GB2380369A - Encryption system for a communication network - Google Patents

Encryption system for a communication network Download PDF

Info

Publication number
GB2380369A
GB2380369A GB0123231A GB0123231A GB2380369A GB 2380369 A GB2380369 A GB 2380369A GB 0123231 A GB0123231 A GB 0123231A GB 0123231 A GB0123231 A GB 0123231A GB 2380369 A GB2380369 A GB 2380369A
Authority
GB
United Kingdom
Prior art keywords
encryption
key
terminals
keys
terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
GB0123231A
Other versions
GB2380369B (en
GB0123231D0 (en
Inventor
John Martin Williams
Michael Kitchin
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Marconi Communications Ltd
BAE Systems Electronics Ltd
Original Assignee
Marconi Communications Ltd
Marconi Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Marconi Communications Ltd, Marconi Co Ltd filed Critical Marconi Communications Ltd
Priority to GB0123231A priority Critical patent/GB2380369B/en
Publication of GB0123231D0 publication Critical patent/GB0123231D0/en
Publication of GB2380369A publication Critical patent/GB2380369A/en
Application granted granted Critical
Publication of GB2380369B publication Critical patent/GB2380369B/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/065Network architectures or network communication protocols for network security for supporting key management in a packet data network for group communications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A communication network comprises a plurality of radio terminals 1 each having an encryption key controller 3. An encryption system used with the network has an allocated number of encryption keys, said number being one more than the number of terminals in the network. Each terminal is allocated all but one of the allocated number of encryption keys so that each terminal has a different omitted encryption key. Encryption is carried out using a key which is common to all of the terminals and if one of the terminals is stolen, the key omitted from the stolen terminal may be used to update the remaining terminals. In this manner the network may be kept secure even if a large number of terminals are stolen or lost over a period of time.

Description

<Desc/Clms Page number 1>
A COMMUNICATION NETWORK ENCRYPTION SYSTEM The present invention relates to an encryption system for use with a communications network. Such a network may be a portable secure radio network, a telephone network or a computer network for example.
According to the present invention there is provided an encryption system for a communication network, the communication network comprising a number of terminals, the encryption system having an allocated number of encryption keys, the allocated number being one greater than the number of terminals, wherein each terminal is allocated a number of the encryption keys one less than the allocated number and contained within a key controller and each terminal has omitted therefrom a different encryption key from each other terminal, encryption being carried out within the communication network using a one encryption key common to all the terminals.
The present invention will be now described by way of example, with reference to the accompanying drawings in which :Figure 1 illustrates a communications network having five users; and Figure 2 shows a diagrammatic view of a User Terminal from Figure 1 This particular example is of an encryption system for use in a portable radio network, such as a police radio system or a military radio system, where typically some or all of the following circumstances prevail: 'A number of radios share the same key-a radio net is in operation
'The probability of losing radios and their keys is high 'It must be impossible to recover the net key from the contents of a stolen radio 'Power, space and computing power is strictly limited
<Desc/Clms Page number 2>
'Keys are loaded extremely infrequently 'Anti-tamper precautions are undesirable 'A'panic erase'button is undesirable 'Methods of excluding a radio from the network should resist subversion at- tempts.
'The number of switches and controllers on the radio must be minimised 'Any operator intervention should be simple and intuitively convincing These requirements are common to virtually all secure portable radios.
The basic idea is to use a number of keys, allocated to the net members in such a way that the choice of key can be used to exclude any member of the group. A key updating using the key not possessed by a lost radio and carried out upon its loss prevents derivation of the net key from the contents of stolen radios.
The system is best described by a small example. Assume five users, 1, A to E, are connected by connections 4, to form a net. They are initially issued with keys kO to k5 held in a key controller 3. Each one of these keys, kO to k5, is usable as a key in its
own right. The allocation of these keys to A to E is as follows : User A receives kO, k2, k3, k4, and k5 (but not kl) User B receives kO, kl, k3, k4, and k5 (but not k2) User C receives kO, kl, k2, k4, and k5 (but not k3) User D receives kO, kl, k2, k3, and k5 (but not k4) User E receives kO, kl, k2, k3, and k4 (but not k5)
<Desc/Clms Page number 3>
Initially, all the Users use kO. Assume, now, that one of the Users loses his radio, say user A loses his radio. The remaining net members would then switch to kl, the only key not possessed by User A, and use it update all their held keys. So kO to k5 would become k'O to k'5 and k'l would be used as the net key.
Assume, then, that at some later time another radio is lost, say D's radio is stolen. All users would then use k'4 (not held by D) to update all their keys again, so that k'0 to k'S would become k"O to k"5 respectively and k"4 would become the net key.
Provided updating can be carried out immediately a radio is lost, before another is lost, it is obvious that this system is capable of tolerating loss of virtually all the radios and that even the combined keys recovered from all the stolen radios cannot be used to derive the net key.
Operationally, the Users simply have to indicate to their radios the identity of the lost radio for the keys to update automatically under control of the internal microprocessor. This task could be automated and the instructions to do it sent over the air from a central point. The updated form of kO would be a convenient key to use for a dedicated update instruction channel; this is available to everyone who should have it. The instruction need not be kept private and can be sent over an open channel, although authentication will then be needed.
Depending on the size of the net, the voice quality, and operational constraints, au-
<Desc/Clms Page number 4>
thentication may be done by voice recognition. Electronic certification methods may be needed in other cases however, and certainly would be needed in the case of automated systems.
It should be noted that this processor is not required to perform exponentiation or any other numerically intensive computation and can be of very modest power. Key updating operations are limited to passing old keys through a crypto chip to produce the new keys. The network update will take microseconds rather than milliseconds.
Note also that there is no need for anti tamper precautions, a panic erase switch, nor stun/kill facilities, and hence no reason why the keys should not be stored in inexpensive nonvolatile memory.
In order to introduce a new (replacement) radio to an existing net, it will be necessary for the key loading facility to have performed the same updates in the same order as has occurred in the net, so that the keys to be loaded into the new radio will match the old.
The advantages of this scheme are as follows:
'It is a practical solution to nets where loss of radios is frequent.
'Its processing requirements are extremely modest 'Exclusion of radios from the network cannot be prevented by their holders.
'Stun and kill arrangements are unnecessary.
<Desc/Clms Page number 5>
'No need for emergency erase & battery backed RAM system.
'Re-keying a net can be an infrequent event 'Operator controls are minimised.
'Intuitively easy to understand & operate 'Updating may be done automatically from a central point.
Scalability The basic constraints on the size of the net are the rate at which radios are lost, and the ability to react to loss quickly and disseminate the updating instructions.
If the rate of loss is such that it becomes feasible for a cryptographically sophisticated attacker to steal two or more radios before either can be updated, then the network becomes compromised. This is because the keys they contain can be extracted and a complete key set assembled.
Estimating the size of a net should therefore be made by taking into account: 'The sophistication (or otherwise) of the potential attacker 'The rate of loss of radios 'The time taken to reconfigure the network to exclude radios.
Although the system requires the storage of much larger amounts of key information than is usual, this is not a major constraint due to the enormous capabilities of modem storage chips.
<Desc/Clms Page number 6>
The process of updating keys is extremely simple in the case of block ciphers, and consists of a single encrypt operation. Thus if it is intended to update all the stored keys using kl, kl would be used as the key for the crypto and encrypts each stored key, including kl, to form encrypted versions-k'O to k'6. These would then replace the original kO to k6. The process is inherently one-way and once kO to k6 have been replaced by k'O to k'6, it is not possible to go back and work out kO to k6.
It should be noted that updating operations do not commute with each other. If k'4 is subsequently used to update all the stored keys, then the results, k"O to k"6 would be different from the k"O to k"6 had k4 been used first followed by k'l.

Claims (3)

  1. CLAIMS 1. An encryption system for a communication network, the communication net- work comprising a number of terminals each having a key controller, the en- cryption system having an allocated number of encryption keys, the allocated number being one greater than the number of terminals, wherein each terminal is allocated a number of the encryption keys one less than the allocated num- ber and contained within a key controller and each terminal has omitted there- from a different encryption key from each other terminal, encryption being carried out within the communication network using the one encryption key common to all the terminals.
  2. 2. An encryption system as claimed in Claim 1, wherein if a terminal is removed from the communication network, the remaining terminals using their key controller, update their encryption keys and continue encryption using an up- dated encryption key common to all the remaining terminals.
  3. 3. An encryption system substantially as hereinbefore described, with reference to and as illustrated in the accompanying drawings.
GB0123231A 2001-09-27 2001-09-27 A communications network encryption system Expired - Fee Related GB2380369B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB0123231A GB2380369B (en) 2001-09-27 2001-09-27 A communications network encryption system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB0123231A GB2380369B (en) 2001-09-27 2001-09-27 A communications network encryption system

Publications (3)

Publication Number Publication Date
GB0123231D0 GB0123231D0 (en) 2002-07-17
GB2380369A true GB2380369A (en) 2003-04-02
GB2380369B GB2380369B (en) 2004-03-24

Family

ID=9922791

Family Applications (1)

Application Number Title Priority Date Filing Date
GB0123231A Expired - Fee Related GB2380369B (en) 2001-09-27 2001-09-27 A communications network encryption system

Country Status (1)

Country Link
GB (1) GB2380369B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999037052A1 (en) * 1998-01-19 1999-07-22 Terence Edward Sumner Method and apparatus for conveying a private message to selected members

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999037052A1 (en) * 1998-01-19 1999-07-22 Terence Edward Sumner Method and apparatus for conveying a private message to selected members

Also Published As

Publication number Publication date
GB2380369B (en) 2004-03-24
GB0123231D0 (en) 2002-07-17

Similar Documents

Publication Publication Date Title
US5402490A (en) Process for improving public key authentication
CN100549985C (en) The system and method that is used for application authorization
US5249230A (en) Authentication system
US9647984B2 (en) System and method for securely using multiple subscriber profiles with a security component and a mobile telecommunications device
EP1502467B1 (en) Paired sim card function
CN109543435A (en) A kind of FPGA encryption protecting method, system and server
CN110535641B (en) Key management method and apparatus, computer device, and storage medium
CN110138744A (en) Replace method, apparatus, system, computer equipment and the storage medium of communicating number
CN109035519B (en) Biological feature recognition device and method
US5509075A (en) Method of detecting unauthorized use of a communication unit in a secure communication system
CN105005731A (en) Data encryption and decryption methods and mobile terminal
CN110310392B (en) Vehicle unlocking method and device, computer equipment and storage medium
CZ283178B6 (en) Method of point-to-point connection within a safe communication system
US10027639B2 (en) IC chip performing access control based on encrypted ID
AU2551500A (en) Method for the utilisation of applications stored on a subscriber identity module (sim) and for the secure treatment of information associated with them
CN111666558B (en) Key rotation method, device, computer equipment and storage medium
CN112380063A (en) Digital certificate backup method, device, equipment and storage medium
CN115549907B (en) Root key management system, backup method, recovery method, device and electronic equipment
CN110069949A (en) A kind of electronic contract signature method, apparatus, equipment and medium
CN109391469B (en) Method and device for implementing safety function in control field
US20030123672A1 (en) Optimized enveloping via key reuse
CN112187767A (en) Multi-party contract consensus system, method and medium based on block chain
GB2380369A (en) Encryption system for a communication network
CN111554026A (en) Face recognition system and method based on block chain
CN115001719B (en) Private data processing system, method, device, computer equipment and storage medium

Legal Events

Date Code Title Description
PCNP Patent ceased through non-payment of renewal fee

Effective date: 20140927