The present invention relates to communications methods and apparatus, and more particularly, to communications methods and apparatus using encryption.
Wireless communications systems are commonly employed to provide voice and data communications to subscribers. For example, analog cellular radiotelephone systems, such as those designated AMPS, ETACS, NMT-450, and NMT-900, have long been deployed successfully throughout the world. Digital cellular radiotelephone systems such as those conforming to the North American standard IS-54 and the European standard GSM have been in service since the early 1990""s. More recently, a wide variety of wireless digital services broadly labeled as PCS (Personal Communications Services) have been introduced, including advanced digital cellular systems conforming to standards such as IS-136 and IS-95, lower-power systems such as DECT (Digital Enhanced Cordless Telephone) and data communications services such as CDPD (Cellular Digital Packet Data). These and other systems are described in The Mobile Communications Handbook, edited by Gibson and published by CRC Press (1996).
FIG. 1 illustrates a typical terrestrial cellular radiotelephone communication system 20. The cellular radiotelephone system 20 may include one or more radiotelephones (mobile terminals) 22, communicating with a plurality of cells 24 served by base stations 26 and a mobile telephone switching office (MTSO) 28. Although only three cells 24 are shown in FIG. 1, a typical cellular network may include hundreds of cells, may include more than one MTSO, and may serve thousands of radiotelephones.
The cells 24 generally serve as nodes in the communication system 20, from which links are established between radiotelephones 22 and the MTSO 28, by way of the base stations 26 serving the cells 24. Each cell 24 typically has allocated to it one or more dedicated control channels and one or more traffic channels. A control channel is a dedicated channel used for transmitting cell identification and paging information. The traffic channels carry the voice and data information. Through the cellular network 20, a duplex radio communication link may be effected between two mobile terminals 22 or between a mobile terminal 22 and a landline telephone user 32 through a public switched telephone network (PSTN) 34. The function of a base station 26 is to handle radio communication between a cell 24 and mobile terminals 22. In this capacity, a base station 26 functions as a relay station for data and voice signals.
As illustrated in FIG. 2, a satellite 42 may be employed to perform similar functions to those performed by a conventional terrestrial base station, for example, to serve areas in which population is sparsely distributed or which have rugged topography that tends to make conventional landline telephone or terrestrial cellular telephone infrastructure technically or economically impractical. A satellite radiotelephone system 40 typically includes one or more satellites 42 that serve as relays or transponders between one or more earth stations 44 and terminals 23. The satellite conveys radiotelephone communications over duplex links 46 to terminals 23 and an earth station 44. The earth station 44 may in turn be connected to a public switched telephone network 34, allowing communications between satellite radiotelephones, and communications between satellite radio telephones and conventional terrestrial cellular radiotelephones or landline telephones. The satellite radiotelephone system 40 may utilize a single antenna beam covering the entire area served by the system, or, as shown, the satellite may be designed such that it produces multiple minimally-overlapping beams 48, each serving distinct geographical coverage areas 50 in the system""s service region. The coverage areas 50 serve a similar function to the cells 24 of the terrestrial cellular system 20 of FIG. 1.
Several types of access techniques are conventionally used to provide wireless services to users of wireless systems such as those illustrated in FIGS. 1 and 2. Traditional analog cellular systems generally employ a system referred to as frequency division multiple access (FDMA) to create communications channels, wherein discrete frequency bands serve as channels over which cellular terminals communicate with cellular base stations. Typically, these bands are reused in geographically separated cells in order to increase system capacity. Modern digital wireless systems typically utilize different multiple access techniques such as time division multiple access (TDMA) and/or code division multiple access (CDMA) to provide increased spectral efficiency. In TDMA systems, such as those conforming to the GSM or IS-136 standards, carriers are divided into sequential time slots that are assigned to multiple channels such that a plurality of channels may be multiplexed on a single carrier. CDMA systems, such as those conforming to the IS-95 standard, achieve increased channel capacity by using xe2x80x9cspread spectrumxe2x80x9d techniques wherein a channel is defined by modulating a data-modulated carrier signal by a unique spreading code, i.e., a code that spreads an original data-modulated carrier over a wide portion of the frequency spectrum in which the communications system operates.
Communications in a wireless communications system such as the systems of FIGS. 1 and 2 typically make use of different addressing modes for messages sent out by base stations over a broadcast control channel. Messages may be sent to a broadcast address of the communications system, i.e. addressed to all the mobile terminals (receiver devices or receivers) served by the system, or sent to an individual address associated with a specific mobile terminal. The use of broadcast (point to multipoint) addresses may avoid undue network traffic when a particular message is of interest to more than one receiver. Receivers supported by such systems are preferably configured with both a broadcast address and an individual address so they may access both types of messages. Such systems may also use encryption to provide greater privacy for communications broadcast on control channels which may be subject to interception by receivers other than the intended recipient.
One problem with such prior art systems is that all mobile terminals having the proper broadcast address may access all messages broadcast with the broadcast address. Thus, it is problematic to conveniently use the same channel to send both messages that are intended to be received generally and those that are intended to be received by only a subset of the potential receivers. This is particularly problematic with the expansion of services available on such communications networks, including the introduction of premium services such as, for example, stock quotes or weather updates. Service providers desire a method to control billing for such premium services and control access to such premium services.
One approach previously suggested to the problem of controlling access to premium services is the use of group addresses. A group address may be described as a broadcast address for a subset of receivers. In such a network, each receiver would have a broadcast address, an individual address and, optionally, one or more group addresses. Premium services may then be transmitted using group addresses associated with the premium service. A disadvantage of this approach to controlling access to premium services is the burden of adding and removing receivers from a group. It also places the burden on the address managing system rather than the channel. Fraud prevention concerns may discourage easy changing of receiver addresses in networks such as cellular telephone networks. Furthermore, the use of the group address approach may be subject to eavesdropping, thus making the group addresses subject to interception by those wishing to obtain premium services without payment or to invade the privacy and security of other users. Accordingly, it would be desirable to provide for selective distribution of messages on a broadcast channel which is secure, private and in which inclusion or exclusion from a group may be readily managed.
The present invention provides methods and systems for selectively encrypting and decrypting messages transmitted on a broadcast channel of a communication network. Group encryption keys are provided for one or more services utilizing the broadcast channel to communicate messages. A message associated with a particular service first receives an error check value, such as a cyclical redundancy check (CRC) value, generated from the unencrypted message. The message is then encrypted using the group encryption key for the service and the CRC is added to the encrypted message and transmitted with a broadcast address of the communication network. A receiver then receives the message and determines that the CRC indicates an error (as it is generated from the encrypted message rather than the unencrypted message). The receiver then decrypts the message using the group encryption key for the service (assuming the receiver is authorized to receive the service, i.e., has access to the group encryption key) and generates a CRC from the decrypted message. If this CRC matches the CRC received with the message, the receiver recognizes the message as being associated with the corresponding service and processes the message accordingly. Where multiple services are supported and the receiver has a corresponding plurality of group encryption keys, each encryption key can be tested until a CRC without error is provided thereby indicating the service with which the message is associated.
In one embodiment of the present invention, a method is provided for selective encryption of transmitted messages. A group encryption key is determined for an unencrypted message and an error check value is determined for the unencrypted message. The unencrypted message is encrypted using the group encryption key. The encrypted message and the error check value are transmitted on a broadcast channel of a communication network with an associated destination address. Preferably, the associated destination address is a broadcast address of the communication network and a group encryption key is selected which is associated with a service generating the message. The error check value may be redundancy bits for the message, such as a CRC, and the unencrypted redundancy bits may be appended to the encrypted message for transmission.
Selective encryption operations may be provided for received unencrypted messages which are intended for a broadcast group having an associated group encryption key and not for other messages. Received unencrypted messages associated with at least one of general broadcast or an individual address may be transmitted on the broadcast channel of the communication network with: the broadcast address of the communication network if the unencrypted message is associated with general broadcast and on the communication network with the individual address if the unencrypted message is associated with an individual address.
In a further embodiment of the present invention, the unencrypted message may be encrypted using a general encryption key if the unencrypted message is associated with at least one of general broadcast or an individual address. An error check value may be generated based on the encrypted message if the unencrypted message is associated with at least one of general broadcast or an individual address. The encrypted message and the error check value based on the encrypted message may then be transmitted on the communication network with the individual address if the unencrypted message is associated with an individual address and with the broadcast address of the communication network if the unencrypted message is associated with general broadcast.
In a further embodiment of the present invention, the encrypted message and added error check value is received on the broadcast channel of the communication network. The receiver device determines if the received message is directed to the broadcast address of the communication network. An error check value is generated for the received message and tested to determine if the error check value indicates an error. The received message is decrypted using the group encryption key if the received message is directed to a broadcast address of the communication network and the error check value indicates an error. An error check value is generated for the decrypted message. The received message is assigned to a group associated with the group encryption key if the error check value for the decrypted message indicates no error. The group encryption key may be determined based on the one of a plurality of services which is associated with the message and selecting a one of a plurality of group encryption keys which is associated with the determined one of the plurality of services which is associated with the message as the group encryption key for the unencrypted message. Decryption and error checking operations may be repeated using selected ones of the plurality of group encryption keys as the group encryption key until either the error check value for the decrypted message indicates no error or each of the selected ones of the plurality of group encryption keys has been used as the group encryption key.
In a further embodiment of the present invention, a request for one of the plurality of group encryption keys is received from a user. The user is associated with a service associated with the requested one of the plurality of group encryption keys and the requested one of the plurality of group encryption keys is transmitted to the user on the broadcast channel of the communication network with an associated individual address of the user. The group encryption key may have an associated duration and the group encryption key may be updated when a previous group encryption key has exceeded its associated duration. The group encryption key may also be updated on a periodic basis and the updated group encryption key may be transmitted to users associated with the service associated with the group encryption key using associated individual addresses of the users associated with the service associated with the group encryption key.
In a further embodiment of the present invention, the transmitted group encryption key and the encrypted message and added error check value are received on the broadcast channel of the communication network and the receiving device determines if the received message is directed to the broadcast address of the communication network. An error check value is generated for the received message to determine if the error check value indicates an error. The received message is decrypted using the group encryption key if the received message is directed to a broadcast address of the communication network and the error check value indicates an error. An error check value is generated for the decrypted message and the received message is assigned to a group associated with the group encryption key if the error check value for the decrypted message indicates no error.
In another embodiment of the present invention, a method of selective decryption of transmitted messages is provided including receiving a message on a broadcast channel of a communication network and determining if the received message is directed to a broadcast address of the communication network. An error check value is generated for the received message to determine if the error check value indicates an error. The received message is decrypted using a group encryption key if the received message is directed to a broadcast address of the communication network and the error check value for the received message indicates an error. An error check value is generated for the decrypted message and the received message is assigned to a group associated with the group encryption key if the error check value for the decrypted message indicates no error. The decryption and error check operations may be repeated for each of a plurality of candidate group encryption keys until either the error check value for the decrypted message indicates no error or each of the plurality of group encryption keys has been used as the group encryption key. The error check value for the decrypted message may be computed as redundancy bits for the decrypted message or by applying an error correction code to the decrypted message and determining that an error is indicated for the decrypted message if any errors remain in the decrypted message after applying the error correction code to the decrypted message.
In a further aspect of the present invention, a selective encryption system is provided including an encryption circuit that encrypts a message using a group encryption key and an error check value generation circuit that generates an error check value based on the unencrypted message and adds the error check value to the encrypted message. A transmitter broadcasts the encrypted message with the added error check value on a broadcast channel of a communication network and an encryption key selection circuit selects one of a plurality of candidate group encryption keys as the group encryption key based on a service associated with the message. In one embodiment, a receiver is provided that requests the group encryption key and the transmitter is configured to transmit the group encryption key with an individual address of a requesting device responsive to receiving a request for the group encryption key.
In another aspect of the present invention, a selective decryption system is provided including a receiver that receives a message on a broadcast channel of a communication network and a decryption circuit that decrypts the message using a group encryption key. An error check value generation circuit generates an error check value for the received message and the decrypted message. A comparator circuit responsive to the error check value generation circuit determines whether an error is indicated for the received message and the decrypted message and a selection circuit responsive to the comparator circuit selects one of the received message or the decrypted message as a message to process.