EP1208663A1 - System and method for secured data transmission within a wireless communication system - Google Patents

System and method for secured data transmission within a wireless communication system

Info

Publication number
EP1208663A1
EP1208663A1 EP00963787A EP00963787A EP1208663A1 EP 1208663 A1 EP1208663 A1 EP 1208663A1 EP 00963787 A EP00963787 A EP 00963787A EP 00963787 A EP00963787 A EP 00963787A EP 1208663 A1 EP1208663 A1 EP 1208663A1
Authority
EP
European Patent Office
Prior art keywords
encryption key
communication system
signal
encoded signal
acoustic
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP00963787A
Other languages
German (de)
French (fr)
Other versions
EP1208663A4 (en
Inventor
Jeffrey Rodman
Gil Pearson
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Polycom Inc
Original Assignee
Polycom Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Polycom Inc filed Critical Polycom Inc
Publication of EP1208663A1 publication Critical patent/EP1208663A1/en
Publication of EP1208663A4 publication Critical patent/EP1208663A4/en
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K1/00Secret communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/34Encoding or coding, e.g. Huffman coding or error correction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • the invention relates generally to communication systems, and more particularly to a system and method for the transmission of secured data within a communication system having wireless networked components.
  • Wireless networks are making increasing use of wireless networks to link system components, such as microphones, speakers, and the like.
  • Use of wireless networks avoids the need to cable the system components together, thereby simplifying system setup and allowing the system components to be easily re-arranged to suit the needs of the user(s).
  • the use of wireless networks to link system components also offers significant aesthetic benefits by eliminating or reducing unsightly wiring.
  • a disadvantage associated with wireless networked communication systems is the potential for unintended dissemination of confidential or sensitive information.
  • the conference systems are typically located in a fully enclosed space, i.e., a conference room.
  • RF radio-frequency
  • Such RF signals may easily penetrate the walls, ceiling, etc. of the conference room and may thus be inadvertently transmitted to other devices capable of receiving the signals, e.g., a component of another wireless networked system located in a second conference room. Transmission of the RF signals outside of the conference room may also allow interception by eavesdroppers or industrial spies, thereby compromising confidentiality.
  • One method of preventing the inadvertent dissemination of confidential information is to encode the transmitted RF signals using an encryption key, essentially scrambling the underlying information.
  • the signals are subsequently decoded at the receiving component using the same or a complementary encryption key.
  • this method requires all components within the communication system to possess the same encryption key in order to properly encode and/ or decode the RF signals.
  • One technique for assigning a common encryption key for all wireless networked components within a communication system involves manually entering the encryption key (by setting switches or through a keypad) at each component. However, this technique is time- consuming and subject to user error.
  • Another technique for assigning the encryption key is to initially (i.e., at the start of system operation) distribute the key using unencrypted RF signals. Unfortunately, an eavesdropper monitoring the RF transmissions can intercept the transmitted encryption key and use the encryption key to decode subsequent transmissions.
  • the present invention provides a system and method for securely transmitting information between and among components of a wireless networked communication system.
  • the components of the communication system include a base station containing the primary system circuitry, and a set of physically co-located remote devices (microphones, speakers, personal computers, LCD projectors, video monitors, and the like) which normally communicate with the base station and with each other by transmission and reception of RF signals.
  • a base station containing the primary system circuitry
  • a set of physically co-located remote devices microphones, speakers, personal computers, LCD projectors, video monitors, and the like
  • an encryption key is distributed using an acoustic signal.
  • the base station is provided with an acoustic transmitter (i.e., a speaker), and each remote device is provided with an acoustic sensor (i.e., a microphone).
  • the base station At the commencement of system operation, the base station generates an encryption key, converts the encryption key into an acoustic signal, and transmits the signal.
  • the encryption key may comprise a randomly generated n-digit sequence of numbers which is converted to a corresponding sequence of DTMF tones.
  • Each of the remote devices is provided with an acoustic sensor for detecting the acoustic signal transmitted by the base station.
  • the acoustic sensor responsively generates an electrical signal, which is passed to an acoustic codec.
  • the acoustic codec is operative to extract a digital representation of the encryption key for storage in a memory.
  • the encryption key is subsequently utilized by the base station and remote devices to encrypt and decrypt conference data passed between and among the devices and the base station through RF signals.
  • Use of the acoustic signal to distribute the encryption key effectively prevents non-co-located devices (i.e., those located outside of a conference room) from detecting the encryption key.
  • FIG. 1 is a block diagram showing components of a wireless networked communication system located within a conference room;
  • FIG. 2 is a block diagram of a base station and an exemplary remote device of the present invention.
  • FIG. 3 is a flowchart showing the steps of a method for distributing an encryption key by transmission and reception of an acoustic signal, in accordance with the present invention.
  • FIG. 1 depicts components of an exemplary wireless networked communication system 114 located within an enclosed first conference room 100.
  • Communication system 114 may comprise, but is not limited to, a video conferencing or audio conferencing system of the type sold by Polycom, Inc. of San Jose, California.
  • Communication system 114 includes a base station 106 which contains the primary system circuitry, and a plurality of remote devices, such as remote devices 108 and 110, which communicate with base station 106 and with each other by the transmission and reception of electromagnetic signals, typically radio frequency (RF) signals.
  • RF radio frequency
  • Some examples of remote devices are microphones, speakers, personal computers, LCD projectors, and video monitors.
  • Base station 106 may be additionally configured to manage communications with other communication systems (e.g., video conferencing systems located at other sites) over conventional circuit or packet switched networks, such as the public switched telephone network or the Internet. It is noted that while two remote devices 108 and 110 are depicted in the figure, a lesser or greater number of remote devices may be utilized.
  • other communication systems e.g., video conferencing systems located at other sites
  • circuit or packet switched networks such as the public switched telephone network or the Internet.
  • FIG. 1 also depicts a second conference room 102 adjacent to first conference room 100 and separated therefrom by a wall 104.
  • Remote device 112 which is not part of communication system 114, is located within second conference room 102. Because RF signals transmitted by base station 106 and remote devices 108 and 110 may easily penetrate wall 104 and reach remote device 112, the information underlying the transmitted RF signals may be inadvertently disseminated to persons having access to remote device 112. If such information is sensitive or proprietary, the confidentiality of the information may thus be compromised.
  • An object of the present system and method is to secure against inadvertent disclosure of confidential information by encrypting the conference data transmitted between and among base station 106 and remote devices 108 and 110.
  • conference data denotes data representative of any information which may be presented to users of communication system 114 during operation thereof, including speech, images, and the like.
  • base station 106 and remote devices 108 and 110 To successfully encrypt and decrypt the conference data, base station 106 and remote devices 108 and 110 must possess a common encryption key. In accordance with the present system and method, the encryption key is distributed by the transmission and reception of an acoustic signal.
  • acoustic signals are attenuated relatively rapidly and do not readily penetrate walls such as wall 104, devices located outside of first conference room 100 are unable to detect the transmission of the acoustically-encoded encryption key, and hence cannot decrypt subsequently received RF signals (including those representative of confidential information) emanating from communication system 114.
  • Base station 106 is provided with an encryption key generator 202 configured to randomly generate an encryption key 204 in accordance with well-known random key generation algorithms.
  • Encryption key 204 may comprise, for example, a randomly generated n-digit string.
  • Encryption key 204 is stored in memory 206 for subsequent use by encryption/ decryption module 208.
  • Encryption key 204 is additionally conveyed to an acoustic codec 210, which is electrically coupled to an acoustic transmitter 212.
  • Acoustic codec 210 is configured to apply an electrical signal to acoustic transmitter 212 which causes acoustic transmitter 212 to emit an acoustic signal (i.e., sounds) which encodes the encryption key.
  • the n-digit encryption key is encoded as a string of dual-tone multi-frequency (DTMF) tones.
  • DTMF dual-tone multi-frequency
  • acoustic transmitter 212 which may comprise a conventional loudspeaker, emits the acoustic signal encoded encryption key 204. It is appreciated that the acoustic signal power should be sufficient to enable co- located remote devices to detect the signal, but the power should be minimized to prevent detection of the signal outside of conference room 100 (FIG. 1) as well as to avoid subjecting persons present within conference room 100 to an unpleasantly harsh sound.
  • the acoustic signal propagates through conference room 100 (FIG. 1) and is received at remote device 108.
  • remote device 108 is provided with an acoustic sensor 220, which may comprise a conventional microphone.
  • Acoustic sensor 220 is operative to detect the acoustic signal encoded encryption key 204 (for example, a string of DTMF tones) and to responsively generate a corresponding electrical signal.
  • the electrical signal is passed to an acoustic codec 222, which is configured to extract a digital representation of encryption key 204 for storage in a memory 224.
  • Encryption key 204 may subsequently be accessed by encryption/ decryption module 225 to encrypt conference data 226 transmitted to base station 106 or other co-located devices and to decrypt conference data 226 received from base station 106 or other co-located devices of the communication system 114 (FIG. 1).
  • encryption key 204 has been distributed to remote device 108 (as well as to the other remote devices of communication system 114 of FIG. 1), encryption key 204 is utilized to encrypt and decrypt conference data 226 transmitted by RF signals between and among the various components of communication system 114.
  • Base station 106 is provided with an encryption/ decryption module 208, RF codec 214, and RF transceiver 216.
  • remote device 108 is provided with encryption/ decryption module 225, RF codec 227, and RF transceiver 228.
  • encryption/ decryption modules 208 and 225 and the RF codecs 214 and 227 may be configured as hardware, software, or a combination thereof.
  • conference data 226 (which may comprise speech, images, and the like, as discussed above), is encrypted by encryption/ decryption module 208 or 225 using encryption key 204.
  • Encryption/ decryption module 208 or 225 may employ any one of a large number of encryption techniques well known in the art.
  • the encrypted conference data is then encoded by codec 214 or 227 for transmission as RF signals by RF transceiver 216 or 228. Because the RF signals contain encrypted (i.e., unintelligible) information, eavesdroppers and others who intercept the RF signals will not have access to underlying conference data 226.
  • RF signals transmitted by another component of communication system 114 (FIG. 1) are received by RF transceiver 216 or 228, and converted to a digital representation of the encrypted conference data by RF codec 214 or 227.
  • the encryption/ decryption module 208 or 225 is then operative to decrypt conference data 226, which may be subsequently used for a variety of purposes.
  • remote device 108 may comprise a microphone which generates conference data representative of the speech of conference participants.
  • the conference data representative of the speech is encrypted and transmitted to base station 106 by RF signals.
  • Base station 106 receives the RF signals, decrypts the underlying conference data, and conveys this data to another communication system over a telephone network.
  • remote device 108 is depicted as having an RF transceiver 228, other remote devices may be adapted for unidirectional RF communications with base station 106 (i.e., either from base station 106 to the remote device, or from the remote device to base station 106). In such cases, an RF transmitter or receiver will be substituted for RF transceiver 228.
  • FIG. 3 is a flowchart 300 showing steps of an exemplary method for distributing encryption key 204 (FIG. 2) using an acoustic signal in accordance with the present system and method.
  • the key distribution sequence is initiated.
  • Step 302 may be triggered automatically, as by turning on communication system 114 (FIG. 1), or may be triggered manually by a user engaging a "reset" control or the like.
  • encryption key generator 202 (FIG. 2) randomly generates encryption key 204 and stores encryption key 204 in memory 206 (FIG. 2) in step 304.
  • Encryption key 204 is then encoded by codec 210 (FIG. 2) and transmitted as an acoustic signal by acoustic transmitter 212 (FIG. 2) in step 306.
  • the acoustic signal representative of encryption key 204 is received by acoustic sensor 220 (FIG. 2) of remote device 108 (FIG. 2) and decoded by acoustic codec 222 (FIG. 2) in step 308, to extract a digital representation of encryption key 204. It may be desirable (particularly in environments having high levels of ambient noise, which may interfere with transmission and reception of the acoustic signal) to provide an error detection scheme (using a transmitted checksum or similar method) within acoustic codec 222 (FIG. 2) to ensure that encryption key 204 (FIG. 2) is correctly transmitted and decoded.
  • acoustic codec 222 performs an error detection step to determine if an error has occurred in connection with the reception/ decoding of encryption key 204. If acoustic codec 222 detects an error condition, it sends a request to base station 106 (FIG. 2), via RF codec 227 (FIG. 2) and transceiver 228 (FIG. 2), to re-transmit the acoustic signal representative of encryption key 204 in step 312. If no error condition is detected, encryption key 204 is stored in memory 224 (FIG. 2) and used to encrypt and decrypt subsequent RF transmissions of conference data 226 (FIG. 2) in step 314.
  • the method may additionally include the step 316 of determining whether a new encryption key is required. Generation of a new encryption key may be triggered, for example, by expiration of a predetermined time period (security may be enhanced by periodically changing the encryption key) or by manual user request. If a new encryption key is required, the method returns to step 304; otherwise, the method returns to encrypting and decrypting conference data 226 (FIG. 2) using existing encryption key 206 (FIG. 2). It is to be appreciated that although the embodiment depicted in FIG. 2 and described above locates encryption key generator 202 and acoustic transmitter 212 in base station 106, alternative embodiments which may locate these elements in one or more of the remote devices are within the scope of the invention.
  • the present invention is not intended to be limited in scope to acoustic transmission of the encryption key.
  • Other types of signals which do not easily penetrate conference room walls and hence are not detectable outside of the conference room, may be used to encode and distribute the encryption key.
  • the base station may be provided with an infrared (IR) transmitter for transmitting an IR signal encoding the encryption key.
  • the associated remote devices are correspondingly provided with IR sensors for detecting the transmitted IR signal, and an IR codec for extracting the encryption key from the received signal. Distribution of the encryption key via an IR signal may be less attractive relative to use of an acoustic signal, since objects or persons located in the conference room may block the transmission path of IR signals, and thus prevent the reception of the IR signal by the remote devices.

Abstract

A system and method are provided for securing data transmission during operation of a wireless networked communication system comprising a base station and one or more remote devices. The base station generates (202) an encryption key (204), encodes the key as an acoustic signal, and transmits (212) the signal. The acoustic signal is received by all co-located remote devices of the communication system, and decoded to extract the encryption key. Subsequent communication transmissions between and among the base station and the remote device are encrypted using the encryption key to prevent electronic eavesdropping.

Description

SYSTEM AND METHOD FOR SECURED DATA TRANSMISSION WITHIN A WIRELESS COMMUNICATION SYSTEM
BACKGROUND OF THE INVENTION 1. Field of the Invention
The invention relates generally to communication systems, and more particularly to a system and method for the transmission of secured data within a communication system having wireless networked components.
2. Description of the Background Art
Business communication systems, such as audio conferencing or video conferencing systems, are making increasing use of wireless networks to link system components, such as microphones, speakers, and the like. Use of wireless networks avoids the need to cable the system components together, thereby simplifying system setup and allowing the system components to be easily re-arranged to suit the needs of the user(s). The use of wireless networks to link system components also offers significant aesthetic benefits by eliminating or reducing unsightly wiring.
A disadvantage associated with wireless networked communication systems is the potential for unintended dissemination of confidential or sensitive information. In a business conference setting, it is frequently desirable to limit access to information being discussed or viewed to conference participants only. To this end, the conference systems are typically located in a fully enclosed space, i.e., a conference room. However, most commercially available wireless networked communication systems employ radio-frequency (RF) signals to convey information between and among the various system components. Such RF signals may easily penetrate the walls, ceiling, etc. of the conference room and may thus be inadvertently transmitted to other devices capable of receiving the signals, e.g., a component of another wireless networked system located in a second conference room. Transmission of the RF signals outside of the conference room may also allow interception by eavesdroppers or industrial spies, thereby compromising confidentiality.
One method of preventing the inadvertent dissemination of confidential information is to encode the transmitted RF signals using an encryption key, essentially scrambling the underlying information. The signals are subsequently decoded at the receiving component using the same or a complementary encryption key. However, this method requires all components within the communication system to possess the same encryption key in order to properly encode and/ or decode the RF signals. One technique for assigning a common encryption key for all wireless networked components within a communication system involves manually entering the encryption key (by setting switches or through a keypad) at each component. However, this technique is time- consuming and subject to user error. Another technique for assigning the encryption key is to initially (i.e., at the start of system operation) distribute the key using unencrypted RF signals. Unfortunately, an eavesdropper monitoring the RF transmissions can intercept the transmitted encryption key and use the encryption key to decode subsequent transmissions.
Accordingly, there is a need for an improved system and method for securely transmitting information between components of a wireless communication system. There is a more specific need for a system and method for distributing an encryption key among the system components which does not require substantial operator intervention, and which is not susceptible to eavesdroppers monitoring the transmission frequencies.
SUMMARY OF THE INVENTION The present invention provides a system and method for securely transmitting information between and among components of a wireless networked communication system. In a preferred embodiment, the components of the communication system include a base station containing the primary system circuitry, and a set of physically co-located remote devices (microphones, speakers, personal computers, LCD projectors, video monitors, and the like) which normally communicate with the base station and with each other by transmission and reception of RF signals. However, an encryption key is distributed using an acoustic signal. To implement the distribution of the encryption key by an acoustic signal, the base station is provided with an acoustic transmitter (i.e., a speaker), and each remote device is provided with an acoustic sensor (i.e., a microphone). At the commencement of system operation, the base station generates an encryption key, converts the encryption key into an acoustic signal, and transmits the signal. For example, the encryption key may comprise a randomly generated n-digit sequence of numbers which is converted to a corresponding sequence of DTMF tones.
Each of the remote devices is provided with an acoustic sensor for detecting the acoustic signal transmitted by the base station. The acoustic sensor responsively generates an electrical signal, which is passed to an acoustic codec. The acoustic codec is operative to extract a digital representation of the encryption key for storage in a memory. The encryption key is subsequently utilized by the base station and remote devices to encrypt and decrypt conference data passed between and among the devices and the base station through RF signals. Use of the acoustic signal to distribute the encryption key effectively prevents non-co-located devices (i.e., those located outside of a conference room) from detecting the encryption key. BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a block diagram showing components of a wireless networked communication system located within a conference room;
FIG. 2 is a block diagram of a base station and an exemplary remote device of the present invention; and
FIG. 3 is a flowchart showing the steps of a method for distributing an encryption key by transmission and reception of an acoustic signal, in accordance with the present invention.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT FIG. 1 depicts components of an exemplary wireless networked communication system 114 located within an enclosed first conference room 100. Communication system 114 may comprise, but is not limited to, a video conferencing or audio conferencing system of the type sold by Polycom, Inc. of San Jose, California. Communication system 114 includes a base station 106 which contains the primary system circuitry, and a plurality of remote devices, such as remote devices 108 and 110, which communicate with base station 106 and with each other by the transmission and reception of electromagnetic signals, typically radio frequency (RF) signals. Some examples of remote devices are microphones, speakers, personal computers, LCD projectors, and video monitors. Base station 106 may be additionally configured to manage communications with other communication systems (e.g., video conferencing systems located at other sites) over conventional circuit or packet switched networks, such as the public switched telephone network or the Internet. It is noted that while two remote devices 108 and 110 are depicted in the figure, a lesser or greater number of remote devices may be utilized.
FIG. 1 also depicts a second conference room 102 adjacent to first conference room 100 and separated therefrom by a wall 104. Remote device 112, which is not part of communication system 114, is located within second conference room 102. Because RF signals transmitted by base station 106 and remote devices 108 and 110 may easily penetrate wall 104 and reach remote device 112, the information underlying the transmitted RF signals may be inadvertently disseminated to persons having access to remote device 112. If such information is sensitive or proprietary, the confidentiality of the information may thus be compromised.
An object of the present system and method is to secure against inadvertent disclosure of confidential information by encrypting the conference data transmitted between and among base station 106 and remote devices 108 and 110. The term "conference data", as used herein, denotes data representative of any information which may be presented to users of communication system 114 during operation thereof, including speech, images, and the like. To successfully encrypt and decrypt the conference data, base station 106 and remote devices 108 and 110 must possess a common encryption key. In accordance with the present system and method, the encryption key is distributed by the transmission and reception of an acoustic signal. Because acoustic signals are attenuated relatively rapidly and do not readily penetrate walls such as wall 104, devices located outside of first conference room 100 are unable to detect the transmission of the acoustically-encoded encryption key, and hence cannot decrypt subsequently received RF signals (including those representative of confidential information) emanating from communication system 114.
The distribution of an encryption key via an acoustic-based expedient is best understood with reference to the block diagram of FIG. 2 and the flowchart of FIG. 3. Referring initially to FIG. 2, components of base station 106 and an exemplary one of the remote devices 108 are depicted in schematic form. Base station 106 is provided with an encryption key generator 202 configured to randomly generate an encryption key 204 in accordance with well-known random key generation algorithms. Encryption key 204 may comprise, for example, a randomly generated n-digit string. Encryption key 204 is stored in memory 206 for subsequent use by encryption/ decryption module 208.
Encryption key 204 is additionally conveyed to an acoustic codec 210, which is electrically coupled to an acoustic transmitter 212. Acoustic codec 210 is configured to apply an electrical signal to acoustic transmitter 212 which causes acoustic transmitter 212 to emit an acoustic signal (i.e., sounds) which encodes the encryption key. In one example, the n-digit encryption key is encoded as a string of dual-tone multi-frequency (DTMF) tones. Those skilled in the art will recognize that acoustic codec 210 may utilize a variety of alternative methods for encoding encryption key 204 as an acoustic signal, including without limitation modem tones, musical chords, and spread-spectrum modulation. In any case, acoustic transmitter 212, which may comprise a conventional loudspeaker, emits the acoustic signal encoded encryption key 204. It is appreciated that the acoustic signal power should be sufficient to enable co- located remote devices to detect the signal, but the power should be minimized to prevent detection of the signal outside of conference room 100 (FIG. 1) as well as to avoid subjecting persons present within conference room 100 to an unpleasantly harsh sound.
The acoustic signal propagates through conference room 100 (FIG. 1) and is received at remote device 108. As depicted in FIG. 2, remote device 108 is provided with an acoustic sensor 220, which may comprise a conventional microphone. Acoustic sensor 220 is operative to detect the acoustic signal encoded encryption key 204 (for example, a string of DTMF tones) and to responsively generate a corresponding electrical signal. The electrical signal is passed to an acoustic codec 222, which is configured to extract a digital representation of encryption key 204 for storage in a memory 224. Encryption key 204 may subsequently be accessed by encryption/ decryption module 225 to encrypt conference data 226 transmitted to base station 106 or other co-located devices and to decrypt conference data 226 received from base station 106 or other co-located devices of the communication system 114 (FIG. 1). Once encryption key 204 has been distributed to remote device 108 (as well as to the other remote devices of communication system 114 of FIG. 1), encryption key 204 is utilized to encrypt and decrypt conference data 226 transmitted by RF signals between and among the various components of communication system 114. Base station 106 is provided with an encryption/ decryption module 208, RF codec 214, and RF transceiver 216.
Similarly, remote device 108 is provided with encryption/ decryption module 225, RF codec 227, and RF transceiver 228. Those skilled in the art will recognize that the encryption/ decryption modules 208 and 225 and the RF codecs 214 and 227 may be configured as hardware, software, or a combination thereof. In a transmit mode, conference data 226 (which may comprise speech, images, and the like, as discussed above), is encrypted by encryption/ decryption module 208 or 225 using encryption key 204. Encryption/ decryption module 208 or 225 may employ any one of a large number of encryption techniques well known in the art. The encrypted conference data is then encoded by codec 214 or 227 for transmission as RF signals by RF transceiver 216 or 228. Because the RF signals contain encrypted (i.e., unintelligible) information, eavesdroppers and others who intercept the RF signals will not have access to underlying conference data 226. In the receive mode, RF signals transmitted by another component of communication system 114 (FIG. 1) are received by RF transceiver 216 or 228, and converted to a digital representation of the encrypted conference data by RF codec 214 or 227. The encryption/ decryption module 208 or 225 is then operative to decrypt conference data 226, which may be subsequently used for a variety of purposes. In one example, remote device 108 may comprise a microphone which generates conference data representative of the speech of conference participants. The conference data representative of the speech is encrypted and transmitted to base station 106 by RF signals. Base station 106 receives the RF signals, decrypts the underlying conference data, and conveys this data to another communication system over a telephone network.
It is noted that while remote device 108 is depicted as having an RF transceiver 228, other remote devices may be adapted for unidirectional RF communications with base station 106 (i.e., either from base station 106 to the remote device, or from the remote device to base station 106). In such cases, an RF transmitter or receiver will be substituted for RF transceiver 228.
FIG. 3 is a flowchart 300 showing steps of an exemplary method for distributing encryption key 204 (FIG. 2) using an acoustic signal in accordance with the present system and method. In step 302, the key distribution sequence is initiated. Step 302 may be triggered automatically, as by turning on communication system 114 (FIG. 1), or may be triggered manually by a user engaging a "reset" control or the like. Next, encryption key generator 202 (FIG. 2) randomly generates encryption key 204 and stores encryption key 204 in memory 206 (FIG. 2) in step 304. Encryption key 204 is then encoded by codec 210 (FIG. 2) and transmitted as an acoustic signal by acoustic transmitter 212 (FIG. 2) in step 306.
Next, the acoustic signal representative of encryption key 204 (FIG. 2) is received by acoustic sensor 220 (FIG. 2) of remote device 108 (FIG. 2) and decoded by acoustic codec 222 (FIG. 2) in step 308, to extract a digital representation of encryption key 204. It may be desirable (particularly in environments having high levels of ambient noise, which may interfere with transmission and reception of the acoustic signal) to provide an error detection scheme (using a transmitted checksum or similar method) within acoustic codec 222 (FIG. 2) to ensure that encryption key 204 (FIG. 2) is correctly transmitted and decoded. Therefore, in optional step 310, acoustic codec 222 performs an error detection step to determine if an error has occurred in connection with the reception/ decoding of encryption key 204. If acoustic codec 222 detects an error condition, it sends a request to base station 106 (FIG. 2), via RF codec 227 (FIG. 2) and transceiver 228 (FIG. 2), to re-transmit the acoustic signal representative of encryption key 204 in step 312. If no error condition is detected, encryption key 204 is stored in memory 224 (FIG. 2) and used to encrypt and decrypt subsequent RF transmissions of conference data 226 (FIG. 2) in step 314.
The method may additionally include the step 316 of determining whether a new encryption key is required. Generation of a new encryption key may be triggered, for example, by expiration of a predetermined time period (security may be enhanced by periodically changing the encryption key) or by manual user request. If a new encryption key is required, the method returns to step 304; otherwise, the method returns to encrypting and decrypting conference data 226 (FIG. 2) using existing encryption key 206 (FIG. 2). It is to be appreciated that although the embodiment depicted in FIG. 2 and described above locates encryption key generator 202 and acoustic transmitter 212 in base station 106, alternative embodiments which may locate these elements in one or more of the remote devices are within the scope of the invention.
It is further noted that the present invention is not intended to be limited in scope to acoustic transmission of the encryption key. Other types of signals, which do not easily penetrate conference room walls and hence are not detectable outside of the conference room, may be used to encode and distribute the encryption key. For example, the base station may be provided with an infrared (IR) transmitter for transmitting an IR signal encoding the encryption key. The associated remote devices are correspondingly provided with IR sensors for detecting the transmitted IR signal, and an IR codec for extracting the encryption key from the received signal. Distribution of the encryption key via an IR signal may be less attractive relative to use of an acoustic signal, since objects or persons located in the conference room may block the transmission path of IR signals, and thus prevent the reception of the IR signal by the remote devices.
The invention has been described above with reference to specific embodiments. It will be apparent to those skilled in the art that various modifications may be made and other embodiments can be used without departing from the broader scope of the invention. Therefore, these and other variations upon the specific embodiments are intended to be covered by the present invention, which is limited only by the appended claims.

Claims

WHAT IS CLAIMED IS: 1. A method for secure data transfer in a wireless networked communication system, comprising the steps of: generating an encryption key within a first device of the communication system; encoding the encryption key to form an encoded signal; transmitting the encoded signal to a second device of the communication system remote from the first device; decoding the encoded signal at the second device to extract the encryption key; and using the encryption key to encrypt and decrypt data for subsequent wireless transmissions between the first and second devices.
2. The method of claim 1, wherein the encoded signal is an acoustic signal.
3. The method of claim 2, wherein the acoustic signal is DTMF tones.
4. The method of claim 1, wherein the encoded signal is an infrared signal.
5. The method of claim 1, wherein the step of decoding further comprises the step of storing the decoded encryption key in memory.
6. The method of claim 1, wherein the step of decoding further comprises the step of performing error detection to determine if an error has occurred in connection with the reception or decoding of the encryption key.
7. The method of claim 6, further comprising the step of sending a request for a retransmission of the encoded signal if an error is detected.
8. The method of claim 1, wherein the step of using the encryption key to encrypt and decrypt subsequent wireless transmissions further comprises the step of encoding the data into radio frequency signals.
9. The method of claim 1, further comprising the step of determining whether a new encryption key is required.
10. A system for secure data transmission within a wireless communication system, comprising: a first device of the communication system, the first device having an encryption key generator for generating the encryption key and a signal transmitter for transmitting an encoded signal representative of the encryption key; and a second device of the communication system, the second device having a signal sensor for receiving the encoded signal from the first device and a decoder device for extracting the encryption key from the encoded signal, the encryption key being used to encrypt data being transmitted between the first and second devices.
11. The system of claim 10 wherein the first device further comprises an encoder device for encoding the encryption key into an encoded signal for transmission.
12. The system of claim 11 wherein the encoder device is an acoustic codec.
13. The system of claim 10, wherein the encoded signal is an acoustic signal.
14. The system of claim 10, wherein the signal transmitter is an acoustic transmitter and the signal sensor is an acoustic sensor.
15. The system of claim 10, wherein the decoder device is an acoustic codec.
16. The system of claim 10 further comprising memory in the first and second devices for storage of the encryption key.
17. The system of claim 10 further comprising an encryption/ decryption module in the first and second devices for encrypting data for transmission and decrypting data received from the other device.
18. The system of claim 10 further comprising a radio-frequency codec in the first and second devices for encoding the data into radio-frequency signals.
19. The system of claim 18 further comprising a radio-frequency transceiver in the first and second devices for transmission and reception of the radio- frequency signals within the communication system.
20. A system for secure data transmission within a wireless communication system, comprising: means for generating an encryption key within a first device of the communication system; means for encoding the encryption key to form an encoded signal; means for transmitting the encoded signal to a second device of the communication system remote from the first device; means for decoding the encoded signal at the second device to extract the encryption key; and means for using the encryption key to encrypt and decrypt data for subsequent wireless transmissions between the first and second devices.
EP00963787A 1999-08-03 2000-08-02 System and method for secured data transmission within a wireless communication system Ceased EP1208663A4 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US14688299P 1999-08-03 1999-08-03
US146882P 1999-08-03
PCT/US2000/040564 WO2001010071A1 (en) 1999-08-03 2000-08-02 System and method for secured data transmission within a wireless communication system

Publications (2)

Publication Number Publication Date
EP1208663A1 true EP1208663A1 (en) 2002-05-29
EP1208663A4 EP1208663A4 (en) 2005-07-27

Family

ID=22519395

Family Applications (1)

Application Number Title Priority Date Filing Date
EP00963787A Ceased EP1208663A4 (en) 1999-08-03 2000-08-02 System and method for secured data transmission within a wireless communication system

Country Status (5)

Country Link
EP (1) EP1208663A4 (en)
JP (1) JP2003506919A (en)
KR (1) KR20020019581A (en)
GB (1) GB0201603D0 (en)
WO (1) WO2001010071A1 (en)

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2377129B (en) * 2001-06-29 2005-05-11 Nokia Corp Wireless communication device and method
DE60228128D1 (en) 2001-11-09 2008-09-18 Nanosphere Inc Bioconjugate NANOPARTICLE PROBES
US7966497B2 (en) 2002-02-15 2011-06-21 Qualcomm Incorporated System and method for acoustic two factor authentication
US7401224B2 (en) 2002-05-15 2008-07-15 Qualcomm Incorporated System and method for managing sonic token verifiers
KR100547855B1 (en) 2003-01-14 2006-01-31 삼성전자주식회사 Secure communication system and method of a composite mobile communication terminal having a local area communication device
JP2005018487A (en) * 2003-06-26 2005-01-20 Sharp Corp Method for distributing right to participate in conference and conference system
JP2005094349A (en) * 2003-09-17 2005-04-07 Sony Corp Information processor and information processing method, program and recording medium
JP5458796B2 (en) * 2009-10-19 2014-04-02 株式会社リコー Communication apparatus and communication control method
JP5269844B2 (en) * 2010-07-28 2013-08-21 株式会社バッファロー Encryption key sharing method, wireless terminal, and access point
US9483997B2 (en) * 2014-03-10 2016-11-01 Sony Corporation Proximity detection of candidate companion display device in same room as primary display using infrared signaling
FR3022715B1 (en) * 2014-06-20 2017-09-15 Thales Sa METHOD AND SYSTEM FOR ACCOUSTIC COMMUNICATIONS
US20160011921A1 (en) * 2014-07-14 2016-01-14 General Electric Company Cyber secured airgap remote monitoring and diagnostics infrastructure
US10722719B2 (en) 2015-02-19 2020-07-28 The Trustees Of Princeton University Vibration-based secure side channel for medical devices
KR102118934B1 (en) * 2015-10-30 2020-06-04 텔레폰악티에볼라겟엘엠에릭슨(펍) Establish a shared secret between the first communication device and at least one second communication device
JP7193126B2 (en) * 2018-11-13 2022-12-20 株式会社スマート・ソリューション・テクノロジー Communication device, communication system, communication method and program

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4484027A (en) * 1981-11-19 1984-11-20 Communications Satellite Corporation Security system for SSTV encryption
US5481611A (en) * 1993-12-09 1996-01-02 Gte Laboratories Incorporated Method and apparatus for entity authentication

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5313521A (en) * 1992-04-15 1994-05-17 Fujitsu Limited Key distribution protocol for file transfer in the local area network

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4484027A (en) * 1981-11-19 1984-11-20 Communications Satellite Corporation Security system for SSTV encryption
US5481611A (en) * 1993-12-09 1996-01-02 Gte Laboratories Incorporated Method and apparatus for entity authentication

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
MENEZES, VANSTONE, OORSCHOT: "Handbook of Applied Cryptography" 1997, CRC PRESS LLC , USA , XP002325939 * page 362 - page 363 * * page 551 - page 553 * * page 580 * *
See also references of WO0110071A1 *

Also Published As

Publication number Publication date
KR20020019581A (en) 2002-03-12
JP2003506919A (en) 2003-02-18
EP1208663A4 (en) 2005-07-27
GB0201603D0 (en) 2002-03-13
WO2001010071A1 (en) 2001-02-08

Similar Documents

Publication Publication Date Title
US20030112978A1 (en) System and method for secured data transmission within a wireless communication system
WO2001010071A1 (en) System and method for secured data transmission within a wireless communication system
US5481611A (en) Method and apparatus for entity authentication
US6907034B1 (en) Out-of-band signaling for network based computer session synchronization
AU687524B2 (en) Digital radio transceiver with encrypted key storage
US7162634B2 (en) Method for providing security on a powerline-modem network
US4797672A (en) Voice network security system
JPH06506813A (en) Dynamic encryption key selection for encrypted wireless transmission
JP2002208923A (en) Encrypting transmission system of periodic signal
US6703923B2 (en) Apparatus for providing security on a powerline-modem network
US20070192488A1 (en) System and method for authenticating components in wireless home entertainment system
EP1127421A1 (en) Encryption and authentication methods and apparatus for securing telephone communications
US20030165239A1 (en) Decryption system for encrypted audio
KR101675332B1 (en) Data commincaiton method for vehicle, Electronic Control Unit and system thereof
JP2004214976A (en) Av data transmitting apparatus, av data receiving apparatus, av data wireless communication system, and electronic apparatus
JP2005318580A (en) Universal microphone for sure wireless communications
GB2602895A (en) A method and system for authenticating a device
AU7211600A (en) Internal line control system
JPH0583243A (en) Cordless telephone set
KR20140139321A (en) Information security attachment apparatus for voice communications and information security method for voice communications thereby
JP2004523937A (en) Data scrambling system for shared transmission media
GB2595836A (en) A method and system for authenticating a device
KR20000059049A (en) Method and system for preserving data based on network
KR100866848B1 (en) Hiding method and apparatus for a message cipher communications on radio channel
JP4628002B2 (en) Encryption system in communication link and communication terminal device thereof

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20020301

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

RBV Designated contracting states (corrected)

Designated state(s): DE GB

A4 Supplementary search report drawn up and despatched

Effective date: 20050614

17Q First examination report despatched

Effective date: 20071127

REG Reference to a national code

Ref country code: DE

Ref legal event code: R003

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

18R Application refused

Effective date: 20110422