Search Images Maps Play YouTube News Gmail Drive More »
Advanced Patent Search | Web History | Sign in

Patents

A multi-channel communication security system where the information in an original information message is split among a number of channels in accordance with a message splitting routine such that the interception and analysis of any single channel does not compromise the privacy of the communication. The system provides secure communication terminal adapters in cojunction with user terminals for splitting and recombining of private communications together with control facilities in an integrated services digital network (ISDN) for selecting amoung a multiplicity of possible of message splitting routines and generating security code signals for transmission in separate D-channels to the user equipment.

InventorWalter S. Marker, Jr.
Original AssigneeAmerican Telephone and Telegraph Company, AT&T Bell Laboratories
Primary Examiner: Bernarr Earl Gregory
Current U.S. Classification380/33; 380/257; 713/150
International Classification: H04K 110; H04L 900

View patent at USPTO
Search USPTO Assignment Database

Citations

Cited PatentFiling dateIssue dateOriginal AssigneeTitle
US1395378Sep 29, 1919Nov 1, 1921AND JOHN P
US15425671925 MATHES
US1558535Feb 1, 1922Oct 27, 1925MENTS
US1565521Dec 8, 1920Dec 15, 1925AND CLAUSE CUSTER ROSE
US1596251Dec 2, 1922Aug 17, 1926SECRET RADIANT TELEPHONY
US1869659Nov 14, 1929Aug 2, 1932WJIILEM BROEBTJES
US1875165Jun 11, 1928Aug 30, 1932 SCHROTER
US2094132Jul 15, 1935Sep 28, 1937TELEPHONE SYSTEM
US3411089Jun 28, 1962Nov 12, 1968CODE CARD XI
US3921151Jul 12, 19731975APPARATUS FOR ENCIPHERING TRANSMITTED
US3953677May 10, 1945Apr 27, 1976Bell Telephone Laboratories, IncorporatedKey signaling system with multiple pulse generators
US4004089Feb 28, 1975Jan 18, 1977NCR CorporationProgrammable cryptic device for enciphering and deciphering data
US4100374Apr 11, 1977Jul 11, 1978Bell Telephone Laboratories, IncorporatedUniform permutation privacy system
US4172213Nov 17, 1977Oct 23, 1979Burroughs CorporationByte stream selective encryption/decryption device
US4172968Dec 8, 1961Oct 30, 1979General Atronics CorporationElectrical system
US4182933Feb 14, 1969Jan 8, 1980The United States of America as represented by the Secretary of the ArmySecure communication system with remote key setting
US4200770Sep 6, 1977Apr 29, 1980Stanford UniversityCryptographic apparatus and method
US4223182Sep 27, 1944Sep 16, 1980Bell Telephone Laboratories, IncorporatedTransmission of signals with privacy
US4275265Oct 2, 1978Jun 23, 1981Wisconsin Alumni Research FoundationComplete substitution permutation enciphering and deciphering circuit
US4283599Feb 5, 1979Aug 11, 1981Atalla TechnovationsMethod and apparatus for securing data transmissions
US4319079Jan 17, 1980Mar 9, 1982Crypto microprocessor using block cipher
US4322577Aug 21, 1979Mar 30, 1982Cryptosystem
US4341925Apr 28, 1978Jul 27, 1982Random digital encryption secure communication system
US4349695Jun 25, 1979Sep 14, 1982Datotek, Inc.Recipient and message authentication method and system
US4357529Nov 17, 1980Nov 2, 1982Atalla TechnovationsMultilevel security apparatus and method
US4393269Jan 29, 1981Jul 12, 1983International Business Machines CorporationMethod and apparatus incorporating a one-way sequence for transaction and identity verification
US4399323Feb 9, 1981Aug 16, 1983Bell Telephone Laboratories, IncorporatedFast real-time public key cryptography
US4411017Mar 14, 1980Oct 18, 1983Harris CorporationSecure mobile telephone system
US4418425Aug 31, 1981Nov 29, 1983IBM CorporationEncryption using destination addresses in a TDMA satellite communications network
US4423287Jun 26, 1981Dec 27, 1983VISA U.S.A., Inc.End-to-end encryption system and method of operation
US4433211Nov 4, 1981Feb 21, 1984Technical Communications CorporationPrivacy communication system employing time/frequency transformation
US4525844May 19, 1982Jun 25, 1985Licentia Patent-Verwaltungs-GmbHMethod for interchanging n partial bands
US4534037Sep 14, 1982Aug 6, 1985Robert Bosch GmbHMethod and apparatus for scrambled pulse-code modulation transmission or recording
US4549308Jul 12, 1982Oct 22, 1985AT&T Bell LaboratoriesSecure mobile radio telephony
US4578530Dec 7, 1983Mar 25, 1986VISA U.S.A., Inc.End-to-end encryption system and method of operation

Referenced by

Citing PatentFiling dateIssue dateOriginal AssigneeTitle
US4897874Mar 31, 1988Jan 30, 1990American Telephone and Telegraph Company AT&T Bell LaboratoriesMetropolitan area network arrangement for serving virtual data networks
US4920565Jul 18, 1988Apr 24, 1990Northern Telecom LimitedMethod for connection of secure conference calls
US5008935Jun 30, 1989Apr 16, 1991AT&T Bell LaboratoriesEfficient method for encrypting superblocks of data
US5161186Sep 6, 1991Nov 3, 1992International Business Machines CorporationSystem for secure and private communication in a triple-connected network
US5161193Jun 29, 1990Nov 3, 1992Digital Equipment CorporationPipelined cryptography processor and method for its use in communication networks
US5172413Dec 20, 1990Dec 15, 1992SaskTelSecure hierarchial video delivery system and method
US5179592Nov 1, 1991Jan 12, 1993NEC CorporationData scrambler and descrambler capable of preventing continuous bit zeros or ones
US5280529Apr 29, 1992Jan 18, 1994Alcatel STK A/SCommunication network intended for secure transmissions
US5282208Apr 17, 1991Jan 25, 1994Yamaha CorporationData transfer system and method
US5325419Jan 4, 1993Jun 28, 1994Ameritech CorporationWireless digital personal communications system having voice/data/image two-way calling and intercell hand-off
US5410599May 14, 1993Apr 25, 1995TECSEC, IncorporatedVoice and data encryption device
US5448698Apr 5, 1993Sep 5, 1995Hewlett-Packard CompanyInter-processor communication system in which messages are stored at locations specified by the sender
US5459858Apr 13, 1992Oct 17, 1995International Business Machines CorporationMethod for file transfer
US5465300Dec 27, 1993Nov 7, 1995Motorola, Inc.Secure communication setup method
US5469496Apr 19, 1994Nov 21, 1995Bell Atlantic Network Services, Inc.Personal communications service using wireline/wireless integration
US5506887Mar 31, 1995Apr 9, 1996Bell Atlantic Network Services, Inc.Personal communications service using wireline/wireless integration
US5551032Jun 30, 1995Aug 27, 1996International Business Machines CorporationMethod for file transfer
US5553146Aug 16, 1994Sep 3, 1996Siemens AktiengesellschaftMethod for exchanging information between ISDN terminal equipment, that is, data terminals, terminals, or telecommunication systems
US5579379Oct 18, 1994Nov 26, 1996Bell Atlantic Network Services, Inc.Personal communications service having a calling party pays capability
US5588062Jul 13, 1995Dec 24, 1996Motorola, Inc.Secure communication setup method
US5610972Jun 5, 1995Mar 11, 1997Bell Atlantic Network Services, Inc.Personal communications service using wireline/wireless integration
US5615266Jan 11, 1996Mar 25, 1997Motorola, IncSecure communication setup method
US5621787Sep 13, 1995Apr 15, 1997Bell Atlantic Network Services, Inc.Prepaid cash card
US5657375Nov 15, 1994Aug 12, 1997Ameritech CorporationWireless digital personal communications system having voice/data/image two-way calling and intercell hand off provided through distributed logic
US5659684Feb 3, 1995Aug 19, 1997ISDN Systems CorporationMethods and apparatus for interconnecting personal computers (PCs) and local area networks (LANs) using packet protocols transmitted over a digital data service (DDS)
US5664005Jun 5, 1995Sep 2, 1997Bell Atlantic Network Services, Inc.Personal communications service using wireline/wireless integration
US5692130Dec 7, 1995Nov 25, 1997Ricoh Company, Ltd.Method for selectively using one or two communication channel by a transmitting data terminal based on data type and channel availability
US5757924Sep 18, 1995May 26, 1998Digital Secured Networks Techolognies, Inc.Network security device which performs MAC address translation without affecting the IP address
US5758281Jun 6, 1995May 26, 1998Bell Atlantic Network Services, Inc.Personal communications service using wireline/wireless integration
US5809480Aug 30, 1993Sep 15, 1998Automated, secure inter authority settlement method and system for electronic toll collection
US5822433Apr 22, 1996Oct 13, 1998Alcatel N.V.Method, system and subscriber facility for manipulation-proof separation of message streams
US6011975Oct 16, 1997Jan 4, 2000Bell Atlantic Network Services, Inc.Method of personal communications service using wireline/wireless integration detecting a predetermined event during process of a call
US6058433Jul 23, 1996May 2, 2000Gateway 2000, Inc.System and method for providing increased throughput through a computer serial port to a modem communications port
US6137792Jun 14, 1996Oct 24, 2000International Discount Telecommunications Corp.Method and apparatus for enabling transmission of data packets over a bypass circuit-switched public telephone connection
US6151679Jan 21, 1998Nov 21, 2000Fortress Technologies Inc. of FloridaSystem and method for preventing a first node from being emulated by another node
US6199165Mar 31, 1998Mar 6, 2001Telefonaktiebolaget LM Ericsson (publ)Method and apparatus for secure data communication
US6240513Dec 31, 1997May 29, 2001Fortress Technologies, Inc.Network security device
US6256491Dec 31, 1997Jul 3, 2001Transcript International, Inc.Voice security between a composite channel telephone communications link and a telephone
US6266418Oct 28, 1999Jul 24, 2001L3-Communications CorporationEncryption and authentication methods and apparatus for securing telephone communications
US6584562Dec 10, 1998Jun 24, 2003France TelecomDevice for securing a telephone link between two subscriber sets
US6704866Nov 5, 1998Mar 9, 2004Cisco Technology, Inc.Compression and encryption protocol for controlling data flow in a network
US6745231Aug 8, 2000Jun 1, 2004International Business Machines CorporationSystem for securing electronic mail
US6785281May 28, 1999Aug 31, 2004Fujitsu LimitedMethod of transferring data via bypass line in connection-type network
US6937579Jul 25, 2003Aug 30, 2005International Business Machines CorporationElectronic device connection resource management
US7013419Apr 11, 2002Mar 14, 2006Mellanox Technologies Ltd.Reliable message transmission with packet-level resend
US7171493Dec 19, 2001Jan 30, 2007The Charles Stark Draper LaboratoryCamouflage of network traffic to resist attack
US7210045Aug 19, 2003Apr 24, 2007Intel CorporationStoring encrypted and/or compressed system context information when entering a low-power state
US7350228Jan 22, 2002Mar 25, 2008PortAuthority Technologies Inc.Method for securing digital content
US7464121Jan 6, 2006Dec 9, 2008International Business Machines CorporationApparatus for sending a sequence of asynchronous messages to the same member of a clustered consumer
US7539313Sep 13, 2001May 26, 2009Nortel Networks LimitedSystem and method for key management across geographic domains
US7548556Jun 25, 2008Jun 16, 2009Raptor Networks Technology, Inc.Secure communication through a network fabric
US7620685Apr 21, 2004Nov 17, 2009Microsoft CorporationSmart shares and transports
US7929697Mar 9, 2004Apr 19, 2011Thomson LicensingSecure data transmission via multichannel entitlement management and control
USRE35651Dec 15, 1994Nov 4, 1997SaskTelSecure hierarchial video delivery system and method
USRE38627Sep 2, 1997Oct 19, 2004InterDigital Technology Corp.High capacity spread spectrum channel

Claims

1. A security arrangement for communicating an information message comprising

a plurality of user stations, and
a digital switching network for selectively establishing communication channels among said plurality of user stations and including control means responsive to a request in a first signalling channel from a first one of said user stations for a secure call to a second one of said user stations both for controlling the establishment by said digital switching network of first and second ones of said communication channels from said first user station through said digital switching network without security processing to said second user station and for selecting a splitting routine from a plurality of message splitting routines said control means being responsive to said selected splitting routine for transmitting in said first signaling channel a first security code signal defining said selected splitting routine to said first user station and transmitting a second security code signal defining a combining routine associated with said selected splitting routine in a second signaling channel to said second user station, said first and second signaling channels each being distinct from said first and second communication channels, said first user station comprising
means responsive to said first security code signal defining said selected splitting routine, for splitting said message into first portions and second portions in accordance with said selected splitting routine, and
means for communicating said first portions and said second portions over said first and second communication channels, respectively, through said digital switching network, and said second user station comprising
means responsive to said second security code signal defining said combining routine and to a receipt of said first portions and second portions from said first and second communication channels, for reforming said message in accordance with said combining routine.

2. A security arrangement in accordance with claim 1 wherein said first and second communication channels are included in separate circuit-switched channels of said digital switching network.

3. A security arrangement in accordance with claim 1 wherein said first and second communication channels are included in separate logical packet-switched channels of said digital switching network.

4. A security arrangement in accordance with claim 1 wherein said first and second communication channels are included in a single logical packet-switched channel of said digital switching network.

5. A security arrangement in accordance with claim 1

wherein said splitting means further comprises
first memory means for storing control information defining the splitting of messages into portions in accordance with a number of splitting routines,
first processor means responsive to said first security code signal for reading from said first memory means control information defining the splitting of messages in accordance with said selected splitting routine, and
means responsive to said control information read from said first memory means, for controlling the splitting of said information message into said first portions and said second portions; and
wherein said reforming means further comprises
second memory means for storing control information defining the combining of message portions in accordance with a number of combining routines,

second processor means responsive to said second security code signal for reading from said second memory means control information defining the combining of message portions in accordance with said combining routine,

means responsive to said control information read from said second memory means, for combining said first portions and said second portions to reform said information message.

6. A security arrangement in accordance with claim 5

wherein said communicating means comprises
means for separately encrypting said first portions and said second portions and
means for transmitting said encrypted first portions and said encrypted second portions over said first and second communication channels, respective, through said digital switching network; and
wherein said combining means comprises
means for separately decrypting said first portions and said second portions and
means for combining said decrypted first portions and said decrypted second portions to reform said information message.

7. A security arrangement in accordance with claim 6

wherein said means for separately encrypting said first portions and said second portions comprises means for combining first and second random data with said first portions and said second portions, respectively, and
wherein said means for separately decrypting said first portions and said second portions comprises means for removing said first and second random data from said first portions and said second portions, respectively.

8. A security arrangement in accordance with claim 6 further comprising

means for transmitting a special character on both of said first and second communication channels, and
means responsive to a receipt of said special character on both of said first and second communication channels, for enabling said reforming means.

9. A security arrangement in accordance with claim 6

wherein said communicating means is responsive to the initiation by said splitting means of the splitting of said information message into said first portions and said second portions, for transmitting a first character on said first communication channel before transmitting said first portions, and for transmitting a second character on said second channel before transmitting said second communication portions, where said first and second characters may be identical characters, and
wherein said combining means is responsive to a receipt of said first character on said first communication channel and said second communication character on said second channel, for initiating the decrypting and combining of said first portions and said second portions.

10. A security arrangement in accordance with claim 6 wherein said network comprises

a circuit switching network,
wherein said first and second communication channels comprise first and second circuit-switched channels of said circuit switching network.

11. A security arrangement in accordance with claim 10 wherein said first and second circuit-switched channels of said circuit switching network, are transmitted along, physically separate paths.

12. A security arrangement in accordance with claim 6 wherein said network comprises

packet transport means,
wherein said first and second communication channels comprise first and second logical channels through said packet transport means.

13. A security arrangement in accordance with claim 12 wherein said first and second logical channels are transmitted through said packet transport means along physically separate paths.

14. A security arrangement in accordance with claim 1

wherein said message comprises a plurality of bits and
wherein each of said first portions and each of said second portions include at least one of said bits.

15. An arrangement in accordance with claim 1

wherein said communicating means comprises
means for separately encrypting said first portions and said second portions and
means for transmitting said encrypted first portions and said encrypted second portions over said first and second communication channels, respectively, through said digital switching network; and
wherein said reforming means comprises
means for separately decrypting said first portions and said second portions and
means for combining said decrypted first portions and said decrypted second portions to reform said message.

16. A security arrangement in accordance with claim 15

wherein said means for separately encrypting said first portions and said second portions comprises means for combining first and second random data with said first portions and said second portions, respectively, and
wherein said means for separately decrypting said first portions and said second portions comprises means for removing said first and second random data from said first portions and said second portions, respectively.

17. A security arrangement in accordance with claim 1 further comprising

means for transmitting a special character on both of said first and second communication channels, and
means responsive to a receipt of said special character on both of said first and second communication channels, for enabling said reforming means.

18. A security arrangement in accordance with claim 1

wherein said communicating means is responsive to the initiation by said splitting means of the splitting of said information message into said first portions and said second portions, for transmitting a first character on said first communication channel before transmitting said first portions, and for transmitting a second character on said second communication channel before transmitting said second portions, where said first and second characters may be identical characters, and
wherein said reforming means is responsive to a receipt of said first character on said first communication channel and said second character on said second communication channel, for initiating the reforming of said information message.

19. A security arrangement in accordance with claim 1 wherein said network comprises

a circuit switching network,
wherein said first and second communication channels comprise first and second circuit-switched channels of said circuit switching network.

20. A security arrangement in accordance with claim 19 wherein said first and second circuit-switched channels of said circuit switching network, are transmitted along physically separate paths.

21. A security arrangement in accordance with claim 1 wherein said network comprises

packet transport means,
wherein said first and second channels comprise first and second logical channels through said packet transport means.

22. A security arrangement in accordance with claim 21 wherein said first and second logical channels are transmitted through said packet transport means along physically separate paths.

23. A security arrangement for communicating a message comprising

a plurality of user stations, and
a digital switching network for selectively establishing communication channels among said plurality of user stations and including control means responsive to a request in a first signaling channel from a first one of said user stations for a secure call to a second one of said user stations both for controlling the establishment by said digital switching network of N of said communication channels from said first user station through said digital switching network without security processing to said second user station, N being a positive integer greater than one, and for selecting a splitting routine from a plurality of message splitting routines, said control means being responsive to said selected splitting routine for transmitting in said first signaling channel a first security code signal defining said selected splitting routine to said first user station and transmitting a second security code signal defining a combining routine associated with said selected splitting routine in a second signaling channel to said second user station, said first and second signaling channels each being distinct from said N communication channels, said first user station comprising
means responsive to said first security code signal defining said selected splitting routine, for splitting said message into N components in accordance with said selected splitting routine, and
means for transmitting each of said N components on an associated one of said N communication channels through said digital switching network, and said second user station comprising
means responsive to said second security code signal defining said combining routine and to a receipt of said N components on said N communication channels, for combining said N components in accordance with said combining routine to reform said message.

24. A security arrangement in accordance with claim 23 wherein

said splitting means further comprises
first memory means for storing control information defining the splitting of messages into components in accordance with a number of splitting routines,
first processor means responsive to said first security code signal for reading from said first memory means control information defining the splitting of messages in accordance with said selected splitting routine, and
means responsive to said control information read from said first memory means, for controlling the splitting of said message into said N components; and
wherein said combining means further comprises
second memory means for storing control information defining the combining of message components in accordance with a number of combining routines,
second processor means responsive to said second security code signal for reading from said second memory means control information defining the combining of message components in accordance with said combining routine associated with said selected splitting routine, and
means responsive to said control information read from said second memory means for controlling the combining of said N components to reform said message.

25. A security arrangement in accordance with claim 24

wherein said means for transmitting each of said N components comprises
means for separately encrypting each of said N components and
means for transmitting each of said N encrypted components on an associated one of said N communication channels; and
wherein said combining means comprises
means for separately decrypting each of said N received components and
means for combining said N decrypted components to reform said message.

26. A security arrangement for communicating the information in N packets, N being a positive integer, said arrangement comprising

a plurality of user stations, and
a digital switching network for selectively establishing communication channels among said plurality of user stations and including control means responsive to a request in a first signaling channel from a first one of said stations for a secure call to a second one of said user stations both for controlling the establishment by said digital switching network of at least one of said communication channels from said first user station through said digital switching network without security processing to said second user station and for selecting a splitting routine from a plurality of packet splitting routines, said control means being responsive to said selected splitting routine for transmitting in said first signaling channel a first security code signal defining said selected splitting routine to said first user station and transmitting a second security code signal defining a combining routine associated with said selected splitting routine in a second signaling channel to said second user station, said first and second signaling channels each being distinct from said at least one communication channel, said first user station comprising
means responsive to said first security code signal defining said selected splitting routine, for splitting each of said N packets among M packets in accordance with said selected splitting routine, M being a positive integer greater than one, and
means for transmitting said M packets on said at least one communication channel through said digital switching network, and said second user station comprising
means responsive to said second security code signal defining said combining routine and to a receipt of said M packets on said at least one communication channel, for combining information from each of said M received packets in accordance with said combining routine to reform each of said N packets.

27. A security arrangement in accordance with claim 26

wherein said splitting means further comprises
first memory means for storing control information defining the splitting of individual packets among multiple packets in accordance with a number of packet splitting routines,
first processor means responsive to said first security code signal for reading from said first memory means control information defining the splitting of packets in accordance with said selected splitting routine, and
means responsive to said control information read from said first memory means, for controlling the splitting of each of said N packets among said M packets; and
wherein said combining means further comprises
second memory means for storing control information defining the combining of information from multiple packets into individual packets in accordance with a number of combining routines,
second processor means responsive to said second security code signal for reading from said second memory means control information defining the combining of information from multiple packets in accordance with said combining routine associated with said selected splitting routine, and
means responsive to said control information read from said second memory means for controlling the combining of said information from each of said M packets to reform each of said N packets.

28. A security arrangement in accordance with claim 27

wherein said means for transmitting said M packets comprises
means for separately encrypting each of said M packets and
means for transmitting said M encrypted packets on said at least one communication channel; and
wherein said combining means comprises
means for separately decrypting each of said M received packets and
means for combining information from said M decrypted packets, to reform each of said N packets.

29. In a switching arrangement for providing switched connections among a plurality of user stations each having a plurality of channels contemporaneously available for communication, a security method of communication a message from an originating one of said user stations to a terminating one of said stations comprising

transmitting, by said originating user station, a request to said switching arrangement for a secure call from said originating user to said terminating user stations,
providing, by said switching arrangement in response to said request, a first connection without security processing between a first one of said channels of said originating user station and a first one of said channels of said terminating user station,
providing, by said switching arrangement in response to said request, a second connection without security processing between a second one of said channels of said originating user station and a second one of said channels of said terminating user station,
selecting, by said switching arrangement in response to said request, a splitting routine from a plurality of message splitting routines,
transmitting, by said switching arrangement, a first security code signal defining said selected splitting routine to said originating user station,
transmitting, by said switching arrangement, a second security code signal defining a combining routine associated with said selected splitting routine to said terminating user station,
splitting by said originating user station in response to said first security code signal, said message into first portions and second portions in accordance with said selected splitting routine,
separately encrypting, by said originating user station, said first portions and said second portions,
transmitting, by said originating user station in its first channel, said encrypted first portions to said first connection,
transmitting, by said originating user station in its second channel, said encrypted second portions to said second connection,
receiving, by said terminating user station in its first channel, said encrypted first portions from said first connection,
receiving, by said terminating user station in its second channel, said encrypted second portions from said second connection,
separately decrypting, by said terminating user station, said received encrypted first portions and said received encrypted second portions and
combining, by said terminating user station in response to said second security code signal, said decrypted first portions and said decrypted second portions in accordance with said combining routine to reform said message.

30. In an arrangement comprising

a first switch serving a first user station,
a first plurality of user channels between said first user station and said first switch,
a second switch serving a second user station and
a second plurality of user channels between said second user station and said second switch,
a security method of communicating a message from said first user station to said second user station,
said first user station transmitting a call request in a given one of said first plurality of channels to said first switch, said call request defining a secure call to said second user station,
said first switch transmitting said call request to said second switch,
a given one of said first and second switches selecting one of a plurality of message splitting routines for splitting said message among predetermined ones of said first plurality of channels each being distinct from said given one of said first plurality of channels,
said given switch transmitting a definition of said selected splitting routine to the other one of said first and second switches,
said first switch transmitting said definition of said selected splitting routine in said given one of said first plurality of channels to said first user station,
said second switch transmitting said definition of said selected splitting routine in a given one of said second plurality of channels to said second user station,
said first and second switches connecting without security processing of information from said predetermined ones of said first plurality of channels to corresponding ones of said second plurality of channels each being distinct from said given one of said second plurality of channels,
said first user station transmitting said message on said predetermined ones of said first plurality of channels in accordance with said selected splitting routine, and
said second user station combining information received on said corresponding ones of said second plurality of channels in accordance with a combining routine that is the inverse of said selected splitting routine.

31. In an arrangement comprising a plurality of user stations, an integrated services digital network for providing digital connections among said user stations, and a plurality of user access lines each connecting an associated one of said user stations with said network, each of said user access lines having at least first and second B-channels and a D-channel thereon, said D-channel being distinct from said first and second B-channels,

a security method of communicating a message from a first one of said user stations having an associated first user access line, to a second one of said user stations having an associated second user access line, said method comprising
said first user station transmitting in the D-channel of said first user access line, a secure call request to said network, said secure call request defining a secure call to said second user station,
said network selecting, in response to said secure call request, one of a plurality of message splitting routines for splitting said message between the first and second B-channels of said first user access line,
said network providing a circuit-switched connection without security processing from said first B-channel of said first user access line to the first B-channel of said second user access line, and providing a circuit-switched connection without security processing from said second B-channel of said first user access line to the second B-channel of said second user access line,
said network transmitting a definition of said selected splitting routine to said first user station in said D-channel of said first user access line, and to said second user station in the D-channel of said second user access line,
said first user station transmitting said message in said first and second B-channels of said first user access line in accordance with said selected splitting routine and
said second user station combining information received in said first and second B-channels of said second user access line in accordance with a combining routine that is the inverse of said selected splitting routine.

32. In an arrangement comprising a plurality of user stations, an integrated services digital network for providing digital connections among said use stations, and a plurality of user access lines each connecting an associated one of said user stations with said network, each of said user access lines having at least a D-channel thereon, said D-channel including a signaling channel and a plurality of logical data channels, said signaling channel being distinct from said logical data channels,

a security method of communicating a message from a first one of said user stations having an associated first user access line, to a second one of said user stations having an associated second user access line, said method comprising
said first user station transmitting in the signaling channel of said first user access line, a secure call request to said network, said secure call request defining a secure call to said second user station,
said network selecting, in response to said secure call request, one of a plurality of message splitting routines for splitting said message among logical data channels of said first user access line,
said network providing packet-switched connections without security processing from said logical data channels of said first user access line to logical data channels of said second use access line,
said network transmitting a definition of said selected splitting routine to said first user station in said signaling channel of said first user access line, and to said second user station in the signaling channel of said second user access line,
said first user station transmitting said message in said logical data channels of said first user access line in accordance with said selected splitting routine and
said second user station combining information received in said logical data channels of said second user access line in accordance with a combining routine that is the inverse of said selected splitting routine.

33. In an arrangement comprising a plurality of user stations, an integrated service digital network for providing digital connections among said user stations, and a plurality of user access lines each connecting an associated one of said user stations with said network, each of said user access lines having at least a D-channel thereon, said D-channel including a signaling channel and at least one logical data channel, said signaling channel being distinct from said logical data channel,

a security method of communicating a message from a first one of said user stations having an associated first user access line, to a second one of said user stations having an associated second user access line, said method comprising
said first user station transmitting in the signaling channel of said first user access line, a secure call request to said network, said secure call request defining a secure call to said second user station,
said network selecting, in response to said secure call request, one of a plurality of message splitting routines for splitting said message among a plurality of packets to be transmitted in a logical data channel of said first user access line,
said network providing a packet-switched connection without security processing from said logical data channel of said first user access line to a logical data channel of said second user access line,
said network transmitting a definition of said selected splitting routine to said first user station in said signaling channel of said first user access line, and to said second user station in the signaling channel of said second user access line,
said first user station transmitting said message in said plurality of packets in said logical data channel of said first user access line in accordance with said selected splitting routine and
said second user station combining information received in said plurality of packets in said logical data channel of said second user access line in accordance with a combining routine that is the inverse of said selected splitting routine.

34. Apparatus for secure communication of messages between different ones of a plurality of user stations interconnected via a switching arrangement wherein said switching arrangement comprises

means responsive to a request in a first signaling channel from a first one of said stations for a secure call to a second one of said stations for establishing first and second communication channels without security processing through said switching arrangement between said first and second stations, said first signaling channel being distinct from said first and second communication channels,
means responsive to said request for selecting one of plurality of message splitting routines,
means for storing data defining, for each of said plurality of stations, security code signals defining to said each station said plurality of splitting routines,
means responsive to said request and said selection, for reading said stored data to determine a first security code signal defining said selected splitting routine to said first station and a second security code signal defining a combining routine associated with said selected splitting routine to said second station,
means for transmitting said first security code signal in said first signaling channel to said first station and
means for transmitting said second security code signal in a second signaling channel to said second station, said second signaling channel being distinct from said first and second communication channels,
wherein said first station comprises means responsive to said first security code signal for splitting a message into first portions and second portions in accordance with said selected splitting routine and means for transmitting said first portions and said second portions over said first and second communication channels, respectively, and
wherein said second station comprises means responsive to said second security code signal and to a receipt of said first and second portions from said first and second communication channels, for reforming said message in accordance with said combining routine associated with said selected splitting routine.

Drawings