Systems for encrypting and decrypting data for transmission over non-secure radio or telephone links have been highly refined to meet the needs of the military and private industry. An encryption algorithm that is virtually unbreakable in any reasonable time frame, by even the most powerful of high-speed computers, has been developed and published in the U.S. by the National Bureau of Standards. This algorithm is sanctioned for use by industry in this country as an acceptable method for protecting computerized data that must be transmitted between two parties over communication links that may not be secure. In fact, integrated circuits designed specifically for encryption and decryption of data in accordance with this Data Encryption Algorithm (DEA) are readily available from several vendors, such as Western Digital.TM.. This algorithm, like most encryption schemes, uses an encryption key to encrypt data. Successful use of the DEA or any other encryption/decryption algorithm using an encryption key requires that the station receiving the encrypted transmission have access to the same encryption key used to encrypt the transmission in order to decrypt it. To avoid breach of the secure communications, no unauthorized party should have access to the encryption key that is being used.
Prior art encryption/decryption systems using the DEA or similar methods to encrypt data have typically been designed to encrypt a single source of data. However, much of the communications between corporate and government offices at different locations is conducted with several different communication devices, including facsimile machines, computers, and telephones, each of which represent a potential security risk if a third party taps into the communication link connecting these devices. The conventional approach to protecting communications between such devices would use a separate built-in or add-on security system for each device. Facsimile transmissions and computer communications might be protected with separate encryption systems, such as an encryption card that plugs into the back plane or bus of two computers that must be linked for secure data exchange. However, in the case of telephones, other approaches for providing secure communications have normally been adopted. For example, secure transmission of telephone conversations is sometimes implemented using analog or digital filters and/or frequency shifting techniques to scramble or distort the analog voice signal in a defined manner. The receiving device then unscrambles the signal by applying a corresponding reverse processing of the scrambled analog signal. Unfortunately, the circuitry required for scrambling and unscrambling voice signals is relatively expensive. Even more expensive is the use of separate security systems to protect each type of communications device in an office.
What is needed is a single system to encrypt communications between telephones, facsimile machines, and computers. Each of these types of communication devices produce very different signals, even though these signals are almost always transmitted over a telephone line. A universal encryption system should thus be able to selectively encrypt a variety of communication signals, including facsimile, digital, and analog voice signals. The cost and space saving benefits provided by using a single encryption system for all communications devices at a common location is readily evident. Each location or office then represents a single station that can carry on secure communications using a variety of different devices with any other such station.
In certain prior art schemes for maintaining a secure network, each station is identified by a code that is known only by the other members of the network that may want to communicate with that station. This station identification code must be maintained in secret to prevent unauthorized parties from tapping the communication links between stations and intercepting encrypted signals. A better arrangement would allow publication of such identification codes to enable stations on a public network to communicate with any other station that is using the same encryption gear, but secure communications between parties without verification of the identification codes would be precluded. Interception and decryption of communications intended for another station by a third party using the same encryption/decryption apparatus must be avoided. However, secure systems rarely provide any method to ensure that encrypted communications can only occur with an intended recipient--except by using secret identification codes. Once a secret identification code is compromised, the security of the network is lost. No technique is disclosed in the prior art for verifying that the identification codes of two stations initiating secure communications are correct, if those identification codes are publicly known.
Each station in an encrypted communications network typically engages in secure communications with a defined group of other stations on a regular basis. For that reason, it would be desirable to store a list of the identification codes for each of the stations comprising such a group in an electronic memory so that a station identification code can be readily selected from the list for use by the encryption system. The encryption system should also allow the stored identification codes to be readily entered and changed as needed, and the identification codes should be available to the public. Since encryption of voice communications is preferably accomplished by interfacing an encryption system to a conventional telephone, the encrypted communications system should enable the entry of identification codes for frequently called stations to be stored in the encryption network using a conventional telephone touch-tone keypad.