Teleconferencing between three or more parties using unencrypted transmissions is a relatively straightforward task of combining the audio signals from each conferee in a conference bridge which can be viewed as a simple summing junction. The conference bridge adds the unencrypted audio contributions from each conferee and redirects the sum of those contributions back to the conferees, so that each conference can hear what the others are saying.
In a teleconference where the conferees are transmitting encrypted signals, however, significant problems are introduced which indicate that use of conventional teleconferencing bridges is either difficult or impossible. First, there is the problem of synchronizing the encryption equipment of all the conferees so that it is possible for them to communicate with each other. This is a particularly difficult problem where one or more of the conferees is mobile. Second, there is no way to simply sum the encrypted information streams from the conferees and still obtain a useful teleconference situation with strong encryption. This is because strong encryption must be a non-linear process and the usual super position assumptions cannot be made. In mathematical terms, if E(*) is an encryption function and A, B, and C are three information streams representing the contributions of the conferees, then E(A)+E(B)+E(C).multidot.E(A+B+C) when E(*) is a strong and secure non-linear encryption function. There, thus, is no way to build a conventional conference bridge for encryption information.
One attempt to solve these problems involves decrypting the information stream from each conferee at the input of the conference bridge. The decrypted information then is combined by the conference bridge in the usual fashion. The difficulty with this approach is that the conference bridge is now processing sensitive, unprotected traffic which could be compromised by unscrupulous individuals who gain access to the bridge. Enhancing the security of such an arrangement is complex and costly because the design of the switching system which implements the conference bridge must be protected against unauthorized intrusion and the staff which operates the switching system must be limited and cleared to access the information involved in the conference. In the case of highly-classified or compartmentalized information, where access is strictly limited to those who have a genuine need-to-know, it may be impossible to staff the switching system with properly cleared personnel. The only alternative provided by prior technology is to perform the secure conferencing function on one of the conferees' premises. Although this may solve security problems, it is clearly not efficient and it limits the size of the secure conference which may be obtained.