In a digital radio communications system which carries voice or data traffic, some measure of signal privacy must be provided. As information broadcast using radio waves is subject to interception by anyone having an appropriate receiver, the information must undergo some sort of encryption prior to transmission if privacy is to be achieved. Normally, encryption involves ciphering the information by combining the information in some way with what is commonly termed a secret key to produce an encrypted signal. In order that only the intended receiver be able to decrypt the encrypted signal, both the intended receiver and the base station must be in possession of the same secret key.
One known encryption technique relies on a keystream generator and modular arithmetic or finite math. A plurality of secret key bits and a series of clock pulses are applied to the keystream generator which generates a stream of pseudo-random bits referred to as a keystream. The keystream bits are then bit-by-bit modulo-2 added to the information bits prior to transmission by the sender. An identical keystream generator is used by the receiver to produce an identical keystream of bits which are then bit-by-bit modulo-2 subtracted from the received encrypted data stream to recover the original information. Proper implementation of this technique requires that the sender and receiver keystream generators be synchronized so that the keystream generated at the receiver and subtracted from the encrypted data is in harmony with the keystream generated at the sender and added to the original data. An encryption technique which generates a large number of complex keystream bits and which may be implemented in a general purpose Arithmetic and Logic Unit (ALU) is disclosed in, for example, U.S. Pat. No. 5,148,485 entitled "Encryption System For Digital Cellular Communication", incorporated herein by reference in its entirety.
A variety of approaches to the issue of synchronization may be found in prior art encryption systems. In most encryption systems, synchronization may be viewed as an agreement between the sender and the receiver on the number of clock pulses to be applied from a common initial state until the generation of a particular bit. Other prior art encryption systems, however, do not keep a running count of the number of applied clock pulses and rely, instead, on the initialization of the sender and receiver to the same state at the beginning of a frame and the application of an identical number of clock pulses thereafter. The shortcoming of the latter scheme is the difficulty of reestablishing synchronization should the sender and receiver fall out of synchronization during a particular frame.
Another type of encryption system includes a counter which maintains a count of the number of keystream bits, or blocks of keystream bits, previously generated. The output bits of the counter are combined with the secret key bits to generate the keystream. Because the transmitter and receiver counters are incremented on a regular basis and, therefore, take on the characteristics of a digital time/date clock, such an encryption system is often referred to as a time-of-day driven encryption system.
The advantage of the time-of-day driven encryption system resides in the fact that if the receiver counter falls out of synchronization with the transmitter counter and the system has the capability of providing the receiver with the current transmitter counter value, the receiver counter may be immediately reset to the transmitter counter value instead of returning to the beginning and applying the entire history of clock pulses. The difficulty with such a system, however, is the provision of the transmitter counter value on a sufficiently frequent basis to avoid the accumulation of errors caused by the divergence of the receiver counter value from the transmitter counter value for a relatively long period of time.
A continuous synchronization technique which may be used to synchronize a time-of-day encryption system and to prevent the aforementioned accumulation of errors is disclosed in, for example, U.S. Pat. No. 5,060,266 entitled "Continuous Cipher Synchronization for Cellular Communication System" and incorporated herein in its entirety by reference.
In FIG. 1 is shown a conventional cellular communications system comprising a plurality of cells C1-C10. Each cell has an associated base station B1-B10, each of which is connected to the mobile telephone switching office (MTSO) and subsequently to the public switched telephone network (PSTN) according to known and existing techniques. Base stations B1-B10 effect radio communications with mobile stations m1-m3. The number of active mobile stations m1-m3 located in each cell is essentially limited by the number of available channels within each cell. Moreover, the location of the mobile stations m1-m3 within the system is dynamic. As is obvious to one of ordinary skill in the art, a practical cellular communications system may comprise many hundreds of cells and many thousands of mobile stations. A cellular system comprises the base stations, mobile stations, and MTSOs owned by a particular operator. In many cities, more than one such system may exist.
Because each of the cells C1-C10 in a cellular radio system may be relatively small in size, the likelihood of one of the mobile stations m1-m3 traveling out of one cell and into another cell is great. As the mobile stations travel through the cellular system, they may reach the radio coverage limit of one cell and, therefore, be better served by another cell. Since cellular communication systems are most often interference, rather than noise, limited, a particular mobile station may also be better served by another channel on the same base station. The process of switching an established call from one channel to another is known as hand-off. There are basically three types of hand-off: 1) intra-cell hand-off occurs when the mobile station moves between different channels in the same cell, 2) inter-cell hand-off occurs when the mobile station moves to a different, neighboring cells, and 3) inter-system hand-off which occurs when the mobile station moves to a different, neighboring system.
The base station usually monitors each mobile station and assesses the need for a hand-off by periodically measuring the signal strength, bit error rate, or some other dynamic quality measurement. Measurements of the surrounding base stations may be accomplished with the assistance of the mobile station. If the measurement of the base station presently serving the mobile station falls below a predetermined level, the cellular system determines the availability of other channels in neighboring cells, or in the same cell, and transmits a command to the mobile station, via a high speed data message interrupting the speech communications on the voice channel (a blank and burst data message), to retune to a new frequency. The mobile station mutes the speech and tunes to the radio channel indicated in the blank and burst data message. Speech transmission is resumed after the mobile station has tuned to the new channel.
A number of complications are introduced to the hand-off process when transmissions in the cellular system are digitized and encrypted. One practical problem arises from the fact that the encryption system counter in one base station may be completely out of synchronization with the corresponding counter in another base station. This is particularly true with respect to inter-system hand-off where base stations are operated by commercially distinct, and often competing, entities. For obvious practical reasons, the mobile stations are slaved to the base station with regard to synchronization. The essential issue in terms of hand-off is how to ascertain the counter value at the new base station with a minimum of interruption to the speech, or data, stream. If the new base station to which a hand-off is desired is not synchronized to the old base station, then upon hand-off, the new base station must transmit to the mobile station the new counter value which may then be used, if necessary, to reset the counter in the mobile station.
Another practical problem in performing hand-off of an encrypted telephone conversation is caused by transmission delays in the communications between elements in the land network, for example, between the base stations and a MTSO which coordinates the operation of the cellular system. Such delays may prevent the mobile station from tuning to the new base station frequency at exactly the same time that the new base station begins broadcasting the new counter value. In particular, the blank and burst data message commanding the mobile station to tune to a new base station frequency is usually sent by the MTSO to the old base station and relayed to the mobile station. At the same time, the MTSO signals the new base station to begin broadcasting the new counter value. However, the transmission delays in the communications link between the MTSO and the old base station are not necessarily the same as the transmission delays in the communications link between the MTSO and the new base station. For example, the former communications link may not have the same number of signal repeaters as the latter communications link. Hence, there could be a period of uncertainty from the time the mobile station becomes tuned to the new base station frequency and the time that the new base station begins broadcasting the new counter value.
A method and apparatus for establishing synchronization and resynchronization of an encryption system upon hand-off of communications between cells of a duplex cellular radio system is disclosed in U.S. Pat. No. 5,081,697 entitled "Resynchronization of Encryption Systems upon Hand-off" and incorporated herein in its entirety by reference.
If the base stations were able to operate in a synchronized mode, the advantage for overall system performance is that the time to perform hand-off and consequently the break in speech, or data, transmission would be substantially reduced or eliminated. Systems like GSM require the mobile to acquire synchronization of candidate hand-off base stations in the event of receiving a hand-off command requiring the mobile to switch to that candidate base station. Thus, for GSM, the cipher system need not be synchronized from the system point of view because the mobile is required to figure out the synchronization information before hand-off. With these systems there is not any delay of the hand-off procedure due to the requirement of establishing cipher synchronization. Obtaining synchronization information from neighboring base stations is possible in GSM due to the 8 time slot arrangement. As the mobile station is active for only one of eight slots, time is available for the mobile station to acquire the synchronization information during the remaining 7 slots.
For systems like the North American Digital Cellular System (i.e., EIA/TIA IS-54B), or ADC, which currently operates in a three-slot TDMA mode, there is no spare time left between transmit and receive slots for reading neighboring base station control channels. ADC mobile stations are therefore unable to obtain cipher synchronization information from candidate base stations prior to hand-off and therefore must do so after tuning to a new base station resulting in an unacceptable interruption in speech, or data, transmission. For ADC, the only way of eliminating the time to perform resynchronization of the cipher after hand-off is to mandate that all traffic channels on all base stations be synchronized with respect to encryption. Unfortunately, this solution imposes a severe, and perhaps unfeasible, requirement on the system, especially for inter-system hand-offs.
System synchronization may be viewed as three separate tasks of increasing complexity: intra-cell synchronization, inter-cell synchronization, and inter-system synchronization. It is, for example, relatively easy to provide synchronization between all channels on a site (i.e., intra-cell synchronization.) Referring to FIG. 1, for example, all traffic and control channels within cell C1 may be synchronized to each other, all traffic and control channels within cell C2 may be synchronized to each other, and so forth, with a relatively modest amount of complexity in the network. The next level of system synchronization would be to synchronize all traffic and control channels on cells C1-C10 to each other (i.e., inter-cell synchronization.) This is a significantly more complex task. Ultimately, system synchronization between all cells belonging to different system operators can be synchronized (i.e., inter-system synchronization.) Inter-system synchronization is, from a practical point of view, an immensely difficult task.
Intra-cell hand-offs often occur within the same cell because, for example, a particular channel is subject to severe interference. If there exists intra-cell synchronization then the hand-offs may be accomplished without requiring the mobile to re-synchronize the cipher and thereby eliminating gaps in the voice or data transmission. For example, a control channel and traffic channels within the same cell can, with relative ease, be synchronized. Thus, a mobile can use the cipher synchronization information acquired while on the control channel for use when commanded to communicate on a traffic channel without re-establishing the cipher synchronization thereby eliminating gaps in the conversation.
For hand-offs where there is no cipher synchronization, the mobile station must acquire synchronization information from the new base station before transmitting as described in U.S. Pat. No. 5,081,679 entitled "Resynchronization of Encryption Systems upon Hand-off" also assigned to the same assignee as the present invention and incorporated by reference herein. After hand-off, the mobile ceases communication to the old base station and looks for synchronization information coming from the new base station. When such information is acquired, the mobile starts transmitting to the new base station. Thus, although security is ensured since the user information, e.g. speech, is never sent with the encryption disabled, there is required some delay in re-establishing the conversation.
It is envisaged that many hybrid systems will exist having synchronization to varying degree. For efficiency, the mobile station should not attempt to re-establish cipher synchronization where synchronization already exists. Conversely, the mobile station should attempt to re-synchronize its cipher when synchronization between hand-off channels does not exist. There exists therefore a need to identify when synchronization is required and the manner in which such synchronization should be effected.