SYSTEM AND METHOD FOR LAWFUL INTERCEPTION USING TRUSTED THIRD PARTIES IN SECURE VoIP COMMUNICATIONS

US 20100002880A1
Filed: 07/29/2008
Published: 01/07/2010
Est. Priority Date: 11/21/2007
Status: Abandoned Application

First Claim

Patent Images

1. A system for lawful interception using a trusted third party in secure VoIP communication between a VoIP transmit terminal and a VoIP receive terminal, the system comprising:

a trusted third party that receives a master key request from the VoIP transmit terminal to generate a master key and transmits the generated master key to the VoIP transmit terminal and a key recovering system;

a key recovering system that receives a lawful interception request from a lawful interception requester to instruct a collection device on lawful interception, receives a secure packet from the collection device, receives the master key from the trusted third party, decrypts the secure packet with the master key and provides the decrypted packet to the lawful interception requester or provides the master key and the secure packet to the lawful interception requester; and

a collection device that collects the secure packet transmitted/received between the VoIP transmit terminal and the VoIP receive terminal in accordance with the lawful interception instruction received from the key recovering system and transmits the collected secure packet to the key recovering system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed is a system for lawful interception using a trusted third party in secure VoIP communication. A VoIP transmit terminal generates a secure packet using a master key received from a trusted third party and then communicates with a VoIP receive terminal. A collection device having received a lawful interception instruction from a key recovering system collects and transmits the secure packet to the key recovering system. The key recovering system decrypts the secure packet using the master key received from the trusted third party and provides the decrypted secure packet to a lawful interception requester or provides the master key received from the trusted third party and the secure packet to the lawful interception requester. It is possible to provide the perfect lawful interception in the secure VoIP communication environment, and to guarantee a perfect forward secrecy since the master key is changed for each call.

28 Citations

View as Search Results

13 Claims

1. A system for lawful interception using a trusted third party in secure VoIP communication between a VoIP transmit terminal and a VoIP receive terminal, the system comprising:
- a trusted third party that receives a master key request from the VoIP transmit terminal to generate a master key and transmits the generated master key to the VoIP transmit terminal and a key recovering system;
  
  a key recovering system that receives a lawful interception request from a lawful interception requester to instruct a collection device on lawful interception, receives a secure packet from the collection device, receives the master key from the trusted third party, decrypts the secure packet with the master key and provides the decrypted packet to the lawful interception requester or provides the master key and the secure packet to the lawful interception requester; and
  
  a collection device that collects the secure packet transmitted/received between the VoIP transmit terminal and the VoIP receive terminal in accordance with the lawful interception instruction received from the key recovering system and transmits the collected secure packet to the key recovering system.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system according to claim 1, wherein the trusted third party performs additional functions of generating a session key with the mater key and transmitting the session key to the key recovering system, andwherein the key recovering system receives the lawful interception request from the lawful interception requester to instruct the collection device on the lawful interception, receives the secure packet from the collection device, receives the session key from the trusted third party, decrypts the secure packet with the session key, and provides the decrypted packet to the lawful interception requester or provides the session key and the secure packet to the lawful interception requester.
  - 3. The system according to claim 2, wherein the trusted third party comprises:
    - an encryption key generation unit that generates a master key in accordance with a master key request from the VoIP transmit terminal and generates a session key with the master key;
      
      a storage unit that stores the master key and the session key generated by the encryption key generation unit;
      
      a transmit unit that transmits the master key to the VoIP transmit terminal and transmits the session key to the key recovering system; and
      
      a control unit that controls the respective elements constituting the trusted third party.
  - 4. The system according to claim 3, wherein the control unit performs additional functions of key recovery request record management and monitoring management.
  - 5. The system according to claim 1 or 2, wherein the key recovering system comprises:
    - a decryption unit that decrypts the secure packet received from the collection device using the master key or session key received from the trusted third party;
      
      a storage unit that stores call information between the VoIP transmit terminal and the VoIP receive terminal, the call information being extracted from the packet decrypted by the decryption unit;
      
      a transmit unit that receives the secure packet from the collection device, receives the master key or session key from the trusted third party and transmits the secure packet or decrypted packet to the lawful interception requester; and
      
      a control unit that controls the respective elements constituting the key recovering system.
  - 6. The system according to claim 5, wherein the call information comprises information about IDs of the VoIP transmit terminal and the VoIP receive terminal, IP/ports of the VoIP transmit terminal and the VoIP receive terminal, time at which a call is initiated and time at which the call is terminated.
  - 7. The system according to claim 5, wherein the control unit performs additional functions of key recovery request record management and monitoring management.

8. A method for lawful interception using a trusted third party in secure VoIP communication between a VoIP transmit terminal and a VoIP receive terminal, the method comprising the steps of:
- (a) instructing, at a key recovering system, a collection device on lawful interception in accordance with a lawful interception request from a lawful interception requester;
  
  (b) at the trusted third party, receiving a master key request from the VoIP transmit terminal to generate a master key and transmitting the generated master key to the VoIP transmit terminal and a key recovering system;
  
  (c) exchanging the master key and performing secure communication between the VoIP transmit terminal and the VoIP receive terminal;
  
  (d) at the collection device, collecting a secure packet transmitted/received between the VoIP transmit terminal and the VoIP receive terminal and transmitting the secure packet to the key recovering system; and
  
  (e) at the key recovering system, receiving the master key from the trusted third party, decrypting the secure packet with the received master key and providing the decrypted packet to the lawful interception requester.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The method according to claim 8, wherein the step of (c) comprises the steps of:
    - (c1) exchanging the master key between the VoIP transmit terminal and the VoIP receive terminal; and
      
      (c2) generating a session key with the master key at each of the trusted third party, the VoIP transmit terminal and the VoIP receive terminal and then performing the secure communication between the VoIP transmit terminal and the VoIP receive terminal, andwherein the step of (e) comprises the step of, at the key recovering system, receiving the session key from the trusted third party, decrypting the secure packet using the session key and providing the decrypted packet to the lawful interception requester.
  - 10. The method according to claim 8 or 9, wherein the exchange of the master key between the VoIP transmit terminal and the VoIP receive terminal in the step of (c) comprises the steps of:
    - transmitting an INVITE message including the master key to the VoIP receive terminal from the VoIP transmit terminal; and
      
      transmitting a response message to the INVITE message to the VoIP transmit terminal from the VoIP receive terminal.
  - 11. The method according to claim 8, wherein the step of (e) comprises the step of, at the key recovering system, receiving the mater key from the trusted third key and providing the received master key and the secure packet received from the collection device to the lawful interception requester.
  - 12. The method according to claim 9, wherein the step of (e) comprises the step of, at the key recovering system, receiving the session key from the trusted third key and providing the received session key and the secure packet received from the collection device to the lawful interception requester.
  - 13. The method according to claim 11 or 12, wherein the exchange of the master key between the VoIP transmit terminal and the VoIP receive terminal in the step of (c) comprises the steps of:
    - transmitting an INVITE message including the master key to the VoIP receive terminal from the VoIP transmit terminal; and
      
      transmitting a response message to the INVITE message to the VoIP transmit terminal from the VoIP receive terminal.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Korea Information Security Agency
Original Assignee
Korea Information Security Agency
Inventors
Won, Yoo Jae, Kim, Joong Man, Yoon, Seok Ung, Won, Yong Geun, Jeong, Hyun Cheol

Application Number

US12/181,543
Publication Number

US 20100002880A1
Time in Patent Office

Days
Field of Search
US Class Current

380/255
CPC Class Codes

H04L 12/66   Arrangements for connecting...

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

H04L 63/10   for controlling access to d...

H04L 63/306   intercepting packet switche...

H04L 9/083   involving central third par...

H04L 9/0894   Escrow, recovery or storing...

SYSTEM AND METHOD FOR LAWFUL INTERCEPTION USING TRUSTED THIRD PARTIES IN SECURE VoIP COMMUNICATIONS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

28 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR LAWFUL INTERCEPTION USING TRUSTED THIRD PARTIES IN SECURE VoIP COMMUNICATIONS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links