Method and apparatus for rapid secure session establishment on half-duplex AD-hoc group voice cellular network channels
First Claim
Patent Images
1. A secure group communication method for a wireless dispatch system comprising a group of members, the group members comprising a first secure device which communicates with a plurality of second secure devices over a channel, comprising:
- creating a group member list comprising the first secure device and the plurality of second secure devices;
generating a group traffic encryption key at the first secure device;
establishing, responsive to a first secure call request from the first secure device, a unique key encryption key at the first secure device for each of the plurality of second secure devices, wherein each unique key encryption key is generated via an asymmetric key exchange between the first secure device and each of the plurality of second secure devices during a first session, wherein each unique key encryption key has a corresponding unique private key which corresponds to the unique key encryption key for that particular second device;
generating a unique state vector for each of the plurality of second secure devices at the first secure device, wherein the first secure device also has a first unique state vector, and wherein each unique state vector corresponds to a particular one of the plurality of second secure devices;
sending the group member list, the unique state vectors and the group traffic encryption key to each of the plurality of second secure devices;
storing the group traffic encryption key in the secure devices of the group members for use during a second session between the group members to expedite group traffic encryption key establishment during call set-up of the second session; and
establishing, responsive to a second secure call request from the secure device of one of the group members, the second session between the group members by using the group traffic encryption key from the first session and the unique state vector of each of the secure devices to establish the second session during call set-up of the second session.
6 Assignments
0 Petitions
Accused Products
Abstract
Techniques are provided for secure group communications in a wireless dispatch system which includes a group of devices. The group of devices can include a first secure device which communicates with a plurality of second secure devices over a channel.
61 Citations
25 Claims
-
1. A secure group communication method for a wireless dispatch system comprising a group of members, the group members comprising a first secure device which communicates with a plurality of second secure devices over a channel, comprising:
-
creating a group member list comprising the first secure device and the plurality of second secure devices; generating a group traffic encryption key at the first secure device; establishing, responsive to a first secure call request from the first secure device, a unique key encryption key at the first secure device for each of the plurality of second secure devices, wherein each unique key encryption key is generated via an asymmetric key exchange between the first secure device and each of the plurality of second secure devices during a first session, wherein each unique key encryption key has a corresponding unique private key which corresponds to the unique key encryption key for that particular second device; generating a unique state vector for each of the plurality of second secure devices at the first secure device, wherein the first secure device also has a first unique state vector, and wherein each unique state vector corresponds to a particular one of the plurality of second secure devices; sending the group member list, the unique state vectors and the group traffic encryption key to each of the plurality of second secure devices; storing the group traffic encryption key in the secure devices of the group members for use during a second session between the group members to expedite group traffic encryption key establishment during call set-up of the second session; and establishing, responsive to a second secure call request from the secure device of one of the group members, the second session between the group members by using the group traffic encryption key from the first session and the unique state vector of each of the secure devices to establish the second session during call set-up of the second session. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A secure device configured to communicate with a plurality of second secure devices over a channel in a secure wireless dispatch system comprising a group of members, the secure device comprising:
-
a processor configured to;
create a group member list comprising the first secure device and the plurality of second secure devices, generate a group traffic encryption key for the group members, conduct an asymmetric key exchange during a first session with each of the plurality of second secure devices to establish a unique key encryption key for each of the plurality of second secure devices, wherein each unique key encryption key has a corresponding unique private key for that particular second device; anda vector generator configured to generate a unique state vector for each of the plurality of second secure devices, wherein each unique state vector corresponds to a particular one of the plurality of second secure devices; and a transceiver configured to send the group member list, the unique state vectors and the group traffic encryption key to each of the plurality of second secure devices. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
-
21. A secure device configured to communicate over a half-duplex voice channel, the secure device comprising:
-
a cache memory for storing;
a group member list that identifies a group of secure devices including the secure device and a transmitting secure device, a first unique state vector for the secure device, and a group traffic encryption key corresponding to the group member list and being for use during a subsequent group communication session;a transceiver configured to receive, from the transmitting secure device over the half-duplex voice channel during the subsequent group communication session, periodic synchronization messages and encrypted voice packets, wherein each of the periodic synchronization messages comprise;
a second unique state vector of the transmitting secure device, wherein each second unique state vector is used to encrypt at least one of the encrypted data packets; anda decryption engine designed to;
store a value equal to a current second unique state vector from a current synchronization message;
retrieve the cached group traffic encryption key; and
use the value and the cached group traffic encryption key to generate a unique key that is used to decrypt at least one of the encrypted voice packets. - View Dependent Claims (22, 23, 24, 25)
-
Specification