Encrypted voice and data systems are well known. Many of these systems provide secure communication between two or more users by sharing the same encryption algorithm and one or more encryption key variables (keys), each of which is a number used to encrypt communications using a particular encryption algorithm. This permits only those users using the same encryption algorithm and knowing the key(s) to properly decrypt the secure communication. Encryption itself is performed on an end-to-end basis within a communication system, i.e., encrypting a message at the originating communication unit, passing the encrypted message through any number of channels and/or infrastructure to the end user's communication unit, which decrypts the message.
To provide encryption, a key management facility (KMF) is used to initially generate and manage the keys in the communication system. The KMF is typically a dedicated server that is housed in a secure location. As the KMF is stationary, a portable device called a key variable loader (KVL) has been developed to provide portability for key management. The KVL is physically connected to the KMF, where it is loaded with the encryption algorithm and key information from the KMF. Once loaded, individual devices are connected to the KVL to be loaded with the first algorithm and keys in an initial provisioning stage. During the initial provisioning stage, the KVL can be controlled manually by its user or act as a proxy for the KMF.
Most encryption algorithms support a number of keys as encryption algorithms are not often replaced in the field. The continuing use of one encryption algorithm over the course of time permits determination of the algorithm being used, leading to the possibility of unauthorized decryption if further security measures are not implemented. Thus, to retain security over a long period of time, the keys are periodically changed, typically weekly or monthly. This increases security as both the algorithm and the key must be divined by an unauthorized entity intercepting the encrypted message before decryption is possible. The KVL, after the initial provisioning of the devices, ensures that various devices are using the current encryption algorithm and keys by providing services such as over-the-air-rekeying (OTAR) in the wireless network.
More particularly, previously if it was unknown whether one or more of the devices in a group of devices was compromised, reprovisioning of the keys was performed by transporting the uncompromised devices of the group to the KVL location and again physically connecting them individually to the KVL. The new key supplants the previous key, thereby permitting only those devices containing the new key to communicate. Transporting the devices to be reprovisioned to the KVL location, however, is impracticable under circumstances in which many devices are to be reprovisioned (e.g., in one-to-many communications) or in cases in which one or more of the devices is remote. Further, physically connecting all of the devices individually remains burdensome and time consuming.
It is desirable to provide a less cumbersome method for distributing encryption keys to numerous widely-deployed devices in a communication system that utilizes End-to-End encryption.