Many communication systems currently use privacy techniques to provide voice and data confidentiality and to enhance user security. Encryption is used to prevent unauthorized users from accessing the contents of the communicated message. Encryption techniques have been implemented in cellular radiotelephone communication systems, personal communication systems, paging systems, and both wireline and wireless data networks.
The encryption aspect of privacy involves encryption/decryption of communicated messages. In a communication system, messages are carried in fundamental data packets. Data packets include a header portion, which contains routing and synchronization information, and a message payload portion. The payload contains the message content, which will generally be either signaling data or traffic data. Signaling data is information required to set up the call, establish communications links and grant access. Traffic data is the information, typically voice or digital data, whose content is the purpose of the message. Typically all message payloads, including those containing both signaling data and traffic data, are encrypted identically and at once using a cipher key.
Prior art cellular communication systems typically include at least one geographically fixed communication device in communication with one or more subscriber units via radio frequency (RF) communication links. The fixed communication device typically includes at least one switching center. In prior-art systems, both the switching center and the subscriber unit generate the same cipher key which is used for encryption. Thus, messages may be both encrypted and decrypted at both source and destination of the message. Accordingly, encryption prevents unintended listeners from accessing the contents of the message payload along the communication path between the source and destination.
FIG. 1 illustrates a prior-art subscriber unit having encryption capabilities. Subscriber unit 10 includes codec 12, signaling processor 14, switch 16, encryptor/decryptor 18, key generator 20, transceiver 22, and antenna 24. Along the transmit path, codec 12 encodes traffic (e.g., voice data) into a digital format which is suitable for encrypting. Processor 14 generates digital signaling data.
At times when encoded traffic is to be transmitted, switch 16 causes encoded traffic to be input to encryptor/decryptor 18. Similarly, at times when digital signaling data is to be transmitted, switch 16 causes digital signaling data to be input to encryptor/decryptor 18. Encryptor/decryptor 18 combines the encoded traffic or the digital signaling data with the cipher key, Kc, originating from key generator 20 and the resulting encrypted bitstream is ready for secure transmission via transceiver 22 and antenna 24.
Along the receive path, antenna 24 and transceiver 22 receive a secure transmission from a remote device. The secure transmission is input to encryptor/decryptor 18, which combines the transmission with the cipher key stream originating from key generator 20. This results in decrypted data packets which could include encoded traffic or digital signaling data. When the data packets include encoded traffic, switch 16 connects the packets to codec 12 which decodes the traffic. When the data packets include digital signaling data, switch 16 connects the packets to processor 14 which consumes the signaling data.
As described previously and illustrated in conjunction with FIG. 1, prior-art communication systems typically encrypt/decrypt message payloads containing either signaling data and traffic data in the same manner. Unfortunately, this technique does not work in some newer communications systems, which separate the processing location of messages containing signaling data from the processing location of messages containing traffic data. For example, one system communication device might handle call setup and a different communication device might be responsible for switching traffic. In prior-art systems of this type, privacy is not implemented for several reasons.
One reason that privacy is not implemented in such systems is that, under prior-art protocols, only the call setup communication device knows the cipher key associated with the calling subscriber unit for the given call. New protocols would have to be implemented to in order to synchronize and distribute the key generation variables to the other communication devices which need to encrypt/decrypt the data. In addition, when the signaling data and the traffic are encrypted together but are bound for different destinations, both encrypted signaling and traffic information would have to be sent to both destinations, consuming extra system resources. Alternatively, intermediate decryption/re-encryption processes would have to take place at intermediate system nodes in order to separate the signaling and traffic information and re-send the information in a secure manner to the respective destinations. This would add a substantial level of complexity to data transmissions, as well as adding delay to the communication path.
Without any privacy implemented in a communication system, message payloads are transmitted over a clear channel which allows a third party to monitor the channel and listen to the message contents. The lack of implementing signaling privacy in a communication system may impose certain security risks. Signaling data may include critical security information such as the subscriber unit's mobile subscriber identification number (MSI), access or authorization codes, the number being dialed, and geo-positional location information. This type of information could be intercepted by a third party over an unsecured transmission path.
Accordingly, it is desirable to provide an effective method of implementing privacy of signaling data in a communications systems which process signaling data messages and traffic data messages at a separate network processing nodes. In addition, it is desirable to accomplish signaling privacy without requiring modifications to well-established communications protocols.