Wireless communication systems provide for radio communication links to be arranged within the system between a plurality of user terminals. Such user terminals may be mobile and may therefore be known as ‘mobile stations.’ At least one other terminal, e.g. used in conjunction with mobile stations, may be a fixed terminal, e.g. a control terminal, base station, or access point. Such a system typically includes a system infrastructure which generally includes a network of various fixed installations such as base stations, which are in direct radio communication with the mobile stations. Each of the base stations operating in the system may have one or more transceivers which may, for example, serve mobile stations in a given local region or area, known as a ‘cell’ or ‘site’, by radio frequency (RF) communication. The mobile stations which are in direct communication with a particular base station are said to be served by the base station, and all radio communications to and from each mobile station within the system are made via respective serving base stations. Sites of neighbouring base stations in a wireless communication system may be offset from one another or may be overlapping.
Wireless communication systems may operate according to an industry standard land mobile radio (LMR) protocol such as, for example, the Project 25 (P25) standard defined by the Association of Public Safety Communications Officials International (APCO), or other radio protocols. Further details regarding the P25 standards can be obtained from the Telecommunications Industry Association, 2500 Wilson Boulevard, Suite 300 Arlington, Va. Communications in accordance with P25 or other standards may take place over physical channels in accordance with one or more of a TDMA (time division multiple access) protocol, a FDMA (frequency divisional multiple access), or CDMA (code division multiple access) protocol. Mobile stations in wireless communication systems such as P25 systems send and receive user communicated speech and other data, herein referred to collectively as ‘traffic information’, in accordance with the designated protocol.
Furthermore, LMR systems may operate in either a conventional or trunked configuration. In either configuration, a plurality of mobile stations may be partitioned into separate groups of mobile stations, such that mobile stations may selectively participate in individual (mobile station to mobile station) calls and also in group (mobile station to many mobile stations) calls.
In a conventional system, each mobile station in a group is selected to a particular frequency for communications associated with that mobile station's group. Thus, each group is served by one frequency (e.g., channel), and multiple groups may share the same single frequency (in which case, in some embodiments, group IDs may be present in the group data to distinguish between groups using the same shared frequency). In some systems, each conventional frequency may be further configured to carry multiple channels via a TDMA protocol, which allows for multiple concurrent calls on each frequency based on the configured ratio of the TDMA channels.
In contrast, a trunked radio system and its mobile stations use a pool of traffic channels (e.g., FDMA or TDMA protocols operating on a plurality of available frequencies) for virtually an unlimited number of groups of mobile stations (e.g., talkgroups). Thus, all groups are served by all channels. The trunked radio system works to take advantage of the probability that not all groups need a traffic channel for communication at the same time. When a member of a group requests a call on a control or rest channel on which all of the mobile stations in the system idle awaiting new call notifications, in one embodiment, a call controller assigns a separate traffic channel for the requested group call, and all group members move from the assigned control or rest channel to the assigned traffic channel for the group call. In another embodiment, when a member of a group requests a call on a control or rest channel, the call controller may convert the control or rest channel on which the mobile stations were idling to a traffic channel for the call, and instruct all mobile stations that are not participating in the new call to move to a newly assigned control or rest channel selected from the pool of available channels. With a given number of channels, a much greater number of groups can be accommodated in a trunked system as compared with conventional radio systems.
Group members for group calls conducted on conventional or trunked systems may be statically or dynamically defined. That is, in a first example, a user or administrator working on behalf of the user may indicate to the switching and/or radio network (perhaps at a call controller, PTT server, zone controller, or mobile management entity (MME), base station controller (BSC), mobile switching center (MSC), site controller, Push-to-Talk controller, or other network device) a list of participants of a group at the time of the call or in advance of the call. The group members (e.g., mobile stations) could be provisioned in the network by the user or an agent, and then provided some form of group identity, identifier, or address, for example. Then, at a future time, an originating user in a group may cause some signalling to be transmitted indicating that he or she wishes to establish a communication session (e.g., group call) with each of the pre-designated participants in the defined group. In another example, mobile stations may dynamically affiliate with a group (and also disassociate with the group) perhaps based on user input, and the switching and/or radio network may track group membership and route new group calls according to the current group membership. In a still further example, mobile stations participating in a first group or individual call may monitor traffic channel signalling to determine if another higher priority group or individual is active or about to start which would cause the mobile station to leave the current call before it is completed in order to join the higher priority call.
Many wireless communication systems, including many LMR systems in general and many P25 systems in particular, employ a procedure to encrypt sensitive communicated traffic information, especially where the information is sent via insecure channels, e.g. by wireless communication over-the-air. For example, in some wireless communication systems, communications can be end-to-end encrypted. This means that encryption of traffic information is applied by an original transmitting terminal of the sender (source) of the traffic information and removed by a final receiving terminal of the recipient (destination) of the traffic information. Intermediate terminals that facilitate the delivery of the encrypted traffic information are unable to decrypt the encrypted traffic information (or at least, are unable to do so in a reasonable amount of time).
In addition to end-to-end encryption, link layer encryption (LLE) may be used between individual links in a path from a source transmitter to a destination receiver to further prevent the interception or monitoring of traffic information transmitted over-the-air, such as between mobile stations and base stations. For example, even when end-to-end encryption is used to encrypt digitized voice data, some control and/or signalling data is necessarily sent unencrypted over-the-air to allow the receiving device (such as the base station or mobile station) to identify a sender or receiver, group ID, or to obtain information such as an algorithm ID or key ID sufficient to begin decrypting the end-to-end encrypted voice data. LLE may be used, for example, to encrypt over-the-air communication links between mobile stations and base stations, and advantageously prevent an eavesdropper from intercepting information transmitted over-the-air, such as group ID's, transmitter ID's, target ID's, algorithm IDs, key IDs, or other control information.
FIG. 1 illustrates an example of how encryption may be achieved between a transmitter 101 and receiver 103 over an intervening channel 105 (e.g., air-interface) by producing a random or pseudo-random data sequence of binary digits (e.g., an encryption initialization vector 111) and using a combining procedure (e.g., an encryption algorithm 115) to combine the encryption initialization vector 111 with a secret key variable 113 supplied by the user. The combination generates another data sequence, known as a keystream, incorporating the secret key variable 113. The keystream, or a portion of it, is then used internally by the encryption algorithm 115 to encrypt the traffic information 117 to be transmitted in encrypted form as encrypted traffic information 133. This is done in an encryption processor by using a combination procedure, such as an XOR (exclusive OR) combination procedure, to combine the unencrypted traffic information 117 with the keystream, e.g. on a frame-by-frame basis. The encryption initialization vector 111 may be loaded into a linear feedback shift register (LFSR), for example, and may be clocked to provide a time-varying keystream.
The secret key variable 113 used at the transmitter 101 is known at the receiver 103 and is thus never transmitted openly (e.g., unencrypted). The receiver 103 is sent the encryption initialization vector 111, an identifier identifying the encryption algorithm 115 used at the transmitter 101 (assuming it is not hardcoded in both transmitter 101 and receiver 103), and an identifier identifying the key variable 113 used at the transmitter 101 (assuming it is not hardcoded in both transmitter 101 and receiver 103) via a sync block 131 transmitted over the channel 105 and included in one or more of a header information structure or embedded in a data payload frame. The transmitter 101 also transmits the encrypted traffic information 133 over the channel 105 for reception by the receiver 103. The receiver 103 is thereby able to re-construct the keystream applied at the transmitter 101. The receiver 103 combines the reconstructed keystream with the encrypted traffic 133 it receives in a manner such that the keystream included in the encrypted traffic 133 is cancelled allowing the original user traffic 163 to be extracted in unencrypted form. For example, the receiver 103 may use a same clocked LFSR as used by the transmitter 101 to provide a same time-varying keystream using the retrieved encryption initialization vector 111 transmitted in the sync block 131.
The encryption/decryption process therefore typically includes (i) operation of an encryption algorithm in a processor of a transmitting terminal to encrypt the information to be transmitted, and (ii) operation of a related decryption algorithm in a receiving terminal to decrypt the received encrypted traffic information.
Typically, radio systems supporting LLE do so on a call by call and/or group by group basis. In other words, LLE encrypted individual or group-based calls are assigned to a (at least temporarily) dedicated LLE channel for the duration of the call and on which only LLE-capable mobile stations can participate, while non-LLE encrypted individual or group-based calls are assigned to a (at least temporarily) dedicated non-LLE channel for the duration of the call and on which LLE-capable and non-LLE-capable mobile stations can participate. One problem that has arisen with this division between LLE and non-LLE calls in radio systems supporting both LLE-capable calls and non-LLE-capable calls, is that a mobile station that is subscribed to an LLE group and a non-LLE group, and is currently participating in a non-LLE individual call or non-LLE group call with non-LLE group members, may miss an LLE individual or group call that keys up during the non-LLE call. In many cases, the LLE call may be a higher priority call than the non-LLE call, but because there is no signalling mechanism to securely signal non-LLE call participants of the LLE call, non-LLE call participants that are subscribed to both the LLE group and non-LLE group, or that are capable of conducting both LLE and non-LLE individual calls, remain on the non-LLE call until it completes, after which time it may join the LLE call using a late entry mechanism.
Accordingly, what is needed is an improved method, device, and system for securely notifying mobile stations participating in non-LLE calls of the existence and/or identity of a new LLE call, so that mobile stations that are dual-subscribed to both LLE groups and non-LLE groups, and/or capable of participating in LLE and non-LLE individual calls, can make an informed determination of whether or not to continue in the non-LLE call.