to store electronic messages which are to be encrypted, to be decrypted or which have been encrypted or decrypted. Data storage systems 26 are also used by central processing unit 20 to execute various encryption decryption algorithms and for other conventional purposes during the operation of 65 device 14. Device 14 also includes a stored encryption selection table, the structure of an exemplary embodiment of
4
encryption selection table 28 will be discussed with reference to FIG. 3 herein. However, in general, table 28 comprises a list of encryption algorithm identifiers which are accessed through an encryption table key. A copy of the encryption selection table is stored by both the sending and the receiving device so that the referenced encryption algorithms can be used to both encrypt and decrypt the exchanged message.
The device 14 also includes an encryption decryption engine 30 which is operable to execute a number of simple encryption and decryption algorithms as directed by the encryption selection table and under the control of the central processing unit 20. Engine 30 may comprise a single processing unit or, alternatively, may comprise multiple processing units which are able to perform encryption or decryption using the same or different algorithms simultaneously. The use of such parallel processing capability can greatly enhance the processing throughput of the overall system. Finally, the device 14 includes a timer 32 which may be used in an embodiment of the present invention that is operable to use different encryption techniques in real time communications. This embodiment of the present invention will be described more completely with reference to FIGS. 5 through 7 herein.
FIG. 3 illustrates a selected portion of one embodiment of encryption table 28 which was disclosed with reference to FIG. 2 previously. Encryption selection table 28 comprises a key column 34, a first algorithm column 36, a second algorithm column 38 and a third algorithm column 40. In operation, a particular device such as device 14 would have the capability of performing a number of distinct encryption processes. For example, device 14 may be able to perform five different encryption techniques. An encryption key in key column 34 is then used to access a particular row which specifies a particular encryption technique in each of columns 36, 38 and 40. A message to be sent by device 14 or received by device 14 can then be encrypted or decrypted using the techniques specified in the row in the order specified in the row. For example, if encryption key 51 is specified, the device 14 would first apply encryption algorithm 4, then encryption algorithm 3, then encryption algorithm 1. Conversely, if a message was received by device 14 and the key value 51 was to be used, the device 14 would first decrypt using algorithm 1 then decrypt using algorithm 3 followed by decryption using algorithm 4. In this manner, a number of relatively simple encryption steps can be sequentially applied to a message to greatly enhance the security of the message. A person attempting to intercept and wrongfully decrypt the message would have to discern not only the various kinds of encryption used, but also the order in which the techniques were used.
According to a further aspect of the present invention, the encryption table key 34 may be discerned or calculated from a number of input keys. This provides even further security in case a device such as device 14 is lost or stolen. For example, parties wishing to trade a secure message could, prior to the transfer of the message, agree on a periodic key value. For example, the two parties might agree that for a selected week, the periodic key value would be equal to 30. According to one alternative, this periodic key value could be directly used for that week as the entry point in the encryption selection table 28. Alternatively, the periodic key value could be augmented through the use of a public variable key. A public variable key comprises a number which preferably is available to both participants in the message transfer and which changes its value over time. These changes can be periodic changes such as daily
5
changes or they can be unpredictable changes. For example, a public variable key might comprise an opening stock price for a particular company or the high temperature for a particular city on a given day as reported by an agreed upon reporting agency. Either of these numbers would be avail- 5 able through publicly available news media to any participant wishing to send or receive a message. The public key variable can then be combined with the periodic key variable using an agreed upon mathematical function to result in a number which can be used as the encryption table key value 10 to enter the encryption selection table 28. For example, if the periodic key value for a given week was agreed to be 30 and the stock price on Wednesday of that week for the agreed upon company was 24 and the combination function was agreed to be addition, the encryption key value of 54 would 15 be used by both parties and algorithms 4, 1 and 3 would be used to encrypt messages.
Depending upon the level of security desired, the calculation of the encryption key can take place in the device 14 or the system can require the user to calculate it without 20 using the device 14. If the device 14 is used, the central processing unit 20 can perform the given calculations upon receiving the periodic key value and the public variable key value through user interface 22. Allowing device 14 to perform the calculation increases the convenience but 25 reduces the security of the overall system because the mathematical function is encoded into the actual device. As such, a person misappropriating the particular device 14 could possibly discern the mathematical function involved. This risk can be mitigated using user interface 22. For 30 example, user interface 22 could prompt the input of key variables without informing the user how many numbers need to be input. Accordingly, for example, without prompting as to format, a user might be required to input two two-digit numbers separated by a space in order for the 35 encryption system to function.
FIG. 4 is a flow diagram which details the steps performed according to one embodiment of the present invention to utilize the table 28 to encrypt or decrypt messages. Referring to FIG. 4, the method starts at step 42 where a user through 40 user interface 22 selects secure operation of a device 14. The user interface 22 then prompts the user to enter a periodic key at step 44 and a public variable key at step 46. As described previously, in order to enhance security, steps 44 and 46 could either be eliminated all together or the user 45 could be required to enter both of these in a predetermined format without further prompting. If the two key values are entered in steps 44 and 46 the method proceeds to step 48 where the central processing unit 20 calculates an index value using the agreed upon mathematical function. As 50 described previously, this function can be as simple as adding the two key values. However, more complex functions could also be used.
Following the calculation of the index the central processing unit 20 selects the key value within the table 28 55 which has the closest value to the index in step 50. The method then proceeds to step 52 where the algorithm set associated with the selected row within table 28 is retrieved. The method then proceeds to step 54 where the first encryption algorithm is loaded into the encryption decryption 60 engine 30.
Suitable encryption techniques which might be used in accordance with the teachings of the present invention may comprise, for example, the interpositioning of false data within the actual data stream. For example, the actual data 65 could be broken into set size blocks. Between these blocks can be interposed blocks of false data. A marker or other
6
piece of header data may be placed at the start of the first block of real data to ensure that the system receiving the stream of encrypted data can synchronize its decryption operation. This marker can be repeated during the transmission on a periodic basis to ensure continued synchronization of the decryption process.
Alternatively, the data stream itself can be changed by reversing periodic bits within the data stream. For example, every nth bit of data could be inverted on a frequent enough basis to defeat error correcting codes that handle naturally occurring changes in data streams. Once again, a marker code or header can be inserted a predetermined number of bits before the first inverted bit of data to ensure synchronization with the receiving system. An alternative of this method could also alter the frequency of the reversal of the bit. For example, after the first marker data is encountered the nth bit could be inverted until a next marker. After the next marker every
bit can be inverted. Following an additional marker, every
bit can be inverted, and so on.
These are examples of simple encryption systems that can be easily and quickly encrypted and decrypted for both message traffic and real time traffic. Other similar encryption systems could also be employed. If a system is able to utilize several of these simple encryption systems, these methods can be combined to create a combined encryption scheme which is extremely difficult to defeat. In addition, as is disclosed herein, these simple encryption algorithms can be used in sequence during a real time communication to ensure a high degree of security.
The method then proceeds to step 56 where the encryption decryption engine under the direction of the central processing unit 20 runs the first algorithm to encrypt the message. The method then proceeds to step 58 where the interim encrypted message is stored in data storage media 26 by central processing unit 20. The method then proceeds to step 60 where a decision is made as to whether or not the set defined by table 28 has been completed. If the set has not been completed, the method proceeds to step 62 where the next algorithm within the defined set is loaded into the encryption decryption engine 30. The method then returns to step 56 where the next algorithm is executed. If at step 60 the set of defined algorithms has been completed, the method proceeds to step 62 where the encrypted message is sent. The method shown in FIG. 4 can be executed in an almost identical fashion to decrypt a message. The only differences between the decryption method and the encryption method discussed previously is that the associated table row which has been identified using the key value is executed from right to left. In step 58 the interim message is actually a decrypted message which is stored in data storage system 26. Finally, in step 62 the decrypted message is displayed for the user through user interface 22 as opposed to being sent to the network through communication interface 24.
7
The secure communication techniques of the present invention can also be applied to real time voice communications over wireless or wireline networks. Referring to FIG. 5, a secure telecommunications network indicated generally at 70 constructed according to the teachings of the present 5 invention is described. Network 70 allows the user of a telephone 72 to communicate through a base station 74 to a public switch telephone network 76. Network 76 may also be connected to a telephone 78. As shown in FIG. 5, device 72 comprises a wireless device. In contrast, telephone 78 10 comprises a conventional wireline telephone device. The teachings of the present invention are equally applicable to communications occurring over wireless or wired connections as both are susceptible in different ways to interception. Telephones 72 and 78 must comprise conventional 15 telephone network interface technology as well as microphones and speakers used in voice communications. In addition, telephones 72 and 78 comprise the components detailed with reference to FIG. 2 and device 14 previously. Accordingly, a user of device 72 can interact with a central 20 processing unit 20 through a user interface 22. In addition, the telephone 72 stores an encryption selection table 28 and has the ability to operate encryption and decryption algorithms using an encryption decryption engine 30. As will be discussed herein, the telephone 72 is also capable of switch- 25 ing from one encryption algorithm to another based upon the input from a timer 32. The telephone 72 interacts with the base station 74 and ultimately the network 76 through communication interface 24.
Referring to FIG. 6, an encryption selection table indi- 30 cated generally at 80 is shown. Table 80 comprises an encryption key column 82 and an encryption algorithm column 84. It should be understood that table 80 is solely one embodiment of the present invention which is presented solely for purposes of teaching important aspects of the 35 present invention. Other table structures and other key structures can be employed with equal efficacy without departing from the spirit of the present invention. In the embodiment shown in table 80, the key value within key column 82 is a single digit between 0 and 9. Using the 40 techniques discussed previously with reference to table 28 in FIG. 3, a key value can be calculated using a periodic key value and a public variable key value or either one without the other. An index value can be calculated using either or both the periodic key and the public variable key values. The 45 index value is then converted to a key value by merely using the units place of the index value. As shown in FIG. 6, the indicated key value is associated with one of the encryption algorithms which may be executed by the telephone 72 or the telephone 78. 50
According to a further aspect of this embodiment of the present invention, the telephones 72 and 78 are further operable to switch from one encryption technique to another on a periodic basis. As such, the key value which is calculated from the index value serves as a starting point 55 within table 80. The devices 72 and 78 then step through the table switching to the next row in the table on a periodic basis. According to one embodiment of the present invention, the telephone which initiated the call provides a short tone signal or utilizes out of band signaling to provide an 60 encryption switch signal to the receiving device. The sending device utilizes a timer such as timer 32 to calculate when the switch to the next encryption algorithm should be initiated. In this manner, a telephone conversation can occur which begins using an encryption algorithm and switches to 65 a next indicated encryption algorithm on a periodic basis such as, for example, every 15 or 30 seconds.
8
Real time communications can utilize the same simple algorithms which have been described previously. In addition, real time communications can take advantage of the natural silences in real time conversations by inserting fixed length sections of conversation from, for example, previous phone calls. Specifically, in an analog device, prior conversations can be buffered and inserted every few fractions of a second. The receiving device can remove the inserted parts of conversation and silence the output for the associated period of time. In this way, the party attempting to intercept the conversation would hear a muddled combination of multiple conversations. Digital phones and other digital transmission devices can accomplish the same thing in the digital domain by sensing and processing the digital equivalent of a silent portion of the conversation.
Alternatively, the transmitting device can periodically insert signals associated with prior portions of the current conversation into the transmitted stream. This could happen in either the analog or digital domains. In this manner, the transmitting device may take a portion of a prior conversation and sum it with the outgoing data stream. The receiving device can perform either a digital subtraction or an analog filtering using the prior portion of the conversation. A party attempting to intercept the device would intercept a greatly distorted signal. However, the receiving device can perform a simple operation to retrieve the clear decrypted signal. Depending upon the data storage capabilities of the devices performing the encryption and decryption operations, various portions of the prior conversation could be stored in parallel. In this manner, the distortion applied to the signal could vary over time as one distorting portion of a conversation is substituted for another. This feature would be limited by the ability of the receiving and transmitting devices to store multiple portions of the prior conversations.
Similarly, the devices can use predetermined and prestored distortion elements that can be added to the signal to prevent an interceptor from discerning the conversation. In other words, instead of using variable portions of the conversation to distort the signal, the signal could be distorted using predetermined elements which are stored within the receiving and transmitting devices. As discussed herein, the receiving and transmitting devices could store multiple distortion elements as separate encryption methods and switch from one to the other as time progresses or as signaled by the transmitting system.
FIGS. 7 and 8 are flow diagrams which detail methods of sending and receiving, respectfully, encrypted telephone communications. Referring to FIG. 7, the method of the present invention begins at step 86 where a user of a device such as telephone 72 selects secure operation prior to the initiation of a telephone call. The method then proceeds to step 88 where the periodic key value is input into the device through the user interface 22. The method then proceeds to step 90 where the public variable key is input in a similar fashion. As discussed previously, the method of the present invention can be employed with equal effectiveness if the method requires the user to calculate the index value outside of the device. In addition, the user interface 22 may require steps 88 and 90 to be performed simultaneously using predetermined formatting as discussed previously. If the device is used to calculate the index value the method proceeds to step 92 where the periodic key value and the public key value are combined using a predetermined mathematical function to create an index value. The method then proceeds to step 94 where a key value is selected as a function of the index. As discussed with reference to FIG. 6, this may employ the use of the units place of the index value
|
