JPH0787454B2 - Confidential telephone device - Google Patents

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a secret telephone device which can carry out a conversation by encrypting voice in a telephone.

[0002]

2. Description of the Related Art As an analog encryption method for directly encrypting a voice signal, a spectrum inversion encryption method (for details, see, for example, Imamura, Hattori, Kozono: "Effect of speech quality improvement by compander and emphasis in voice spectrum inversion secret story",
(See B), J64-B, 5, pp.425-432 (Sho 56-05)), a method of exchanging the time sequence and frequencies of sampled voices (for details, see NSJayant, RVCox, BJM).
cDermott and AMQuinn: "Analog scramblers for spe
ech based on sequential permutations in timeand fr
quency ", Bell Syst.Tech.J.62,1, pp.25-46 (Jan.1983)), a method of inverting the polarity of sampled voice according to a certain rule (for details, see, for example, S. Asakawa, F. Sugiyama and
M. Nakamura: "Avoice scrambler for mobil communi
cation ", IEEE Trans.Veh Technol.29,1, pp.81-86 (Feb.1
980))) etc. In addition, FFT (Faest Fourier Tr
ansform: Fast Fourier Transform) applied FFT scramble method (Details are, for example, Matsunaga, Okawa, Sakurai, Koga: “Full-duplex analog secrecy device using FFT and its basic operation”, theory of theory (A) , J72-A, 4, pp.692-702 (64
-04)) is proposed.

A digital encryption method has been proposed in which analog voice signals are encoded by, for example, the μ-law encoding method and then encrypted, as is the case with the same method for encrypting electronic texts. Currently, as a security measure for digital communication, either the sender or the receiver decides an encryption key and sends the same encryption key to the other party, and then the data (plaintext) to be sent on the sending side is encrypted with that encryption key to obtain a ciphertext. A method is used in which the ciphertext that is transmitted and received using the previous encryption key is inversely converted into a cipher, that is, decrypted, and restored to the original plaintext on the receiving side.
For the cryptographic algorithms used in these, it is essential to publish the cryptographic algorithm in order to perform cryptographic communication with unspecified parties. As a representative example of the algorithm open-type encryption, DES (for details of the DES algorithm, see DW
Davies and WLPrice (Translated by Kamizono): “Network
Security ”, Nikkei McGraw-Hill, 1985 pp.55-84
), And FEAL (for details of the FEAL algorithm, see, for example, Miyaguchi, Shiraishi, Shimizu: “FEAL-8 Cryptographic Algorithm”, Kenjiho Vol. 37, No. 4/5, 1988 pp. 321-372).

Next, a cryptographic usage format (for details of the cryptographic usage format, see, for example, DW Davies and WLPrice (translated by Kamizono):
"Network Security", Nikkei McGraw-Hill, 1985 pp.85-102) has the following four formats. ECB format (Electronic Codebook mode). CBC format (Cipher Block Chaining mode).

CFB format (Cipher Feedback mode). OFB format (Output Feedback mode).

[0006]

The first three methods of analog encryption have drawbacks such as weak encryption strength, difficulty in conversation due to signal processing delay, and deterioration of decoding sound quality due to encryption. In addition, the last method makes it difficult to conduct conversations due to signal processing delays, deterioration of decrypted sound quality due to encryption, and conversations that are encrypted from normal conversations (non-encrypted calls) (encrypted calls).
There is a drawback that it takes time to switch to the state. Also, if the encryption key on the calling side is different from that on the receiving side, uncomfortable noise will be received at the start of the encrypted call, and uncomfortable feeling will occur, and subsequent calls will be disabled. At this time, switching from the encrypted call to the non-encrypted call has a drawback that both parties must manually stop the encryption function.

ISDN (Integrated Services Digital)
Before the start of services, the transmission line network is based on analog transmission, and in order to transmit the same voice signal, digital transmission requires about 20 times the frequency band of analog transmission. There is no case where the digital encryption of the telephone by using it was realized in terms of cost. However, as ISDN becomes widespread, it is conceivable that telephone conversations will be encrypted by a digital encryption method. In this case, the stream cipher format may be applied from the viewpoint of increasing the cipher strength, but the cipher of this stream cipher format cannot be decrypted unless the other party knows the encryption start time. In other words, it is necessary to start the operations of the encryption device and the decryption device of the mutual telephones that talk with each other at the same time. However, since the telephone does not have a protocol like data communication, it is necessary to realize the following functions.

-Sending side: A function of starting the encryption of the voice code and notifying the receiving side of the voice code that started the encryption. -Receiver Function to detect the voice code that has started encryption and start decoding from that voice code.

It is also necessary to confirm that the person who answered the call on the other side is the person who wants to talk. Therefore, it is necessary to easily synchronize the encryption and decryption in a short period of time after confirming the other party in the non-encrypted call. Next, at the start of encryption, an encryption key or an initial variable (hereinafter referred to as “IV”. For a detailed explanation of the initial variable, see, for example, DWDavies and WLPrice (translated by Kamizono): “Network Security”, Nikkei McGraw-Hill, 1985 pp. .89-102) is different on the calling side and the called side, it is necessary to display an alarm on both phones and switch to a non-encrypted conversation state on both phones within a short period of time.

An object of the present invention is to prevent eavesdropping on a communication line, to easily switch between a non-encrypted conversation and an encrypted conversation, and when an encrypted call cannot be normally performed due to a difference in an encryption key, etc. The purpose of the present invention is to provide a confidential telephone device that has a function of displaying that fact on both telephones and automatically switching to a non-encrypted telephone call, and that has a strong encryption strength.

[0011]

According to the present invention, an encoder having an n-bit width for converting an analog signal from a transmitter (microphone) into a digital signal, an output of the encoder, and a preset n A first code having a bit width (hereinafter, it is described that a first character is used as the first code), a preset second code having an n-bit width (hereinafter, a second character as a second code). K) determined between the two parties
A first code string selected from a third code string of n bits (K is an integer of 1 or more) (hereinafter, the third character string is used as the third code string).
Of the first selector, an encryptor to which a stream cipher format for encrypting the output of the first selector in units of n bits is applied, and a second of selecting either the output of the encryptor or the output of the first selector. A selector and a parallel-to-serial converter that converts the output of the second selector to serial and sends it out;
The first and second selectors are controlled so as to output the output of the encoder, and M pieces of the first character (M is an integer of 2 or more) are continuously sent by an external cipher start instruction. To control the first selector, and then to the second
The first selector is controlled so as to send one character, and then the operation of the encryption device is started, and at the same time, the first selector and the first selector are operated so as to encrypt and send the third character string. The second selector is controlled, and then, the transmission control unit that controls the first selector so as to encrypt and output the output of the encoder, and the received digital signal are converted into n-bit width parallel signals. A serial-parallel converter, an encryption / decryption device to which a stream encryption format for decoding the output of the serial-parallel converter in n-bit units is applied, the output of the encryption / decryption device, or the output of the serial-parallel converter is selected. And the third selector that outputs the first character from the output of the third selector in succession (where N ≦ M and N
Is a positive integer), means for detecting the second character from the output of the third selector, means for detecting the third character string from the output of the third selector, and means for detecting the third character string. A code decoder for converting the selector output into an analog signal, a voice generation circuit, and a fourth selector for selecting one of the output of the voice generation circuit and the output of the code decoder and supplying it to a receiver (speaker). , An interrupt signal line to the outside, and first, the third and fourth selectors so that the output of the serial-parallel converter is supplied to the code decoder and the output of the code decoder is supplied to the receiver. In addition to the control, the operation of detecting N consecutive first characters from the output of the third selector is performed. If N consecutive first characters are detected, the output of the voice generation circuit is supplied to the handset. To No. 4 selector and an external interrupt, and then the second character is detected, the third selector is controlled so as to supply the output of the serial-parallel converter to the encryption / decryption device. The decryption operation of the encryption / decryption device is started, the operation of detecting the third character string from the output of the third selector is performed, and when the third character string is detected, the output of the encryption / decryption device is changed to the code. Means for controlling the third and fourth selectors so that they are decoded by the decoder and supplied to the receiver, generate an interrupt externally, and transit to the first state when the third character string cannot be detected. A reception control section having a key, a push-button dial for inputting a telephone number, an encryption key, and IV, an encryption switch that is manually operated and outputs the encrypted call start signal, and a key Power, sender telephone number, alarm, etc., a third register for holding the encryption key and supplying it to the encryption device and the encryption / decryption device, and an initial variable for the encryption device and the above A fourth register for supplying to the encryption / decryption device.

[0012]

[Operation] Due to this structure, it works as follows.・ Step 1 Speaking side The same value does not continue in the digitized voice code. Therefore, by utilizing this fact, when there is an encryption start instruction from the outside, M first characters are continuously transmitted instead of the voice code that has been transmitted so far, and the process proceeds to step 2.

Receiving side The received data is regarded as a voice code until the N first characters (where N≤M) which have been decided by the voice code are being continuously received, and the first character is N. If the data is continuously received, since the subsequent data is not a voice code, the voice generated by the voice generation circuit in the receiver is sent to the receiver instead of the output of the encoder / decoder, and the receiver is notified of the start of encryption, and step 2 Transition to. Here, the reason why N ≦ M is determined is to reliably detect the next second character even if a bit error occurs on the communication line.

Step 2 Sender side In order to synchronize the start time of the cryptographic operation between the sender side and the receiver side, a second character other than the first character used in step 1
1 character is sent, the cryptographic operation is started, and the process proceeds to step 3.

When the second character on the receiving side is detected, the encryption / decryption operation is started from the subsequent data, the transmitting side and the encryption operation are synchronized, and the process proceeds to step 3.・ Step 3 Sender side In order for the receiving side to detect that the encrypted call is normal, the K that is predetermined by the transmitting side and the receiving side at the start of the encrypted call
Third character string consisting of four characters (IV in this embodiment)
Is encrypted and transmitted, and the process proceeds to step 4.

At the receiving side, the decrypted data from the start of the encryption / decryption operation are compared with IV, and if they match, the mutual encryption keys match, and it is considered that a normal encrypted call is possible and the process proceeds to step 4. If they do not match, the encryption key is different between the calling side and the receiving side, it is considered that the encrypted call is impossible, a CPU interrupt (alarm) is generated, and both the transmitting side and the receiving side transit to step 1.

Here, the data to be compared is determined to be IV because it is a value known only to the parties, and the length can be freely selected, that is, the length differs depending on IV, and the configuration is simpler. Therefore, it was decided because the hardware scale was small. The use of IV in this way increases the strength of the secret.・ Step 4 Sender The voice code is encrypted and sent.

Receiving Side The coded voice code is decoded by a code decoder and sent to the receiver. This device prevents eavesdropping on communication lines,
It is easy to switch from non-encrypted call to encrypted call at any time, and if the encrypted call cannot be performed normally due to the difference of the encryption key, etc., the fact is displayed on the indicators of both the calling and called phones. It is possible to automatically switch to a non-encrypted call.

[0019]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS An embodiment of the present invention will be described below with reference to the drawings. FIG. 1 shows the configuration of an embodiment of a secret telephone device (digital telephone with encryption function) according to the present invention. The device comprises a body 1 and a handset 2 connected to the body 1.

In the main body 1, a microprocessor unit 4 for controlling the entire main body, a memory unit 5 including a ROM for storing a program executed by the microprocessor unit 4 and a RAM for temporarily storing data, and an encrypted voice. A receiver 6 that decodes the signal and outputs a voice signal 22 to the receiver 2r of the handset 2, and a transmitter that transmits the voice signal 23 from the transmitter 2s of the handset 2 with or without encryption. 7. Microprocessor unit 4
L to control the layer 2 of the D channel of ISDN by
AP-D (Link Access Procedure on the D-channel)
Control unit 8, display control unit 9, push button dial 1
2, the key input control unit 10 that controls each key input from the cryptographic switch 13 is connected to the internal bus 21.

Further, ISDN line termination unit (DSU)
A display 1 controlled by a layer 1 control unit 11 and a display control unit 9 for controlling the B-channel layer 1 and the D-channel layer 1 of ISDN for interface conversion with
And 4 are provided. The push button dial 12 is used for inputting a telephone number or an encryption key known only to parties making a cryptographic call.
Is used to instruct encryption start and decryption of call contents, and this encryption switch 13 is a toggle switch, and repeats an encryption start instruction and an encryption cancellation instruction each time it is pressed. The display 14 displays key inputs, telephone numbers of senders, alarms and the like. Layer 1 control unit 11
It is connected to a DSU (not shown) using the SDN plug 3.

The B channel signal 24 from the layer 1 control section 11 is supplied to the receiving section 6, the B channel signal 25 from the transmitting section 7 is supplied to the layer 1 control section 11, and the output signal 26 of the push button dial 12 is supplied. Is supplied to the key input control unit 10, the cipher request signal 27 of the cipher switch 13 is supplied to the key input control unit 10, the CPU interrupt signal 29 from the earpiece unit 6 is supplied to the microprocessor unit 4, and the display control unit 9 The display signal 28 from is supplied to the display 14.

FIG. 2 shows the internal structure of the receiver 6 and transmitter 7 of FIG. The transmission control unit 41 controls the entire transmission unit 7. IDL register 42, EOC register 43, IV register 44, KEY register 45, M
The register 46 and the control register 47 are connected. I
The DL register 42 is used by the microprocessor unit 4 for the first character (hereinafter, this 1-byte character is "I").
DL character ") is set, the second character (hereinafter, this 1-byte character is referred to as" EOC character ") is set in the EOC register 43 by the microprocessor unit 4, and the IV register 44 is set in the microprocessor unit 4 Is set to IV (8 bytes), the key register 45 is set after the cryptographic key input from the push button dial 12 of FIG. 1 is processed by the microprocessor unit 4, and the M register 46 is set to ID.
A value indicating the number of consecutively transmitted L characters (hereinafter this value is referred to as “M”) is set by the microprocessor unit 4, and the control register 47 sends an operation instruction to the transmission control unit 41 and the reception control unit 71. It is set by the microprocessor unit 4.

The encoder 48 converts the transmission signal (analog signal) 23 from the transmitter 2s of the handset 2 of FIG. 1 into a 1-byte (8-bit) digital signal. The definition for converting the analog signal into a digital signal is CCITT Recommendation G. 711 etc. The selector 49 is a 1-byte wide selector and is controlled by the control signal 70 of the transmission control unit 41, and outputs the output signal 61 of the encoder 48, the IDL character 55 from the IDL register 42, and the EOC character from the EOC register 43. 56 and the IV register 44
From the signal obtained by sequentially converting the IV57 (8 bytes) from 1 to the 1-byte width, and outputs the selected signal. The encryptor 50 encrypts a 1-byte digital signal in 1-byte units. The encryption format is OFB which is a stream encryption format.
Apply form 8-bit feedback. Selector 5
Reference numeral 1 denotes a selector having a 1-byte width, which is controlled by the control signal 66 of the transmission control unit 41, and selects and outputs either the output signal 62 of the selector 49 or the output signal 63 of the encryptor 50. The parallel-serial converter 52 converts the 1-byte width parallel data of the output signal 64 of the selector 51 into 1-bit width serial data and outputs it as the B-channel signal 25. The counter 53 increments the count value by 1 each time one IDL character is sent. The comparator 54 outputs the count value output 68 of the counter 53 and the output signal 59 of the M register 46.
When the contents of and match, the output 69 is turned on and the transmission control unit 41 is notified. The encryption key (generally 8 bytes) 58 from the KEY register 45 is supplied to the encryption device 50 and the encryption / decryption device 74. A signal 65 for controlling the encryptor 50 is output from the transmission control unit 41.

The reception control section 71 controls the entire reception section 6. The N register 72 is connected to the internal bus 21 and
A value indicating the number of consecutively received characters (hereinafter, this value is referred to as “N”: where N ≦ M) is set by the microprocessor unit 4. The serial / parallel converter 73 converts the 1-bit wide serial data of the B channel signal 24 into parallel data of 1-byte width, and the encryption / decryption unit 74 converts the output signal 84 (1 byte digital signal) of the serial / parallel converter 73. 1
Decode in bytes. The selector 75 is a selector having a 1-byte width and is controlled by the control signal 89 of the reception control unit 71, and selects either the output signal 84 of the serial / parallel converter 73 or the output signal 85 of the encryption / decryption unit 74. Output. The encoder / decoder 76 outputs the output signal 86 of the selector 75.
Converts a 1-byte width digital signal into a voice signal (analog signal). Electronic sound generation circuit (sound generation circuit) 7
7 is ID when switching from non-encrypted call to encrypted call
In order to prevent other than voice signals such as the L character, the EOC character, and the encrypted IV from being received and flowing from the receiver 2r of the handset 2 as an unpleasant sound, an electronic sound generating circuit 77 is used instead of the unpleasant sound. Is used to generate another voice (analog signal) to be supplied to the handset 2r, and the generated voice also serves to inform the receiver that the non-encrypted call is being switched to the encrypted call.

The selector 78 is an analog signal selector and is controlled by the control signal 90 of the reception control section 71, and outputs 87 of the code decoder 76 and electronic sound generating circuit 77.
Output 88 of the above is selected and output. Comparator 8
2 is the output signal 86 of the selector 75 and the EOC register 43
When the contents of the output EOC character 56 and the output EOC character 56 match, the output 95 is turned on. The comparator 79 turns on the output 91 when the output signal 86 of the selector 75 and the content of the output IDL character 56 of the IDL register 42 match. The count value of the counter 80 increases by 1 when the output 91 of the comparator 79 is on, and becomes 0 when the output 91 of the comparator 79 is off. When the contents of the count value output 92 of the counter 80 and the output 93 of the N register 72 match, the comparator 81 turns on the output 94 to notify the reception control unit 71. When the start signal 96 from the reception control section 71 is turned on, the comparator 83 outputs the output 86 of the selector 75 and the IV
Are compared in order from the most significant byte of the signal 57 (8 bytes) given, and if all 8 bytes match, the output 96 is turned on and the reception control section 71 is notified. If a mismatch occurs during comparison, the comparison operation is stopped. The reception control unit 71 outputs a signal 89 for controlling the encryption / decryption unit 74 and the selector 75, and a CPU interrupt signal 29 for generating an interrupt to the microprocessor unit 4.

The present invention can be applied to a digital telephone which performs voice communication by encoding voice using the information channel (B channel) of the ISDN basic interface subscriber line. The operation of the present invention will be described below with reference to FIGS. 1, 2 and 3 by taking this digital telephone as an example. A caller-side digital telephone with an encryption function (hereinafter referred to as "X telephone") to which the present invention is applied, and a caller-side digital telephone with an encryption function to which the present invention is applied (hereinafter "Y telephone")
Will be described) from the time after the B channel of the X telephone and the B channel of the Y telephone are connected.

Before carrying out the encrypted call, in order to prevent leakage to a third party, the person who first took the Y telephone handset,
It is necessary to judge whether or not the person who placed the X telephone is the person who wants to talk. First from the conversation content, Y
The person who picks up the telephone handset may hang up at that point if the person who dials the X telephone does not want to talk. Next, some means, for example, the encryption key and IV (combination of numbers known only to each other at the time) sent in advance by mail, both sides input the encryption key and IV from the push button dial of each telephone, and then input that. Both sides confirm that the above is completed, and both or one of the persons presses the cryptographic switch to start the cryptographic call. If the encryption key entered by both parties and the IV match, you can talk in the encrypted call state, but if the encryption key entered on the Y telephone side or I
If V is different from that of X telephone, communication becomes impossible,
Both phones generate an alarm and display it on the display. As a result, the confidential call contents will not be accidentally leaked to anyone other than the parties concerned. Further, even if the encryption key or IV is erroneously input, an alarm is generated and a non-encrypted call state is established, and subsequent calls are possible, so that the parties can confirm each other by conversation again.

Even if an attempt is made to eavesdrop somewhere on the line, eavesdropping is not possible unless the contents of the call are decrypted from the beginning of the encrypted call with the same encryption key and IV as the above with the telephone to which the present invention is applied. is there. In the present invention, the voice signal to be encoded is in units of 8 bits (1 byte), and real-time property is required for conversation,
CF that performs encryption in 8-bit units in stream encryption format
The B and OFB modes are applied, and the initial variable (IV) is fixed.

Next, the above operation will be described in detail by taking the transmitting side of the X telephone and the receiving side of the Y telephone as examples. Sender side The transmitter side has five operation phases. In the first operation phase, the input voice code is transmitted without being encrypted (hereinafter referred to as "phase 1").

In the second operation phase, M IDL characters are sent out in response to a cipher start instruction from the microprocessor unit, and a transition is made to phase 3 (hereinafter referred to as "phase 2"). The third operation phase is one EO
Until the C character is transmitted and the phase shifts to phase 4 (hereinafter referred to as "phase 3").

The fourth operation phase is IV (8 bytes)
Until encrypted and transmitted, and transit to phase 5 (hereinafter referred to as "phase 4"). The fifth operation phase is
The input voice code is encrypted and transmitted (hereinafter referred to as "Phase 5"). Prior to the start of the operation, the microprocessor unit 4 executes the initial program so that the IDL of the transmitter unit 7
The IDL character is set in the register 42, and the transmitter 7
Set the EOC character in the EOC register 43 of
A value M of consecutive IDL character transmissions is set in the M register 47 of the transmitter 7 and I is set in the N register 72 of the receiver 6.
The number N of consecutive receptions of DL characters is set, the control register 47 of the transmitter 7 is instructed to initialize the transmitter controller 41 and the receiver controller 71, and the LAP-D controller 8 and the key The input control unit 10 is brought into an operable state.

Phase 1 The output signal 23 (analog signal) of the transmitter 2s of the handset 2 of FIG. 1 is converted by the encoder 48 of the transmitter 7 into a 1-byte digital signal (voice code). At this time, the transmission control unit 41 instructs the selector 49 to select the output signal 61 of the encoder 48 by the control signal 70,
The control signal 66 controls the selector 51 to the selector 49.
Output signal 62 is selected.

Therefore, in this phase, an unencrypted input voice code is sent to the output signal 25 of the transmitter 7 of FIG. If the person who picked up the Y telephone handset during the operation of this phase is the person who wants to talk to the person who operated the X telephone, both parties input the encryption key and IV from the push button dial 12 of the telephone, respectively. The microprocessor unit 4 processes the input encryption key and IV, and outputs the KEY register 45 and I of the transmitter unit 7, respectively.
Set in the V register 44. The content set in the KEY register 45 is set as an encryption key in the encryption unit 50 and the encryption / decryption unit 74, and the content set in the IV register 44 is set as IV in the encryption unit 55 and the encryption / decryption unit 74.

Phase 2 After confirming that both parties have completed the input of the encryption key and IV in Phase 1, both parties or one of the parties turns on the cryptographic switch 13 for instructing the start of the cryptographic call. Press down. Signal 2 by pressing the encryption switch 13
7 is turned on to notify the key input control unit 10, and the key input control unit 10 notifies the microprocessor unit 4 that the cryptographic switch 13 has been pressed. In response to this, the microprocessor unit 4 issues an encryption start instruction to the control register 47 (at time 101 in FIG. 3).

Further, when the other party (Y telephone) presses the encryption switch 13 before this side, the reception control section 71 of the reception section 6 continues the IDL character to the microprocessor section 4 by the CPU interrupt signal 29. Report that N pieces have been received (details will be explained on the receiving side). Upon receipt of this report, the microprocessor unit 4 issues an encryption start instruction to the control register 47 as in the case where the encryption switch 13 is pressed.

In response to the cipher start instruction to the control register 47, the transmission control unit 41 instructs the selector 49 to select the output signal 55 of the IDL register 42 by the control signal 70 and the control signal 67. Turn on to start the counter 53. Counter 53 is ID
The count value is incremented by 1 each time one L character is sent, and when the value of the count value output signal 68 reaches the value M set in the M register 46, the output signal 69 of the comparator 54 is turned on and sent. In response to this, the talk control unit 41 receives the control signal 67.
Is turned off and the counter 53 is cleared to 0,
Transition to the operation of phase 3.

Therefore, in this phase, M IDL characters are transmitted as the output signal 25 of the transmitter 7 in FIG. 1, and the phase 3 is entered (period 101 to 102 in FIG. 3). -Phase 3 The transmission control unit 41 causes the selector 49 to E by the control signal 70.
The output signal 56 of the OC register 43 is instructed to be selected, one EOC character is transmitted, and the operation transits to the phase 4 operation. Therefore, in this phase, the EOC character 1 is output as the output signal 25 of the transmitter 7 in FIG. The individual pieces are transmitted, and the state transits to phase 4 (the period from 102 to 103 in FIG. 3).

Phase 4 The transmission control unit 41 causes the selector 49 to switch to I by the control signal 70.
A signal 57 (8) to which IV is given from the V register 44
Byte) is selected in order from the upper byte, the control signal 65 instructs the encryption device 50 to start encryption, and the control signal 66 instructs the selector 51 to output the output signal of the encryption device 50. Instruct to select 63,
The encrypted IV (8 bytes) is sent out and the process moves to phase 5.

Therefore, in this phase, as the output signal 25 of the transmitter 7 of FIG. 1, an IV of 8-byte length encrypted with the encryption key set by the push button dial 12 and IV is used.
Is transmitted (the period from 103 to 104 in FIG. 3). Phase 5 The transmission control unit 41 instructs the selector 49 to select the output signal 61 of the encoder 48 by the control signal 70, and sends out the encrypted input voice code.

Therefore, in this phase, as the output signal 25 of the transmitter 7 of FIG. 1, the encryption key set by the push button dial 12 and the input voice code encrypted by IV are transmitted (104 and subsequent steps in FIG. 3). Receiver side There are four operation phases on the receiver side.

In the first operation phase, the received voice code is output as it is, and if N consecutive IDL characters are detected, the phase shifts to phase 2 (hereinafter referred to as "phase 1"). In the second operation phase, the output of the received voice code is stopped and the EOC character is awaited to be detected. If an EOC character is detected, the process transits to phase 3 (hereinafter referred to as "phase 2").

In the third operation phase, the received data (encrypted IV) is decrypted, the decrypted IV and the contents of the IV register 44 are compared, and if they match, a transition is made to phase 4, where they match. If there is not, it transits to phase 1 (hereinafter referred to as "phase 3"). The fourth operation phase is
The received data (encrypted voice code) is decrypted and the voice code is output (hereinafter referred to as "phase 4").

Phase 1 The reception control unit 71 instructs the selector 75 to select the output signal 84 of the serial-parallel converter 73 by the control signal 89, and the control signal 90 instructs the selector 78 to the code decoder 76. Since it is instructed to select the output signal 87, the voice from the other party is directly output to the handset 2r of the handset 2 in FIG. 1 without being decrypted.

Further, since the counter 80 is in operation, a plurality of I's sent before the other party starts the voice encryption.
DL characters can be detected at any time. Comparator 79
Counter 80 each time one detects an IDL character
The counter value of 1 increases by 1 (when the signal 86 is other than an IDL character, the output signal 91 of the comparator 79 is turned off and the counter 80 is cleared to 0). When the value of the count value output signal 92 of the counter 80 reaches the value N set in the N register 72, the output signal 95 of the comparator 81 is turned on, and the reception control section 71 receives this and shifts to the phase 2 operation. C to the microprocessor unit 4
The PU interrupt signal 29 reports that N consecutive IDL characters have been received. In response to this, the microprocessor unit 4 issues an encryption start instruction to the control register 47 when the encryption start instruction has not been issued to the control register 47 (see time point 106 in FIG. 3). If the encryption start instruction has already been issued to the control register 47, this interrupt is ignored.

Therefore, in this phase, the voice signal (digital signal) received by the output signal 22 of the receiving section 6 in FIG.
It is in a state of waiting for detection of N consecutive L characters. Phase 2 The reception control section 71 uses the control output signal 90 to select the selector 78.
Is instructed to select the output signal 88 of the electronic sound generating circuit 77. Therefore, the voice generated by the electronic sound generating circuit 77 flows from the handset 2r of the handset 2 of FIG.

When the comparator 82 detects an EOC character, the output signal 95 of the comparator 82 is turned on to notify the reception control section 71, and the reception control section 71 receives this and shifts to the phase 3 operation ( (Point 107 in FIG. 3). Therefore, in this phase, the voice from the electronic sound generating circuit is passed through the handset 2r and the EOC character waits. Phase 3 The reception control unit 71 uses the control signal 89 to instruct the encryption / decryption device 74 to start the operation of decrypting the reception data (encrypted IV), and to the selector 75 the output signal 85 of the encryption / decryption device 74. Instruct to make a selection.

IV8 decoded by the control signal 96
6 and the contents of the IV register 44 are compared, and if they match (at the point of time 108 in FIG. 3), the output 97 of the comparator 83 is turned on to notify the reception control unit 71, and the reception control unit 71 receives the phase. Transition to the operation of 4. If the signal 86 and the contents of the IV register 44 do not match, the comparator 83
The output signal 97 is turned off, and the reception control unit 71 receives it and reports to the microprocessor unit 4 that the encryption key or IV does not match with the CPU interrupt signal 29.

The fact that the decrypted IV and the contents of the IV register match here means the same as the encryption key and IV input in the X telephone and the Y telephone. Further, when the microprocessor unit 4 receives the report that the encryption keys or IV do not match, an alarm is displayed on the display control unit 9 by the display unit 14.
, The control register 47 is instructed to restart operation, and the transmission control unit 41 and the reception control unit 7 are instructed.
1 is instructed to start the operation from phase 1.

Therefore, in this phase, if the decoded IV and the contents of the IV register 44 match, the phase 4 is entered, and if they do not match, an alarm is generated and the phase 1 is entered. Phase 4 The reception control section 71 instructs the selector 78 to select the output signal 87 of the code decoder 76 by the control signal 90.

Therefore, in this phase, the encrypted voice signal received as the output signal 22 of the reception section 6 in FIG. 1 is decrypted, converted into an analog signal and output.

[0052]

As can be understood from the above description, the present invention has the following effects. Since the encryption algorithm is DES, FEAL, etc. and the stream encryption format is used, the encryption strength is strong. Since encryption and decryption are performed with digital signals, there is no deterioration in decryption sound quality due to encryption.

Since the encryption / decryption processing is performed in units of the output width of the encoder and the encoder / decoder, the signal processing delay is small and conversation is not difficult. During switching from non-encrypted call to encrypted call, another voice is generated instead of the received data (dummy data, first character, second character, IV, etc.) and supplied to the handset, so there is no discomfort. Moreover, it can be confirmed that the non-cryptographic call is switched to the encrypted call state.

The transmitting side automatically transmits a predetermined number of first characters at the start of encryption, and the receiving side detects that the number of consecutively detected first characters received at this time is less than the number of transmissions. Even if an error occurs, this specific character can be easily detected. If the encrypted call cannot be performed normally due to the difference in the encryption key, etc., a message to that effect is displayed on both the caller side and the callee side, and the call automatically switches to non-encrypted call.

Since the initial variable character string that cannot be known by an eavesdropper is used to confirm the matching of the encryption keys input on the sending side and the receiving side, the encryption strength is strong. Since the encryption / decryption start on the receiver side may be performed after the encrypted second character, it is suitable for the stream encryption format.
Since it has a simple configuration, the hardware scale is small, and it is within the range that can be easily integrated into one chip with current LSI technology.
The device can be realized at low cost.

In the above description, the first and second codes may be used instead of the first and second characters. When it is considered that the encryption keys do not match and the state is returned to the non-encrypted communication state,
You may choose not to display it to warn you, but to hear an audible tone, or if the device is configured to always show whether you are in a non-encrypted or encrypted call state. The warning may be displayed. The electronic sound generation circuit does not necessarily have to be provided.

[Brief description of drawings]

FIG. 1 is a block diagram showing an embodiment of the present invention.

FIG. 2 is a block diagram showing an internal configuration example of a receiver 6 and a transmitter 7 in FIG.

FIG. 3 is a time chart showing a conversion operation from a non-encrypted call to an encrypted call.

Claims (1)

[Claims] 1. A coder for converting an analog signal from a transmitter into a digital signal, and K number determined between the output of the coder, the first code and the second code. A first selector that selects and outputs any one from a third code string consisting of an integer greater than or equal to 1), an encryptor that encrypts the output of the first selector in a stream encryption format, and A second selector that selects either the output or the output of the first selector, and first controls the first selector and the second selector so as to send the output of the encoder, In response to a cipher start instruction from (1), the first selector is controlled so that M pieces of the first code (M is an integer of 2 or more) are continuously transmitted, and then one piece of the second code is transmitted. Control the first selector to With the start of the operation of the No.
The first selector and the second selector are controlled to encrypt and transmit the third code string, and then the first selector to encrypt and output the output of the encoder.
A transmission control unit for controlling the selector of, a decryption device for decrypting the received digital signal in a stream encryption format,
A third selector that selects either the output of the encryption / decryption unit or the received digital signal, and N consecutive first codes from the output of the third selector (where N≤M and N is a positive integer). ) Detecting means, means for detecting the second code from the third selector output, means for detecting the third code string from the third selector output, and the third selector output. A code decoder for converting to an analog signal, a receiver to which the output of the code decoder is supplied, and first, the received digital signal is supplied to the code decoder, and the output of the code decoder is supplied to the receiver. In this way, while controlling the third selector as described above, an operation of detecting N consecutive first codes from the output of the third selector is performed, N consecutive first codes are detected, and thereafter,
When the second code is detected, the third selector is controlled so that the received digital signal is supplied to the encryption / decryption device, the decoding operation of the encryption / decryption device is started, and the output from the third selector is output. When the third code string is detected and the third code string is detected, the output of the encryption / decryption unit is decoded by the code decoder and supplied to the receiver. And a reception control unit having means for notifying the fact that it is in the non-encrypted communication state while controlling the above, and notifying the third code string.