In a cellular communication system, a geographical region is divided into a number of cells each of which is served by base station. The base stations are interconnected by a fixed network which can communicate data between the base stations. A remote unit is served via a radio communication link by the base station of the cell within which the remote unit is situated.
As a remote unit moves, it may move from the coverage of one base station to the coverage of another, i.e. from one cell to another. As the remote unit moves towards a new base station, it enters a region of overlapping coverage of two base stations and within this overlap region it changes to be supported by the new base station. As the remote unit moves further into the new cell, it continues to be supported by the new base station. This is known as cell reselection or handover.
Communication from a remote unit to a base station is known as uplink, and communication from a base station to a remote unit is known as downlink.
The fixed network interconnecting the base stations is operable to route data between any two base stations, thereby enabling a remote unit in a cell to communicate with a mobile station in any other cell. In addition, the fixed network may comprise gateway functions for interconnecting to external networks such as the Public Switched Telephone Network (PSTN), thereby allowing remote units to communicate with landline telephones and other communication terminals connected by a landline. Furthermore, the fixed network comprises much of the functionality required for managing a conventional cellular communication network including functionality for routing data, admission control, resource allocation, subscriber billing, mobile station authentication etc.
Examples of cellular communication systems include both public cellular communication system such as the Global System for Mobile communication (GSM) and Professional Radio (PMR) systems such as TETRA (TErrestrial Trunked RAdio).
Specifically, although TETRA may be used as a public cellular communication system, it is designed to provide a number of features and services which are particularly suitable for private organisations or groups such as the emergency services.
For example, TETRA provides a number of features and services for managing and controlling group calls as well as for managing the membership of these groups. Other features and services provided by TETRA include, push-to-talk channel allocation, broadcast calls etc. Also, in addition to trunked mode operation wherein remote units communicate via a base station, TETRA provides for the possibility of communication which is communicated directly between remote units. This is known as Direct Mode Operation (DMO) and allows remote units to set up and maintain direct communication between these.
TETRA is a Time Division Multiple Access (TDMA) system wherein 25 kHz wide channels are further divided into four time slots which may be individually assignable. Each time slot has a duration of 14.167 msecs and four timeslots are combined into a time frame having a duration of 56.67 msecs. Each of the four time slots in a time frame may be individually allocated to the same or different remote units. Furthermore, the time frames are combined into multiframes comprising 18 time frames. Frame number 18 is reserved as a control frame wherein control information may be communicated during an active call.
TETRA furthermore provides for a high level of security which may be optimised for specific purposes. For example, calls in TETRA may be end-to-end encrypted in order to prevent eavesdropping or interception of the messages. Such encryption is invaluable for many public services including for example law enforcement organisations.
End-to-end encryption mechanisms for TETRA are described in ETSI (European Telecommunication Standards Institute) specification EN 302 109. ETSI EN 302 109 specifies a voice encryption and decryption mechanism wherein an encryption function of a transmitting unit generates encrypted data that is communicated to a receiving unit where the inverse operation is performed to regenerate the original data. The encryption and decryption functions are based on key streams generated by a key stream generator at the transmitting unit and receiving unit respectively. In order to have successful decoding, it is essential that the key stream of the receiving unit is synchronised with the key stream of the transmitting unit. For this purpose, ETSI EN 302 109 specifies the communication of Synchronisation Values (SVs) from the transmitter to the receiver.
Specifically, a number of SVs are transmitted at the beginning of a call or following cell reselection thereby synchronising the key stream generators. In addition, SVs are sent during the ongoing call in order to allow receiving units missing the initial transmissions of SVs to enter the call later. This is known as late entry. In addition, the transmission of SVs during the call allows a receiving unit that looses synchronisation to re-acquire this during the call.
In accordance with ETSI EN 302 109, SVs are transmitted by half slot stealing wherein a time slot otherwise used for speech or data communication is used for transmission of the SVs. The stealing of half slots is dependent on a priority of the half slot. ETSI EN 302 109 does not prescribe when SVs should be transmitted during a call but suggests that an SV is sent after 0.25 seconds if the half slot is of low or no importance, after 0.5 seconds if the half slot has medium importance and after one second if the half slot has high importance. The interval between SVs thus typically varies between 0.25 and 1 second.
A problem associated with encryption of calls in communication systems such as TETRA is that when a mobile station moves between cells, the encryption synchronisation between the transmitting end and the receiving end may be lost. Typically, this occurs due to changes in the communication delay between the transmitting end and the receiving end, for example due to a changed propagation delay between the moving mobile station and the new base station, modified timing between the involved base stations in the infrastructure and/or allocation of a different time-slot on the new cell.
When the encryption synchronisation is lost, the call cannot be decrypted by the receiving end and the application of the non-synchronised key stream results in the generation of random data. The mobile station which has performed the cell reselection is aware that encryption synchronisation may have been lost and may accordingly proceed to mute the call to avoid that noise is output to the user. However, the mobile station(s) which have not performed the cell reselection has no information that this has occurred. Accordingly, it will proceed to decrypt the call using the non-synchronised key stream until the loss of synchronisation is detected. For a voice call this will result in a noise output rather than the desired speech.
A mechanism that may be used in Tetra is to compare the local key stream with the received SV. If the received SV matches the local stream, this is an indication that the end to end encryption is still synchronised. However, if the SV does not match the local key stream, this may be an indication that the encryption is no longer synchronised. A problem that arises in connection with this approach (also known as flywheeling) is that it is based on the assumption that the received SV is wrong due to an error introduced in the transmission e.g. in the RF channel and thus using the received SV the received would become out of sync with the transmitter. Therefore, the received SV is discarded as long as the encryption is considered to be synchronised, which is typically considered until a plurality of non-synchronised SVs have been received. However, in Tetra the end points may loose synchronisation in case of e.g. cell reselection as described earlier. In this case the received SV will not match the locally generated SV but contrary to the case when an error is introduced in the transmission, it is now the received SV that it is desirable to use. Therefore, the process of discarding the received SV leads to suboptimal performance.
Specifically, ETSI EN 302 109 prescribes that the encryption is to be considered in a synchronised state until a number, N, of consecutive SVs are incorrectly received. N is typically larger than 1 in order to ensure that an error in a single SV does not result in a synchronisation loss. However, for an increasing value of N the time before a synchronisation loss is detected increases. For example, for a typical value of N of 3, the synchronisation loss may not be detected for between 0.75 to 3 seconds in case the SV's are sent immediately after cell reselection is lost. This results in a significant and clearly perceptible noise output for a significant duration following a loss of synchronisation.
ETSI EN 302 109 furthermore prescribes that a decryption apparatus enters a non-synchronised state if loss of synchronisation is detected. When a new SV is received, this is used to synchronise the local key stream generator, after which the decryption apparatus enters the synchronised state and starts to decrypt the call. In the non-synchronised state, the local key stream is considered non-synchronised and accordingly the output is muted to prevent noise being output. This results in a break or gap in the speech which is perceptible to the user. Therefore, setting the value of N lower will result in a reduced risk or duration of noise intervals but increases the risk and frequency of gaps in the output caused e.g. by transmission errors in received SVs.
Hence, an improved system for decryption of calls would be advantageous and in particular a system providing an improved decryption resynchronisation performance, allowing increased flexibility, improved user data quality (e.g. improved audio quality) and/or reduced disruptions to an output signal would be advantageous.