CN1247041C - Method of encrypting mobile terminals - Google Patents
Method of encrypting mobile terminals Download PDFInfo
- Publication number
- CN1247041C CN1247041C CN 200310105363 CN200310105363A CN1247041C CN 1247041 C CN1247041 C CN 1247041C CN 200310105363 CN200310105363 CN 200310105363 CN 200310105363 A CN200310105363 A CN 200310105363A CN 1247041 C CN1247041 C CN 1247041C
- Authority
- CN
- China
- Prior art keywords
- data
- portable terminal
- security module
- communication
- udp
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
- 238000000034 method Methods 0.000 title claims abstract description 24
- 230000006854 communication Effects 0.000 claims abstract description 27
- 238000004891 communication Methods 0.000 claims abstract description 24
- 230000005540 biological transmission Effects 0.000 claims abstract description 10
- 230000004044 response Effects 0.000 claims description 8
- 230000011664 signaling Effects 0.000 abstract description 23
- 230000000977 initiatory effect Effects 0.000 abstract description 3
- 238000012856 packing Methods 0.000 abstract description 2
- 230000000875 corresponding effect Effects 0.000 description 3
- 238000005538 encapsulation Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000010295 mobile communication Methods 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 230000004913 activation Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention discloses a method for encrypting a mobile terminal. The present invention comprises the following procedures: verifying the validity of a security module by the mobile terminal; carrying out SIP registration and authentication certification to an SIP server; initiating or responding an SIP request by the mobile terminal and establishing communication; establishing the communication between the mobile terminal and the security module, and encrypting and decrypting voice and data services; ending the communication, releasing corresponding occupied resources, and returning to the initial state of the terminal; the transmission of encrypted data adopts RTP/UDP/IP packing method. The present invention has the advantages that some special and necessary data for encryption can be transmitted in real time without modifying the existing CDMA network signaling system, and the safety requirement of the information communication of personnel in special fields is ensured.
Description
Technical field
The invention belongs to the mobile communication technology field, portable terminal is carried out method of encrypting more specifically to a kind of.
Background technology
In order to ensure the safety requirements of special dimension personnel, need take secrecy provision at portable terminal, to prevent eavesdropping and to divulge a secret to information communication.Under present CDMA technology, the data of end side are carried out encrypted transmission, mainly contain two kinds of methods:
First method takes an enciphered data directly to be transferred to the base station, the speech data that portable terminal sends the base station to is the data behind the coding aloft when interface transmits, but existing actual cdma base station transmits after the vocoded data that receives need being decoded as 64kPCM again, vocoded data after the encryption is because unsuccessful will being got nowhere thereby cause to communicate by letter by jettisoning of decoding like this.So adopting the method that enciphered data directly is transferred to the base station to need to adopt TFO is that Tandem Free Operation mode is transformed, because the TFO mode is based on the circuit exchange mode of system, move towards the all-IP mode for communication network architecture and support or oppose, and to network rebuilding quantities big and Financial cost height and be difficult to carry out.
Second method adopts the speech data after encrypting is transmitted by radio link protocol RLP encapsulation back as the data service data, can walk around the decode procedure of base station, but when encrypting, need at first consult authentication and in ciphering process, transmit the KEY value, if adopt the CDMA signaling to carry these values, cause equally existing C DMA network system is carried out big transformation.
Summary of the invention
Purpose of the present invention, just be to overcome above-mentioned shortcoming and defect, a kind of portable terminal encryption method that the cdma network system is transformed greatly of not needing is provided, mode by VoIP (Voice over IP) is transmitted enciphered data, authentication negotiation and control realize by the signaling of session initiation protocol SIP (Session Initiation Protocol) in the communication process, and enciphered data transmits and adopts the mode of RTP/UDP/IP encapsulation to transmit.Adopt the control of SIP signaling can reduce the control of CDMA signaling, transmit such as the KEY value of cryptographic algorithm and can adopt the SIP signaling to carry, like this can be not to existing C DMA network signal system make amendment just can transmit some encryptions peculiar and essential data.Enciphered data adopts the RTP/UDP/IP mode to encapsulate and can better realize transmitting real time data stream simultaneously.The mode of VoIP also is the trend of mobile communication development.Wherein RTP (Real Time Transport Protocol) is a RTP, UDP (User Datagram Protocol) is a User Datagram Protoco (UDP), IP (InternetProtocol) is an Internet protocol, all is the agreements by IETF (the Internet engineering duty group) definition.
For achieving the above object, the present invention adds a security module on the interface of portable terminal, may further comprise the steps:
(1) legitimacy of portable terminal checking security module;
(2) when security module when being legal, portable terminal carries out SIP registration and authentication to sip server;
(3) portable terminal is initiated the SIP request, the other side's response, and both sides set up communication;
(4) set up communication between portable terminal and the security module, voice or data service data are carried out encryption and decryption;
(5) finish conversation, the respective resources of release busy is returned the terminal initial state.
The described method that data encryption is carried out in voice messaging and data service may further comprise the steps:
(1) portable terminal obtains vocoded data, delivers to security module by serial ports or USB oral instructions;
(2) security module is encrypted data, and data encrypted is delivered to portable terminal by serial ports or USB oral instructions;
(3) portable terminal encapsulates the private data that receives after after the CDMA coded modulation, be sent to air interface through realtime transmission protocol RTP/User Datagram Protoco (UDP) UDP/IP.
The described method that data decryption is carried out in voice messaging and data service may further comprise the steps:
(1) the data-modulated decoding of portable terminal to obtaining from air interface after RTP, UDP, IP unpack, delivered to deciphering module by serial ports or USB oral instructions;
(2) deciphering module is deciphered ciphered data after serial ports or USB mouth are sent terminal back to;
(3) portable terminal is sent into the vocoder decoding to speech data and is pronounced or send the data service data to terminal corresponding module to deal with by acoustical generator.
Description of drawings
Below in conjunction with drawings and Examples the present invention is further described.
Fig. 1 is communication of mobile terminal encryption flow figure of the present invention;
Fig. 2 is a data encryption flow chart of the present invention;
Fig. 3 is a data decryption flow chart of the present invention.
Embodiment
As shown in Figure 1: portable terminal enters secure communication by initial condition, and at first by the legitimacy of portable terminal checking security module, this process can be by on the serial ports or USB mouth that security module are inserted into portable terminal, and triggering mobile terminals is carried out detection validation; Also can be by the checking of portable terminal active detecting.Have only legal security module just can be accepted, otherwise rejection.
The signaling control of air interface is carried out SIP registration and authentication by portable terminal to sip server, the registration of SIP and authentication can be initiated to carry out by security module when having detected the legitimacy of security module automatically, also can initiatively be triggered when need to be keep secret is conversed by user oneself.Set up the communication process of CDMA during authentication simultaneously in beginning, therefore the situation of setting up of examining report CDMA Channel simultaneously.After SIP registration authentication is passed through, just can begin to carry out normal secure communication, otherwise can not carry out secure communication.
Owing to carry out secure communication, secret both sides carry out simultaneously, therefore need the opposite side portable terminal before carrying out secure communication and beginning, and also will register authentication to sip server.
When setting up the communication of SIP signaling, at first set up SIP signaling control logic channel.After channel is set up, on signaling control logic channel, initiate the INVITE signaling by portable terminal and call out, set up with another portable terminal and communicate by letter.After the portable terminal of being exhaled receives CDMA Channel foundation request, set up CDMA Channel, begin to set up SIP signaling control logic channel after being judged as the SIP request, analyze the request of SIP signaling, return Temporary Response, the beginning is made corresponding action when exhaling termination to be subjected to Temporary Response, returned the 200OK signaling if exhale end to agree to set up the communication back, time ACK replys signaling after beginning to exhale termination to be subjected to 200OK, sets up logical data service communication channel for two, the beginning secure communication.Set up the signaling calling procedure of SIP and follow RFC2543 and RFC3261 agreement.
Beginning exhales or when being exhaled the either party to finish to converse, at first on SIP signaling control logic channel, send out the BYE signaling, receive that the opposing party's terminal of signaling returns the 200OK response signaling, remove the encrypted data transmission logic channel, remove SIP signaling control logic channel, that removes portable terminal and security module is connected the respective resources of release busy, withdraw from secure communication, return the terminal initial state.
Portable terminal is followed general cdma communication process when unclassified communications status, do not influence the general radio communication flow process of portable terminal.
Enciphered data among the present invention comprises the data of speech data and data service, the data transmission manner of enciphered data take enciphered data earlier by after the RTP/UDP/IP packing again by the method for CDMA protocol encapsulation, then transfer of data is arrived air interface, the RFC1889 agreement is followed in the transmission of data.Mobile station side need add a security module, sets up communication and encryption and decryption data transmission between travelling carriage and the security module.
As shown in Figure 2, the every 20ms of portable terminal obtains the vocoded data of vocoder in data service data or the MSM chip, data encoding format is EVRC or QCELP, portable terminal is sent to security module to data by terminal serial ports or USB mouth, security module is encrypted data, data encrypted is delivered to terminal by serial ports or USB oral instructions, and portable terminal encapsulates the private data that receives after after the CDMA coded modulation, be sent to air interface through RTP/UDP/IP.
As shown in Figure 3, every 20ms of while, the data-modulated decoding of portable terminal to obtaining from air interface, unpack through RTP, UDP, IP, deliver to deciphering module by terminal serial ports or USB oral instructions, after terminal serial ports or USB mouth are sent terminal back to, send speech data into the vocoder decoding and by acoustical generator, pronounce or send the data service data to terminal corresponding module to deal with as microphone by terminal with the ciphered data deciphering for deciphering module.
Embodiment 1 realizes the encrypted speech transfer of data on CDMA 1X mobile phone.
At first when security module was inserted on the mobile phone by serial ports, mobile phone and security module carried out data interaction, and whether the checking security module is legal.If security module is legal, mobile phone is initiated SIP registration authentication automatically.After registering successfully, another secret mobile phone of customer call, the beginning exhales secret mobile phone to initiate the INVITE signaling, after another secret mobile phone receives the INVITE request, the 180RING response is returned in the beginning ring simultaneously, after beginning to exhale mobile phone to receive 180RING, and the ring-back tone that the activation beginning exhales mobile phone oneself to send.
After the user key-press of being exhaled mobile phone is replied, exhaled mobile phone to send out 200OK, the beginning is sent out ACK and replys after exhaling mobile phone to receive the 200OK response, sets up the encrypted data transmission logic channel, the beginning transmitting encrypted data.In every 20ms, the 8KEVRC vocoded data that sends is obtained from the vocoder of MSM chip by serial ports and is delivered to the external security module of mobile phone, after encryption is finished, enciphered data is sent in the mobile phone, mobile phone sends to the base station through mobile phone CDMA coded modulation after data are encapsulated by RTP/UDP/IP, CDMA.Simultaneously, mobile phone after CDMA, RTP/UDP/IP unpack, is delivered to deciphering module by serial ports with the encrypted speech data that receive, after the deciphering module deciphering, sends into the vocoder of mobile phone again by serial ports, begins pronunciation.
When side user's dropped calls, send the BYE signaling, the opposing party receives back response 200OK, closes CDMA Channel, discharges various resources simultaneously, and mobile phone returns standby picture.
Claims (3)
1. a portable terminal method of encrypting is characterized in that adding a security module on the interface of portable terminal, may further comprise the steps:
(1) legitimacy of portable terminal checking security module;
(2) when security module when being legal, portable terminal carries out SIP registration and authentication to sip server;
(3) portable terminal is initiated the SIP request, the other side's response, and both sides set up communication;
(4) set up communication between portable terminal and the security module, the voice-and-data business is carried out encryption and decryption;
(5) finish conversation, the respective resources of release busy is returned the terminal initial state.
2. portable terminal method of encrypting according to claim 1 is characterized in that the method for voice messaging and data service being carried out data encryption may further comprise the steps:
(1) portable terminal obtains vocoded data, delivers to security module by serial ports or USB oral instructions;
(2) security module is encrypted data, and data encrypted is delivered to portable terminal by serial ports or USB oral instructions;
(3) portable terminal encapsulates the private data that receives after after the CDMA coded modulation, be sent to air interface through realtime transmission protocol RTP/User Datagram Protoco (UDP) UDP/IP.
3. portable terminal method of encrypting according to claim 1 and 2 is characterized in that the method for voice messaging and data service being carried out data decryption may further comprise the steps:
(1) the data-modulated decoding of portable terminal to obtaining from air interface after realtime transmission protocol RTP, User Datagram Protoco (UDP) UDP, IP unpack, delivered to deciphering module by serial ports or USB oral instructions;
(2) deciphering module is deciphered the speech data of encrypting after serial ports or USB mouth are sent terminal back to;
(3) portable terminal is sent into the vocoder decoding to data and is pronounced or send the data service data to terminal corresponding module to deal with by acoustical generator.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200310105363 CN1247041C (en) | 2003-10-24 | 2003-10-24 | Method of encrypting mobile terminals |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200310105363 CN1247041C (en) | 2003-10-24 | 2003-10-24 | Method of encrypting mobile terminals |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1541016A CN1541016A (en) | 2004-10-27 |
| CN1247041C true CN1247041C (en) | 2006-03-22 |
Family
ID=34333707
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200310105363 Expired - Lifetime CN1247041C (en) | 2003-10-24 | 2003-10-24 | Method of encrypting mobile terminals |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1247041C (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4267008B2 (en) * | 2006-07-28 | 2009-05-27 | Necインフロンティア株式会社 | Client / server distributed system, server apparatus, client apparatus, and inter-client RTP encryption method used therefor |
| JP4299846B2 (en) * | 2006-07-28 | 2009-07-22 | Necインフロンティア株式会社 | Client / server distributed system, client device, server device, and message encryption method used therefor |
| CN101335740B (en) * | 2007-06-26 | 2012-10-03 | 华为技术有限公司 | Method and system for transmitting and receiving data |
| CN101127604B (en) * | 2007-09-25 | 2010-06-23 | 中兴通讯股份有限公司 | Information secure transmission method and system |
| CN104113835B (en) * | 2014-08-01 | 2016-01-06 | 努比亚技术有限公司 | A kind of ciphertext sends, the method for transmission, mobile terminal and communication base station |
| CN106572061A (en) * | 2015-10-10 | 2017-04-19 | 中兴通讯股份有限公司 | Wireless communication base station and data sending method thereof, and terminal and data reception thereof |
-
2003
- 2003-10-24 CN CN 200310105363 patent/CN1247041C/en not_active Expired - Lifetime
Also Published As
| Publication number | Publication date |
|---|---|
| CN1541016A (en) | 2004-10-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103974241B (en) | A kind of sound end-to-end encryption method towards android system mobile terminal | |
| CN100466805C (en) | Method for end-to-end enciphoring voice telecommunication | |
| CN105025475B (en) | Mobile secrecy terminal realizing method towards android system | |
| CN105792193B (en) | Mobile terminal sound End to End Encryption method based on iOS operating system | |
| CN101379802B (en) | Method and device for the encoded transmission of media data between the media server and the subscriber terminal | |
| US20060095766A1 (en) | System and method for secure transmission of RTP packets | |
| US7764945B2 (en) | Method and apparatus for token distribution in session for future polling or subscription | |
| CN106899969A (en) | Specific secrecy terminal system implementation method based on iOS system | |
| US9363034B2 (en) | Method to encrypt information that is transferred between two communication units | |
| CN106935242A (en) | A kind of voice communication encryption system and method | |
| CN101384042A (en) | Mobile phone ciphering method based on safe digital interface ciphering card | |
| US20150089212A1 (en) | Systems and Methods For Utilizing IMS Data Security Mechanisms in a Circuit Switched Network | |
| CN113347215B (en) | Encryption method for mobile video conference | |
| US7986773B2 (en) | Interactive voice response system security | |
| CN106936788A (en) | A kind of cryptographic key distribution method suitable for VOIP voice encryptions | |
| EP3248355B1 (en) | Enhanced establishment of ims session with secure media | |
| CN1247041C (en) | Method of encrypting mobile terminals | |
| CN105704711A (en) | Method for ensuring call communication security, device and user terminal | |
| CN104581714A (en) | Method for encrypting speech on basis of TD-SCDMA (time division-synchronization code division multiple access) circuit domains | |
| CN1889700A (en) | Content transmitting method in media gate control protocol calling | |
| CN100512103C (en) | Secret key distributing method of end-to-end encrypted telecommunication | |
| KR101121230B1 (en) | Sip base voip service protection system and the method | |
| CN100463551C (en) | System and method for realizing encrypted communication in mobile communication system | |
| CN114040385A (en) | VoLTE-based encrypted call system and method | |
| CN1177431C (en) | Method and mobile device for end-to-end enciphere |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Assignee: QINGDAO HISENSE ELECTRONIC EQUIPMENT Co.,Ltd. Assignor: HISENSE Co.,Ltd.|Hisense Communications Co.,Ltd. Contract record no.: 2010370000381 Denomination of invention: Method of encrypting mobile terminals Granted publication date: 20060322 License type: Exclusive License Open date: 20041027 Record date: 20100720 |
|
| EM01 | Change of recordation of patent licensing contract |
Change date: 20140707 Contract record no.: 2010370000381 The licensee after: QINGDAO HISENSE ELECTRONICS EQUIPMENT Co.,Ltd. The licensee before: QINGDAO HISENSE ELECTRONIC EQUIPMENT Co.,Ltd. |
|
| LICC | Enforcement, change and cancellation of record of contracts on the licence for exploitation of a patent or utility model | ||
| EC01 | Cancellation of recordation of patent licensing contract |
Assignee: QINGDAO HISENSE ELECTRONICS EQUIPMENT Co.,Ltd. Assignor: HISENSE Co.,Ltd.|Hisense Communications Co.,Ltd. Contract record no.: 2010370000381 Date of cancellation: 20160426 |
|
| LICC | Enforcement, change and cancellation of record of contracts on the licence for exploitation of a patent or utility model | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20041027 Assignee: QINGDAO HISENSE ELECTRONICS EQUIPMENT Co.,Ltd. Assignor: HISENSE Co.,Ltd.|Hisense Communications Co.,Ltd. Contract record no.: 2016990000172 Denomination of invention: Method of encrypting mobile terminals Granted publication date: 20060322 License type: Exclusive License Record date: 20160503 |
|
| LICC | Enforcement, change and cancellation of record of contracts on the licence for exploitation of a patent or utility model | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20160615 Address after: 266510 Qingdao economic and Technological Development Zone, Shandong Province, the former Bay Road, No. 218 Hisense Information Industry Park, building 201, room 1 Patentee after: QINGDAO HISENSE ELECTRONICS EQUIPMENT Co.,Ltd. Address before: 266071 No. 11, Jiangxi Road, Qingdao, Shandong Patentee before: HISENSE Co.,Ltd. Patentee before: Hisense Communications Co.,Ltd. |
|
| CX01 | Expiry of patent term |
Granted publication date: 20060322 |
|
| CX01 | Expiry of patent term |