Wireless communication systems are well-known. Such systems typically include a plurality of communication units that transceive wireless communication resources with each other and a fixed infrastructure. The fixed infrastructure typically comprises base stations/repeaters that also transceive the wireless communication resources. In some systems, such as a PRIVACY PLUS.RTM. system by Motorola, Inc., the base stations operate under the direction of a central controller that controls allocation of the wireless communication resources. Regardless, it is often the case that the communication units include various communication unit parameters used for their normal operation. An example of such a parameter is an encryption key, as known in the art, used for the encryption and decryption of digitally transmitted voice and data communications.
Many of the parts of a public safety land mobile radio communications system will use encryption to protect the information which is sent through the system. The encryption algorithm requires keys in order to protect the confidentiality of this information. The process by which these encryption keys are generated, stored, protected, transferred, loaded, used and destroyed is known as key management. In order to maintain system security, there are known methods for protecting these keys from disclosure including frequent or periodic updating or replacement.
Oftentimes, a portable or mobile radio is assigned an incorrect or improper encryption key variable. Failure to detect and correct an improper encryption key variable results in the inability for the subscriber radio to transmit or receive in the encrypted mode.
In first generation secure radio systems, an improper key variable would result in either unintelligible noise or silence coming from the radio speaker. The operator would need to realize that he was not receiving and verbally request that the call continue in the unencrypted or "clear" mode. At the earliest possible time (shift change usually), the user would return to have the proper key variable loaded by physically connecting the mobile or portable radio to a handheld key variable loader. This loader device would electronically program the mobile or portable radio.
In modern day, second generation secure radio systems, an improper key variable still results in either unintelligible noise or silence coming from the radio speaker. The user now, however, has the additional capability of requesting that his radio have the key updated by a "rekey request" message being sent over the air to a "key management controller" (KMC). The KMC would then respond to the subscriber rekey request by sending a new key via an encrypted data message. This process is known as over-the-air rekeying (OTAR) and is a secure way of encrypting and sending new encryption keys and other related key management messages through an air interface in such a way that they are protected from disclosure and unauthorized modification.
In modern systems, when subscriber units communicate with the central controller, because the central controller has the ability to monitor a voice channel logical ID (LID) and to identify key variable information transmitted from a particular subscriber unit, the central controller can automatically recognize a mismatch condition between the variable key transmitted by a subscriber unit and key information stored in a key variable database maintained by the central controller. Presently, however, when a mismatch is detected, the problem is merely logged for later consideration by the system administrator (or console operator). The system administrator may wish to correct a mismatch condition, but at the present there is no facility to allow this to occur automatically ("on the fly") so that communications can continue.
Similarly, in direct link communications between subscriber units, i.e., between portable and/or mobile radios, each transceiving subscriber unit exchanges LID information with the other and upon receipt of an invalid LID from a communicating subscriber unit, presently, automatically mutes audio during an encrypted voice channel call. Thus, there is a need, even in this situation, for automatic correction of the secure call key variable once mismatch is detected.
The prior solutions all fail to alert the mobile/portable radio user or the console operator to the existence of a key mismatch problem. Because improper or mismatched keying material can result in silence out of the radio speaker, this condition can be difficult for radio operators to become aware of. There is a need for a solution that alerts the mobile/portable radio users or the key management controller to the existence of a key mismatch problem.
There is also a need for a solution that (a) does not require manual intervention by a radio user or console operator and (b) overcomes the mismatch problem in a speedy and efficient manner so that secure communications can resume as quickly as possible.