Method for implementing ciphered communication for single-hop terminal-to-terminal calls in a mobile satellite system
First Claim
1. A single-hop method of providing end-to-end encryption between two terminals in a mobile satellite system during a single-hop terminal-to-terminal call comprising the steps of:
- operating each of said two terminals in an independent ciphered mode for transmissions therefrom to at least one gateway station with which each of said two terminals have established a communication link, each of said two terminals employing cipher keys independently of each other for deciphering of respective said transmissions to said at least one gateway station; and
switching said two terminals to an end-to-end cipher mode employing a common cipher key and selected encryption algorithm with respect to said two terminals for deciphering respective said transmissions to each other on a direct satellite communication link between said two terminals.
13 Assignments
0 Petitions
Accused Products
Abstract
A mobile satellite communication system is provided to control the transfer of a terminal for a single-hop call from at least one of a clear mode and a ciphered mode with respect to a gateway station to a ciphered mode with respect to a satellite link connecting the terminal with another terminal for a single-hop, terminal-to-terminal call using a cipher key and an encryption algorithm common to the terminal and the other terminal. Frame number offset data, which indicates a mapping delay between received and transmitted time slots at the satellite, is provided to both terminals in a terminal-to-terminal call for ciphering synchronization.
31 Citations
16 Claims
-
1. A single-hop method of providing end-to-end encryption between two terminals in a mobile satellite system during a single-hop terminal-to-terminal call comprising the steps of:
-
operating each of said two terminals in an independent ciphered mode for transmissions therefrom to at least one gateway station with which each of said two terminals have established a communication link, each of said two terminals employing cipher keys independently of each other for deciphering of respective said transmissions to said at least one gateway station; and
switching said two terminals to an end-to-end cipher mode employing a common cipher key and selected encryption algorithm with respect to said two terminals for deciphering respective said transmissions to each other on a direct satellite communication link between said two terminals. - View Dependent Claims (2, 3, 4, 5, 6, 7)
transmitting data from said first terminal to said first transceiver and to said traffic control system relating to encryption algorithms supported by said first terminal; and
transmitting a cipher mode command from said first transceiver to said first terminal to commence ciphered communication with said first transceiver using the corresponding one of said cipher keys and one of said encryption algorithms.
-
-
3. A method as claimed in claim 2, further comprising the steps of:
-
transmitting data from said second terminal to said second transceiver and to said traffic control system relating to encryption algorithms supported by said second terminal;
querying said traffic control system to determine said selected encryption algorithm to be one of said encryption algorithms that is supported by both said first terminal and said second terminal; and
transmitting a cipher mode command from said second transceiver to said second terminal to commence ciphered communication with said second transceiver using the corresponding one of said cipher keys and said selected algorithm.
-
-
4. A method as claimed in claim 3, further comprising the steps of:
-
commanding said traffic control system to request establishment of said direct satellite communication link;
sending a channel assignment command from said first transceiver to said first terminal to commence channel assignment to said direct satellite communication link, said command having at least one of a plurality of data comprising said common cipher key, said selected encryption algorithm, at least one number sequence for ciphering and deciphering, satellite channels for establishing said direct satellite communication link, and a signaling channel for use between said first terminal and said first gateway station during said terminal-to-terminal call; and
operating said first terminal in a ciphered mode with respect to said first transceiver using said common cipher key, said selected encryption algorithm, and said satellite channels.
-
-
5. A method as claimed in claim 4, further comprising the step of operating said second terminal in a ciphered mode with respect to said second transceiver using said common cipher key and said selected encryption algorithm, and said satellite channels.
-
6. A method as claimed in claim 5, wherein said switching step comprises the step of sending a signal between said first terminal and said second terminal on said direct satellite communication link using said common cipher key and said selected encryption algorithm to verify successful ciphering on said direct satellite communication link.
-
7. A method as claimed in claim 1, further comprising the steps of:
-
providing said first terminal and said second terminal with frame number offset data indicating a time slot mapping delay between receiving said transmissions at said satellite and transmitting said transmissions via said direct satellite communication link, said first terminal and said second terminal using said frame number offset data with said selected encryption algorithm during said ciphered mode with said first transceiver and said second transceiver, respectively, using said common cipher key and the respective one of said communication link; and
verifying ciphering synchronization using said common cipher key prior to communicating via said direct satellite communication link by confirming when one of said transmissions from each of said first terminal and said second terminal has been correctly deciphered at said at least one gateway station using said common cipher key.
-
-
8. A method of providing end-to-end encryption between two terminals in a mobile satellite communication system during a single-hop terminal-to-terminal call comprising the steps of:
-
operating each of a first terminal and a second terminal in an independent ciphered mode for transmissions therefrom to a first gateway station and a second gateway station with which said first terminal and said second terminal have established a first communication link and a second communication link, respectively, each of said first terminal and said second terminal employing cipher keys independently of each other for deciphering of respective said transmissions to said first gateway station and said second gateway station; and
switching both of said first terminal and said second terminal to an end-to-end cipher mode employing a common cipher key and encryption algorithm to said first terminal and said second terminal for deciphering respective said transmissions to each other on a direct satellite communication link between said first terminal and said second terminal. - View Dependent Claims (9, 10, 11, 12, 13, 14)
registering both said first terminal and said second terminal with said second gateway station;
sending data to said second gateway station from said first terminal relating to encryption algorithms supported by said first terminal;
selecting one of said encryption algorithms common to both said first terminal and said second terminal;
sending a signal from said second gateway station to said first gateway station indicating at least one of a plurality of data comprising said common cipher key, said selected encryption algorithm, at least one number sequence for ciphering and deciphering, satellite channels for establishing said direct satellite communication link, and a signaling channel for use between at least one of said first terminal and said first gateway station and said second terminal and said second gateway station during said terminal-to-terminal call; and
operating said first terminal in a ciphered mode with respect to said second gateway station using said common cipher key and said selected encryption algorithm.
-
-
10. A method as claimed in claim 9, further comprising the step of performing ciphering synchronization between said first terminal and said second gateway station after said common cipher key is received.
-
11. A method as claimed in claim 9, wherein said sending step comprises the step of transmitting frame number offset data to said first terminal indicating a time slot mapping delay between receiving said transmissions at said satellite and transmitting said transmissions via said direct satellite communication link, said first terminal using said frame number offset data with said selected encryption algorithm.
-
12. A method as claimed in claim 9, operating said second terminal in a ciphered mode with respect to said second gateway using said common cipher key and said selected encryption algorithm prior to establishing said direct satellite communication link.
-
13. A method as claimed in claim 9, further comprising the steps of
providing both said first terminal and said second terminal with frame number offset data a time slot mapping delay between receiving said transmissions at said satellite and transmitting said transmissions via said direct satellite communication link, said first terminal and said second terminal using said frame number offset data with said selected encryption algorithm; - a
verifying ciphering synchronization using said common cipher key prior to communicating via said direct satellite communication link by confirming when one of said transmissions from each of said first terminal and said second terminal has been correctly deciphered at said second gateway station using said common cipher key.
- a
-
14. A method as claimed in claim 9, wherein said ciphering synchronization is verified when said second gateway station correctly deciphers one of said transmissions from said first terminal.
-
15. A data signal embodied in a carrier wave comprising a command segment to instruct a terminal in a mobile satellite communication system to transfer from at least one of a clear mode and a ciphered mode with respect to a gateway station to a ciphered mode with respect to a satellite link connecting said terminal with another terminal for a single-hop terminal-to-terminal call using a cipher key and an encryption algorithm common to said terminal and said another terminal.
-
16. A data signal embodied in a carrier wave comprising at least one of a plurality of segments comprising a segment having a common ciphering key for use between two terminals during a single-hop call, a segment for indicating assigned satellite channels for use by both of said terminals during said single-hop call, a segment indicating a signaling channel between one of said terminals and a corresponding gateway station, and a command segment instructing one of said terminals to activate the assigned satellite channels and to commence ciphering through said assigned satellite channels using said common ciphering key.
Specification