Method and apparatus for fast secure session establishment on half-duplex point-to-point voice cellular network channels
First Claim
1. A secure device, comprising:
- a vocoder configured to generate voice packets from a voice signal;
a memory configured to store a previously established security association from a first session between the secure device and another secure device, wherein the stored security association comprises an encryption key and a first state vector, wherein the stored security association is adapted to be used during a second session between the secure device and the other secure device;
a vector generator configured to generate an updated state vector; and
an encryption engine configured to use the cached security association and the updated state vector to encrypt the voice packets.
5 Assignments
0 Petitions
Accused Products
Abstract
An apparatus (213) and corresponding methods (FIG. 7) to facilitate maintaining crypto synchronization while processing communication signals in a communication unit includes a vocoder (215) configured to convert input audio band signals to vocoder output frames; a crypto processor (217) configured to encrypt the vocoder output frames to provide encrypted output frames; and a synchronizer (219) configured to substitute in a predetermined manner synchronization information corresponding to an encryption state of the crypto processor for a portion of the encrypted data in a portion of the encrypted output frames to provide resultant output synchronization frames suitable for synchronizing a decryption process at a target communication unit.
32 Citations
19 Claims
-
1. A secure device, comprising:
-
a vocoder configured to generate voice packets from a voice signal;
a memory configured to store a previously established security association from a first session between the secure device and another secure device, wherein the stored security association comprises an encryption key and a first state vector, wherein the stored security association is adapted to be used during a second session between the secure device and the other secure device;
a vector generator configured to generate an updated state vector; and
an encryption engine configured to use the cached security association and the updated state vector to encrypt the voice packets. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A secure device, comprising:
-
a transceiver configured to receive a voice frame comprising encrypted/formatted voice packets and an updated state vector;
a memory for storing a previously established security association from a first session between the secure device and another secure device, wherein the cached security association comprises the encryption key and the first state vector and wherein the stored security association can be used during a second session between the secure device and the other secure device; and
a decryption engine configured to use the cached security association and the updated state vector to decrypt the encrypted voice packets received from the first transceiver. - View Dependent Claims (10, 11)
-
-
12. A secure wireless Push-to-Talk (PTT) dispatch system, comprising:
a first device, comprising;
a first memory for storing a previously established security association from a first session between the first device and a second device, wherein the stored security association comprises an encryption key and a first state vector, wherein the stored security association is adapted for use during a second session between the first device and the second device;
a vocoder configured to generate voice packets from a voice input signal;
a vector generator configured to generate an updated state vector; and
an encryption engine configured to use the cached security association and the updated state vector to encrypt the voice packets. - View Dependent Claims (13, 14, 15)
-
16. A secure communication method for a communication system comprising a first device which communicates with a second device over a channel, comprising:
-
establishing, responsive to a first secure call request from the first device, a security association during a first session between the devices via an asymmetric key exchange, wherein the security association comprises an encryption key and a first state vector;
storing the security association in each of the devices for use during a second session between the devices to expedite security association establishment during call set-up of the second session;
generating an updated state vector at the first device; and
establishing, responsive to a second secure call request from the first device, a second session between the first device in the second device by using the encryption key from the first session and the updated state vector to establish the second session during call set-up of the second session. - View Dependent Claims (17, 18, 19)
-
Specification