METHOD AND APPARATUS FORGENERATING AN UNIQUE ENCRYPTION KEY STREAM FOREACH DATA BLOCKIN A FRAME
Field of the Invention The present invention relates generally to wireless communication systems, and more particularly, to a method and an apparatus for generating an unique encryption key stream for each data block in a frame.
Background of the Invention A cellular communication system is a complex network of systems and elements. Typical elements include a radio link to the mobile stations (cellular telephones), which is usually provided by at least one and typically several base stations, (2) communication links between the base stations, (3) a controller, typically one or more base station controllers or centralized base station controllers (BSC/CBSC), to control communication between and to manage the operation and interaction of the base stations, (4) a call controller or switch, typically a mobile switching center (MSC), for routing calls within the system, and (5) a link to the land line or public switch telephone system (PSTN), which is usually also provided by the MSC. One aspect of designing a wireless communication system is to provide security to information exchanged between network elements operating within the system. At times, it may be desirable to encrypt information exchanged through an over-the-air interface between a mobile station and a base station during a transmission. In particular, digitized voice without encryption in wireless communication systems may be demodulated and decoded by a suitable receiver. Such eavesdropping capability endangers the privacy of members in the system and the security of the information exchanged through the over-the-air interface. Wireless communication systems may be improved by a suitable encryption scheme to protect the information exchanged between mobile stations and base stations.
Current communication systems require intricate end-to-end synchronization schemes to encrypt or decrypt information exchanged through an over-the-air interface during a transmission. In particular, communication systems provide encryption synchronization to mobile stations and base stations by using over-the-air signaling and additional decoding. However, such systems may inefficiently use valuable radio frequency (RF) resources and may cause audio distortion in receivers until synchronization information is sent again to synchronize the mobile stations and the base stations.
Some encryption methods use historical information, i.e., encryption histories, to encrypt or decrypt information for transmission through an over-the-air interface.
Such methods use a session key repeatedly for multiple transmissions, which may lead to error multiplication if an RF fade is encountered. Consequently, the transmission cannot be decoded and is severely distorted until encryption is reset or re- synchronized because the mobile station and the base station are out of sync. To reset or re-synchronize the encryption, current communication systems require additional logic and complexity, and in some cases, RF bandwidth to keep the mobile station and the base station in sync.
Encryption of information exchanged between network elements over a network link is described and disclosed in the commonly assigned United States patent application serial no. __/ , filed on , 2000, entitled "Method and
Apparatus for Providing Encryption for Information Exchanged Over a Network Link," the disclosure of which is hereby expressly incorporated by reference. However, information exchanged between a mobile station and a base station through an over-the-air interface is not encrypted with an unique key stream for each data block in a frame and therefore, is not secure.
Therefore, a need exists for a method and an apparatus that provides a wireless communication system with good security for information exchanged between a mobile station and a base station while easy to synchronize without inefficiently using valuable radio frequency resources.
Brief Description of the Drawings
FIG. 1 is a block diagram representation of a wireless communication system that may be adapted to operate in accordance with the preferred embodiments of the present invention. FIG. 2 is a block diagram representation of an apparatus that may be adapted to operate in accordance with preferred embodiments of the present invention.
FIG. 3 is a block diagram representation of a session key for generating an unique encryption key stream that may be adapted to operate in accordance with the preferred embodiments of the present invention. FIG. 4 is a flow diagram representation of a method of generating an unique encryption key stream for each data block in a frame that may be adapted to operate in accordance with the preferred embodiments of the present invention.
Detailed Description of the Preferred Embodiments The present invention provides a method and an apparatus for generating an unique encryption key stream for each data block of a frame in a wireless communication system to encrypt and decrypt information. Synchronizing an encryption algorithm on boundaries of a data block, such as a time slot in a TDMA based communication system, alleviates the problem of synchronizing multiple mobile stations as in cellular call handover, and also eliminates the complexity required to keep mobile stations and base stations in sync. A private key is shared between a mobile station and a base station servicing the mobile station. The source, the location, the time, the method, and the type of a transmission are factors to derive a plurality of dynamic system parameters that combine with the private key to generate a session key. Each data block in a frame has a different session key that is used to generate an unique encryption key stream to encrypt and decrypt information exchanged through an over-the-air interface.
Data block-based synchronization eliminates the problem of the mobile station and the base station being out of sync because errors encountered due to RF fades would not multiply. Only the data blocks in the frame that could not be decoded may cause audio distortion. The present invention generates an unique encryption key
stream for each data block in a frame to avoid inefficient use of RF resources, distortion, and synchronization problems.
The present invention is described in terms of several preferred embodiments, and particularly, in terms of a wireless communication system operating in accordance with at least one of several communication standards. These standards include analog, digital or dual-mode communication system protocols such as, but not limited to, the Advanced Mobile Phone System (AMPS), the Narrowband Advanced Mobile Phone System (NAMPS), the Global System for Mobile Communications (GSM), the IS-55 Time Division Multiple Access (TDMA) digital cellular, the IS-95 Code Division Multiple Access (CDMA) digital cellular, the Personal Communications
System (PCS) and variations and evolutions of these protocols. As shown in FIG. 1, a wireless communication system 100 includes a mobile switching center (MSC) 110, and a plurality of base station controllers (BSC), 120 and 125, servicing a total service area 130. As is known for such systems, each BSC 120 and 125 has associated therewith a plurality of base stations (BS), generally shown as 140, 145, 150, and 155, servicing communication cells, generally shown as 160, 165, 170, and 175, respectively. It will be appreciated that additional or fewer cells may be implemented as required and without departing from the fair scope of the present invention. MSC 110, BSCs 120 and 125, and base stations 140, 145, 150, 155 are specified and operate in accordance with the applicable standard or standards for providing wireless communication services to mobile stations (MS), generally shown as 180 and 185, operating in cells 160, 165, 170, 175 and each of these elements are commercially available from Motorola, Inc. of Schaumburg, Illinois.
In the wireless communication system 100, mobile stations 180 and 185 exchange information with base stations 145 and 155, respectively, through an over- the-air interface. The wireless communication system may be, but is not limited to, a time division multiple access (TDMA) based communication system, a code division multiple access (CDMA) based communication system, and a packet data system. The present invention provides security to information exchanged between mobile stations 180, 185 and base stations 145, 155 servicing the mobile stations, respectively. The information is encrypted or decrypted with an unique encryption
key stream based on a private key and a plurality of dynamic system parameters for each data block in a frame.
The unique encryption key stream may be logically combined with plaintext to generate ciphertext. Plaintext is the information to be encrypted, and ciphertext is the logical combination of the plaintext and the unique encryption key stream. For example, the plaintext may be, but is not limited to, voice or data that is desired to be encrypted. The unique encryption key stream is XOR'ed with the plaintext to generate the ciphertext, which enhances security for transmission of the information between a mobile station 180, 185 and a base station 145, 155 servicing the mobile station, respectively, through the over-the-air interface in the wireless communication system 100.
As illustrated in FIG. 2, an encryption device 200 generally includes a private key source 210, a parameters source 220, a logic circuit 230, and a key stream generator 240. The encryption device 200 may be integrated into or adapted to a mobile station or a base station as a standalone unit. The private key source 210 and the parameters source 220 are coupled to the logic circuit 230. The output of the logic circuit 230 is coupled to the key stream generator 240 to generate an unique encryption key stream for each data block in a frame. The data block may be, but is not limited to, a TDMA time slot, a CDMA power control group, and a data packet. The private key source 210 provides a private key, which is a code shared by a mobile station and a base station servicing the mobile station in a wireless communication system. Sharing the private key by the mobile station and the base station allows a session key to be generated without interaction between the two network elements. The private key may change by resetting the encryption device 200. The private key source 210 may be, but is not limited to, a memory that stores the private key. The parameters source 220 provides a plurality of dynamic system parameters including a transaction direction, a receiver frequency, a color code, and a slot number, which are further discussed below. However, the plurality of dynamic system parameters may include other parameters based on information of a transmission such as, but not limited to, the source, the location, the time, the method, and the type, i.e., who, where, when, how, and what of the transmission. The logic
circuit 230 logically combines the private key and the plurality of dynamic system parameters to generate a session key. The logic circuit 230 may be, but is not limited to, an exclusive-OR (XOR) combinational logic circuit. For example, the private key and the plurality of dynamic system parameters is modulo-two summed by the XOR combinational logic circuit to generate the session key. The key stream generator 240 generates an unique encryption key stream for each data block in a frame with the session key generated from the logic circuit 230. The key stream generator 240 includes an encryption algorithm, which may be, but is not limited to, a stream cipher algorithm that one of ordinary skill in the art will readily recognize. As noted above, the plurality of dynamic system parameters are based on information relating to a transmission, i.e., who, where, when, how, and what of the transmission. In an alternate embodiment, the plurality of dynamic system parameters may include a code that indicates the modulation technique of a transmission. The modulation technique may be, but is not limited to, quadrature amplitude modulation (QAM), phase shift keying modulation (PSK), differential phase shift keying (DPSK) modulation, quadrature phase shift keying (QPSK) modulation, Gaussian minimum shift keying (GMSK) modulation, and frequency shift keying (FSK) modulation. In another alternate embodiment, the plurality of dynamic system parameters may include a code that indicates the type of call such as dispatch, telephone interconnect, and packet data.
A processor with a control program directs the encryption device 200 to generate an unique encryption key stream for each data block in a frame. In particular, the private key source 210, the parameters source 220, the logic circuit 230, and the key stream generator 240 operate in accordance with the commands from the processor. The processor is integrated into or adapted to the mobile station or the base station having the encryption device 200. In an alternate embodiment, the processor may be integrated into or adapted to the encryption device 200. In another alternate embodiment, the processor may be replaced by an application specific integrated circuit (ASIC) to operate the encryption device 200. As mentioned above, a private key and a plurality of dynamic system parameters may be logically combined to generate a session key for generating an
unique encryption key stream. Referring to FIG. 3, the private key 310 and the plurality of dynamic system parameters 320 is modulo-two summed by an XOR combinational logic circuit to generate the session key 330. The private key 310 may be, but is not limited to, a 64-bit code in a TDMA system that a mobile station and a base station servicing the mobile station have stored prior to a transmission. The plurality of dynamic system parameters 320 is a 64-bit code that carries a transaction direction 340, a receiver frequency 342, a color code 344, a slot number 346, and a first and second 16-bit of zeros 348, 350. However, the plurality of dynamic system parameters may include other parameters based on factors such as, but not limited to, the source, the location, the time, the method, and the type of transmission. The transaction direction 340 is a 1-bit code that identifies whether a fixed network element (FNE) or a mobile station (MS) is transmitting information. For example, when the direction bit is "1" then a FNE, such as a base station, is transmitting information. When the direction bit is "0" then a mobile station is transmitting information. The transaction direction 340 is shifted by 31 -bits from the first 16-bits of zeros 348. The receiver frequency 342 is a 12-bit code that indicates a frequency in which a mobile station and a base station servicing the mobile station are tuned. The receiver frequency 342 may change at handovers, which are changes of channels. The receiver frequency 342 is shifted left by 19-bits from the first 16-bits of zeros 348. The color code 344 is a 4-bit code that identifies a reused frequency pattern to reduce interference and to distinguish interference signals from another cell. The color code 344 is based on the location of a transmission so it may change at handovers. The color code 344 is shifted left by 15-bits from the first 16-bits of zeros 348. The slot number 346 is a 15-bit code that identifies a fifteen micro-seconds (15 msec) time slot for a physical channel in a time division multiple access (TDMA) based communication system. The slot number 346 may change for every time slot in a frame. The slot number 348 is shifted left by the first 16-bits of zeros 348.
In accordance with the preferred embodiments of the present invention, and with references to FIG. 4, a method 400 for generating an encryption key stream for each data block in a frame is illustrated.
In a wireless communication system, method 400 synchronizes an encryption algorithm by providing a different session key for each data block in a frame so that end-to-end synchronization is unnecessary. As shown in FIG. 4, method 400 begins at step 410 with providing a private key. As noted above, the private key is shared by a mobile station and a base station servicing the mobile station. The private key may be stored in the memories of the mobile station and the base station. At step 420, a plurality of dynamic system parameters are provided. As discussed above, the plurality of dynamic system parameters is based on information relating to a transmission such as the source, the location, the time, the method, and the type of the transmission. At step 430, a session key is generated by a logical combination of the private key and the plurality of dynamic parameters. As noted above, the private key and the plurality of dynamic parameters may be XOR'ed to generate the session key. At step 440, the session key initializes an encryption algorithm to generate an unique encryption key stream for each data block in a frame. In a TDMA based communication system, for example, the encryption key stream changes from time slot to time slot.
Many changes and modifications could be made to the invention without departing from the fair scope and spirit thereof. The scope of some changes is discussed above. The scope of others will become apparent from the appended claims.