Systems and methods for conducting secure VOIP multi-party calls
First Claim
1. A method comprising:
- receiving, by a conference-call server, a plurality of data packets sent from each of a plurality of remote endpoints, each of the plurality of data packets being in a conference-call session;
relaying each of the received data packets over a physical-connection port to a respective secure hardware element of a plurality of secure hardware elements associated with the conference-call server;
establishing respective cryptographic relationships between each of the plurality of respective secure hardware elements and each of the plurality of respective remote endpoints at least in part by negotiating, using the each of the plurality of respective secure hardware elements, respective endpoint-specific cryptographic key information for the conference call session with the each of the plurality of respective remote endpoints;
decrypting an encrypted packet payload of each relayed data packet;
mixing decrypted audio from each decrypted packet payload to generate unencrypted mixed audio;
encrypting the unencrypted mixed audio; and
outputting the encrypted mixed audio for transmission to the respective remote endpoint.
1 Assignment
0 Petitions
Accused Products
Abstract
System and method for establishing secure conference calls. In one example system, a central conference call server establishes point-to-point connections with accessory devices comprising a secure element and connected to corresponding participant devices. The conference call server includes an interface to a plurality of secure elements configured to perform scrambling and unscrambling of media signals communicated to and from the accessory devices. In another example, one of the participant devices operates as the central conference call server. In other examples, participant devices communicate on a conference call via point-to-point connections between all accessory devices connected to the participant devices. The accessory devices include secure elements for decryption and encryption of media signals communicated between the accessory devices.
-
Citations
20 Claims
-
1. A method comprising:
-
receiving, by a conference-call server, a plurality of data packets sent from each of a plurality of remote endpoints, each of the plurality of data packets being in a conference-call session; relaying each of the received data packets over a physical-connection port to a respective secure hardware element of a plurality of secure hardware elements associated with the conference-call server; establishing respective cryptographic relationships between each of the plurality of respective secure hardware elements and each of the plurality of respective remote endpoints at least in part by negotiating, using the each of the plurality of respective secure hardware elements, respective endpoint-specific cryptographic key information for the conference call session with the each of the plurality of respective remote endpoints; decrypting an encrypted packet payload of each relayed data packet; mixing decrypted audio from each decrypted packet payload to generate unencrypted mixed audio; encrypting the unencrypted mixed audio; and outputting the encrypted mixed audio for transmission to the respective remote endpoint. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 20)
-
-
10. A conference-call server comprising:
-
a communication interface configured to communicate, during a conference-call session, a plurality of data packets to a plurality of remote endpoints of the conference-call session; a cryptographic interface coupled to the communication interface, the cryptographic interface comprising a plurality of individual physical-connection ports, each connected to a secure hardware element of a plurality of secure hardware elements associated with the conference-call server, the cryptographic interface configured to receive the respective data packets sent from the respective remote endpoints and to relay the respective data packets to the respective secure hardware elements; each secure hardware element configured to; establish respective cryptographic relationships between each of the plurality of respective secure hardware elements and the respective remote endpoint at least in part by negotiating, using the each of the plurality of respective secure hardware elements, respective endpoint-specific cryptographic key information for the conference call session with the each of the plurality of respective remote endpoints; and decrypt an encrypted packet payload of each relayed data packet; and an audio mixer configured to mix decrypted audio from each decrypted packet payload to generate unencrypted mixed audio, wherein each secure hardware element is further configured to encrypt the unencrypted mixed audio, and wherein the cryptographic interface is further configured to output the encrypted mixed audio for transmission to the respective remote endpoint. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
-
Specification