1. Field of the Invention
The present invention relates to a secure satellite communications system that provides private communications by utilizing public encryption procedures and private decryption procedures.
2. Description of the Related Art
xe2x80x9cSatellite communicationsxe2x80x9d refers to communications via an orbiting communications satellite. In active satellite communications systems, a transponder-equipped satellite is positioned in a geostationary orbit to provide broadcast, navigation, communications, or similar services to a service area or areas. A service area is defined as the geographic region in which an earth station can receive signals from or send signals to the satellite economically. The satellite carries communications equipment that relays signals to and from ground stations while the satellite orbits high above earthbound relay stations. Broad coverage results and that attracts mobile service where users may roam over a service area as large as the continental United States.
Existing mobile satellite communications networks provide very good communications capabilities to their users but not much communications security. Parties other than the mobile satellite communications network users and their intended correspondents can easily intercept the radio signals carrying the communications and extract the content carried by those signals. The minimal security features of a typical mobile satellite communications network are (1) separate over-the-air IDs for the forward direction (to the mobile user) and return direction (from the mobile user) and (2) scrambling used for single carrier per channel communications in the forward direction (because the forward direction downlink is available over a large portion of the earth""s surface and since it is intended for mobile terminals with small antennas it is a high power transmission from the satellite and thus relatively easy to receive).
The communications security shortcomings of a typical mobile satellite communications network are (1) single carrier per channel communications in the return direction use only a xe2x80x9cdefaultxe2x80x9d scrambling vector, thus no coding security is afforded in the return direction; (2) no security of the data broadcast on the common signaling channel is provided; (3) no security is given to the return direction slotted-ALOHA call request channels; (4) a party that can receive both forward and return direction satellite downlinks can use the information extracted from the return direction to xe2x80x9cdecodexe2x80x9d the forward direction traffic and thus listen to both sides of the call; and, (5) even if the mobile satellite communications network user uses end-to-end encryption (such as STU-III) certain call information such as the service address (telephone number) called and the over-the-air terminal IDs are not protected and thus vulnerable to analysis.
The related art is represented by the following patents of interest.
U.S. Pat. No. 4,200,770, issued on Apr. 29, 1980 to Martin E. Hellman et al., describes a cryptographic apparatus and method. Hellman et al. do not suggest a secure satellite communications system according to the claimed invention.
U.S. Pat. No. 4,306,111, issued on Dec. 15, 1981 to Shyue-Ching Lu et al., describes a public-key cryptosystem. Lu et al. do not suggest a secure satellite communications system according to the claimed invention.
U.S. Pat. No. 4,405,829, issued on Sep. 20, 1983 to Ronald L. Rivest et al., describes a public-key cryptosystem. Rivest et al. do not suggest a secure satellite communications system according to the claimed invention.
U.S. Pat. No. 4,688,250, issued on Aug. 18, 1987 to Donald G. Corrington et al., describes a method and apparatus for effecting a key change via a cryptographically protected link. Corrington et al. do not suggest a secure satellite communications system according to the claimed invention.
U.S. Pat. No. 4,887,296, issued on Dec. 12, 1989 to Donald R. Horne, describes a cryptographic system for a direct broadcast satellite system. Horne does not suggest a secure satellite communications system according to the claimed invention.
U.S. Pat. No. 5,144,667, issued on Sep. 1, 1992 to Russell W. Pogue, Jr. et al., describes a method of positively authenticating a remote unit through cryptographic techniques. Pogue, Jr. et al. do not suggest a secure satellite communications system according to the claimed invention.
U.S. Pat. No. 5,159,633, issued on Oct. 27, 1992 to Kenji Nakamura, describes a multimedia network system. Nakamura does not suggest a secure satellite communications system according to the claimed invention.
U.S. Pat. No. 5,371,794, issued on Dec. 6, 1994 to Whitfield Diffie et al., describes a method and apparatus for providing a secure communication link between a mobile wireless data processing device and a base (fixed node) data processing device which is coupled to a network. Diffie et al. do not suggest a secure satellite communications system according to the claimed invention.
U.S. Pat. No. 5,675,653, issued on Oct. 7, 1997 to Douglas V. Nelson, Jr., describes a real time digital encryption system. Nelson, Jr. does not suggest a secure satellite communications system according to the claimed invention.
U.S. Pat. No. 5,724,428, issued on Mar. 3, 1998 to Ronald L. Rivest, describes a block encryption algorithm with data-dependent rotations. Rivest does not suggest a secure satellite communications system according to the claimed invention.
U.S. Pat. No. 5,745,578, issued on Apr. 28, 1998 to Amer Aref Hassan et al., describes a method and apparatus for establishing a key sequence for secure communication through a communication channel between a first transceiver and a second transceiver. Hassan et al. do not suggest a secure satellite communications system according to the claimed invention.
U.S. Pat. No. 5,748,734, issued on May 5, 1998 to Semyon Mizikovsky, describes a circuit and method for generating cryptographic keys. Mizikovsky does not suggest a secure satellite communications system according to the claimed invention.
European Patent document 0 232 043, published on Aug. 12, 1987, describes a method and apparatus for scrambling a digital signal. European ""043 does not suggest a secure satellite communications system according to the claimed invention.
Great Britain Patent document 2,278,518, published on Nov. 30, 1994, describes a method and apparatus for establishing an encrypted data transfer link between a transmitter and a receiver. Great Britain ""518 does not suggest a secure satellite communications system according to the claimed invention.
Great Britain Patent document 2,279,541, published on Jan. 4, 1995, describes an authentication system for a mobile communication system. Great Britain ""541 does not suggest a secure satellite communications system according to the claimed invention.
International Patent document WO 93/1161, published on Jun. 10, 1993, describes an encryption system for transmitting confidential data from a transmitting device. International ""161 does not suggest a secure satellite communications system according to the claimed invention.
Japan Patent document 2-248131, published on Oct. 3, 1990, describes a key sharing method based on identification information. Japan ""138 does not suggest a secure satellite communications system according to the claimed invention.
Japan Patent document 3-82237, published on Apr. 8, 1991, describes an open public key cryptographic signal verification system. Japan ""237 does not suggest a secure satellite communications system according to the claimed invention.
Japan Patent document 3-169138, published on Jul. 22, 1991, describes a key sharing method based on identification information. Japan ""138 does not suggest a secure satellite communications system according to the claimed invention.
An article entitled xe2x80x9cA METHOD FOR OBTAINING DIGITAL SIGNATURES AND PUBLIC-KEY CRYPTOSYSTEMSxe2x80x9d by R. L. Shivest, A. Shamir, and L. Adleman, published in February, 1978, in Communications of the ACM, Vol. 21, No. 2, pp. 120-126, describes a public key cryptosystem. This article does not suggest a secure satellite communications system according to the claimed invention.
An article entitled xe2x80x9cDATA ENCRYPTION ALGORITHM KEY DISTRIBUTION VIA PUBLIC KEY ALGORITHMxe2x80x9d, published in August, 1985 in IBM Technical Disclosure Bulletin, Vol. 28, No. 3, pp. 1065-1069, describes a data encryption algorithm key distribution in a satellite network using a public key algorithm. This article does not suggest a secure satellite communications system according to the claimed invention.
An article entitled xe2x80x9cID BASED PUBLIC KEY CRYPTOSYSTEMS BASED ON OKAMOTO TANAKA""S ID BASED ONE WAY COMMUNICATION SCHEMExe2x80x9d, published on May 10, 1990 in Electronics Letters, Vol. 26, No. 10, pp. 666-668, describes a public key cryptosystem. This article does not suggest a secure satellite communications system according to the claimed invention.
None of the above inventions and patents, taken either singularly or in combination, is seen to describe the instant invention as claimed.
The present invention is a secure satellite communications system for mobile users. The secure satellite communications system constructed according to the present invention generally includes an orbiting communications satellite. The satellite performs the function of relaying communications to and from a plurality of earth stations. The earth stations may take any of various forms. In other words, the earth stations are intended to include any of various forms of stations, whether fixed, portable, or mobile.
The secure satellite communications system provides a public key system for satellite communications systems to establish private communications. Communications messages are sent by a transmitting earth station encrypted by a public encryption procedure for a particular receiving earth station. The intended receiving earth station receives the transmitted communications messages and utilizes a private decryption procedure to decrypt the received communications messages.
The public encryption procedure may be implemented in a transmitter at a stage just before the modulator and the private decryption procedure may be implemented in a receiver at a stage just after the demodulator. The coding/decoding functions act on bit streams that already exist in satellite communications equipment and would add little, if any, delay to the signal path. Each earth station in the mobile satellite communications network ignores those messages which are not addressed to it or which fail a cyclic redundancy check for validity. Those communications messages encoded with the receiving party""s public encryption procedure and decoded with the corresponding private decryption procedure are received and processed as normal. All other messages are just ignored as if they contain errors which cause the cyclic redundancy check to fail. Each earth station also includes a communications message path which bypasses the private decryption procedure so that unencrypted communications messages may still be received.
Each authorized earth station in the secure satellite communications network has a private decryption procedure and a public encoding procedure. The public encryption procedure is published in a directory (database) available to all other earth stations that make up the secure satellite communications network. Any communications traffic sent from one network earth station to another requires the sending earth station to encrypt the communications traffic with the receiving party""s public encryption procedure. Once encrypted in this way, only the intended recipient can decrypt the communications traffic. The encrypted communications traffic is of the same length as the non-encrypted traffic that it replaces. Additionally, the receiving party can also be confident of the identity of the sending party because of the authentication properties of the public encryption procedure algorithm.
In most mobile satellite communications network situations mobile earth stations only communicate over the air with a fixed earth station. There are typically very few fixed stations serving many mobile stations. Since there are few fixed land stations, the public encryption procedures for each fixed land station may be broadcast along with other system status and operational information on the common signaling broadcast channel""s bulletin board. The public encryption procedures for the mobile earth stations may be stored at the fixed earth stations as an additional field in the database that currently list authorized mobile terminals"" forward and return IDs along with terrestrial telephone IDs.
Accordingly, it is a principal object of the invention to provide a secure satellite communications system that provides private communications by utilizing public encryption procedures and private decryption procedures.
It is an object of the invention to provide improved elements and arrangements thereof in a secure satellite communications system for mobile users for the purposes described which is inexpensive, dependable and fully effective in accomplishing its intended purposes.
These and other objects of the present invention will become readily apparent upon further review of the following specification and drawings.