Login| Sign Up| Help| Contact|

Patent Searching and Data


Title:
VOICE ENCRYPTION DEVICE
Document Type and Number:
WIPO Patent Application WO/2008/129546
Kind Code:
A3
Abstract:
A headset (32) for use with a telephone (24) includes a housing (34), which is configured to be fastened to a head of a user (22), an earphone speaker (38) associated with the housing, and a microphone (40) associated with the housing. An encryption processor (44), contained in the housing, is coupled to receive and encrypt audio input from the microphone so as to generate outgoing encrypted audio data, for decryption using an encryption key that is not available to the telephone. A telephone interface unit (46), contained in the housing, is configured to convey the outgoing encrypted audio data over a link to the telephone for transmission by the telephone over a telephone network, and to receive incoming audio data over the link from the telephone to be played as audio output via the earphone.

Inventors:
FRENKEL LIOR (IL)
ZILBERSTEIN AMIR (IL)
Application Number:
PCT/IL2008/000537
Publication Date:
February 19, 2009
Filing Date:
April 17, 2008
Export Citation:
Click for automatic bibliography generation   Help
Assignee:
GITA TECHNOLOGIES LTD (IL)
FRENKEL LIOR (IL)
ZILBERSTEIN AMIR (IL)
International Classes:
H04K1/00
Foreign References:
US6901241B22005-05-31
Other References:
KUHN ET AL.: "Security Considerations for Voice Over IP systems", Retrieved from the Internet
Attorney, Agent or Firm:
SANFORD T. COLB & CO. et al. (Rehovot, IL)
Download PDF:
Claims:

CLAIMS

1. A headset for use with a telephone, the headset comprising: a housing, which is configured to be fastened to a head of a user; an earphone speaker associated with the housing; a microphone associated with the housing; an encryption processor, which is contained in the housing and is coupled to receive and encrypt audio input from the microphone so as to generate outgoing encrypted audio data, for decryption using an encryption key that is not available to the telephone; and a telephone interface unit, which is contained in the housing, and is configured to convey the outgoing encrypted audio data over a link to the telephone for transmission by the telephone over a telephone network, and to receive incoming audio data over the link from the telephone to be played as audio output via the earphone.

2. The headset according to claim 1, wherein the telephone interface unit comprises a wireless interface, and wherein the link is a wireless link.

3. The headset according to claim 2, wherein the wireless link has a range no greater than 50 m.

4. The headset according to any of claims 1-3, wherein the incoming audio data are encrypted, and wherein the encryption processor is operative to decrypt the incoming encrypted audio data for output via the earphone.

5. Communication apparatus, comprising: a telephone, for conveying audio data over a telephone network; and a headset, comprising: an earphone speaker;

a microphone; an encryption processor, which is coupled to receive and encrypt audio input from the microphone so as to generate outgoing encrypted audio data; and a telephone interface unit, which is configured to convey the outgoing encrypted audio data over a link to the telephone for transmission of the outgoing encrypted audio data over the telephone network without decryption of the encrypted audio data by the telephone, and which is configured to receive incoming audio data over the link from the telephone to be played as audio output via the earphone.

6-. The apparatus according to claim 5, wherein the telephone interface unit comprises a first wireless interface, and wherein the telephone comprises a second wireless interface, and wherein the link is a wireless link between the first and second wireless interfaces.

7. The apparatus according to claim 6, wherein the wireless link has a range no greater than 50 m.

8. The apparatus according to any of claims 5-7, wherein the incoming audio data are encrypted during transmission over the telephone network and are conveyed by the telephone to the headset without decryption by the telephone, and wherein the encryption processor is operative to decrypt the incoming encrypted audio data for output via the earphone.

9. Communication apparatus, comprising first and second headsets, for use with respective first and second telephones, which are configured to communicate with one another via a telephone network, each of the first and second headsets comprising: an earphone speaker;

a microphone; an encryption processor, which is coupled to receive and encrypt audio input from the microphone so as to generate outgoing encrypted audio data, for decryption by the other of the first and second headsets using an encryption key that is not available to the telephones, and to decrypt incoming encrypted audio data for audio output via the earphone; and a telephone interface unit, which is configured to convey the outgoing encrypted audio data over a link to the respective telephone for transmission over the telephone network, and to receive the incoming encrypted audio data over the link from the respective telephone.

10. The apparatus according to claim 9, wherein the telephone interface unit comprises a wireless interface, and wherein the link is a wireless link.

11. The apparatus according to claim 10, wherein the wireless link has a range no greater than 50 m.

12. A method for communication, comprising: coupling a headset to communicate over a link with a telephone, the headset comprising an earphone speaker, a microphone, and an encryption processor; receiving and encrypting audio input from the microphone using the encryption processor so as to generate outgoing encrypted audio data, for decryption using an encryption key that is not available to- the telephone; and conveying the outgoing encrypted audio data over the link to the telephone for transmission by the telephone over a telephone network to a receiving party having the encryption key.

13. The method according to claim 12, wherein the link is a wireless link.

14. The method according to claim 13, wherein the wireless link has a range no greater than 50 m.

15. The method according to any of claims 12-14, and comprising receiving incoming encrypted audio data over the link from the telephone, and decrypting the incoming encrypted audio data using the encryption processor for output via the earphone.

16. Audio apparatus for use with a telephone, the apparatus comprising: a speaker; a microphone; an encryption processor, which is coupled to receive and encrypt audio input from the microphone so as to generate outgoing encrypted audio data, for decryption using an encryption key that is not available to the telephone; and a wireless telephone interface unit, which is configured to convey the outgoing encrypted audio data over a wireless link to the telephone for transmission by the telephone over a telephone network, and to receive incoming audio data over the wireless link from the telephone to be played as audio output via the earphone.

17. The apparatus according to claim 16, wherein the wireless link has a range no greater than 50 m. 18. The apparatus according to claim 16 or 17, wherein the incoming audio data are -encrypted, and wherein the encryption processor is operative to decrypt the incoming encrypted audio data for output via the earphone.

19. A method for communication, comprising: coupling an audio device to communicate over a wireless link with a telephone, the audio device

comprising a speaker, a microphone, and an encryption processor; receiving and encrypting audio input from the microphone using the encryption processor so as to generate outgoing encrypted audio data, for decryption using an encryption key that is not available to the telephone; and conveying the outgoing encrypted audio data over the wireless link to the telephone for transmission by the telephone over a telephone network to a receiving party having the encryption key.

20. Communication apparatus, comprising: a telephone, for conveying audio data over a telephone network; and an audio device, comprising: a speaker; a microphone; an encryption processor, which is coupled to receive and encrypt audio input from the microphone so as to generate outgoing encrypted audio data; and a wireless telephone interface unit, which is configured to convey the outgoing encrypted audio data over a wireless link to the telephone for transmission of the outgoing encrypted audio data over the telephone network without decryption of the encrypted audio data by the telephone, and which is configured to receive incoming audio data over the wireless link from the telephone to be played as audio output via the earphone.

Description:

VOICE ENCRYPTION DEVICE

FIELD OF THE INVENTION

The present invention relates generally to communication systems, and specifically to devices and methods for communication encryption.

BACKGROUND OF THE INVENTION

Voice traffic carried over telephone networks is vulnerable to eavesdropping, both between the telephone and the network switching equipment and within the network itself. Various types of secure telephone devices and software have been developed in order to scramble voice communications. For example, CopyTele (Melville, New York) offers DCS-1800 Security Software for insertion in the software code of cellular and satellite phones. Similarly, Gold Line Group Ltd. (Rehovot, Israel) provides Gold Lock™ encryption software on specially modified Nokia™ cell phones.

Hardware-based security add-ons also exist. For example, Snapshield (a part of Tadiran Communications Group, Petah Tikva, Israel) offers the Snapcell cellular encryption unit as an accessory for certain mobile phones. Snapcell attaches to a standard GSM handset and is said to encrypt voice communications in a manner that is undetectable by the mobile operator. As another example, GSMK mbH (Berlin, Germany) offers Cryptophone mobile telephones with built-in encryption capability.

SUMMARY OF THE INVENTION

Embodiments of the present invention provide simple, convenient, end-to-end solutions for secure encryption of voice data that are carried over telephone networks. In these embodiments, encryption and decryption are carried out autonomously by an external audio device, such as a

user headset, which communicates over the network via a suitable telephone. The audio device typically uses an encryption key that is available to the other party to the call (who may have a similar audio device) , but is not available to the telephone itself. Thus, the voice traffic is relayed through the phone in encrypted form, as undecipherable data.

This solution permits strong encryption to be introduced using a conventional telephone without modification, and also prevents eavesdroppers from accessing clear (or weakly encrypted) voice traffic at any point between the ends of the call. Performing the encryption in the external audio device also defeats attempts by hackers to access communication traffic using malicious code within the telephone itself.

There is therefore provided, in accordance with an embodiment of the present invention, a headset for use with a telephone, the headset including: a housing, which is configured to be fastened to a head of a user; an earphone speaker associated with the housing; a microphone associated with the housing; an encryption processor, which is contained in the housing and is coupled to receive and encrypt audio input from the microphone so as to generate outgoing encrypted audio data, for decryption using an encryption key that is not available to the telephone; and a telephone interface unit, which is contained in the housing, and is configured to convey the outgoing encrypted audio data over 'a link to the telephone for transmission by the telephone over a telephone network, and to receive incoming audio data over the link from the telephone to be played as audio output via the earphone.

In some embodiments, the telephone interface unit includes a wireless interface, and the link is a wireless link. Typically, the wireless link has a range no greater than 50 m. In a disclosed embodiment, the incoming audio data are encrypted, and wherein the encryption processor is operative to decrypt the incoming encrypted audio data for output via the earphone.

There is also provided, in accordance with an embodiment of the present invention, communication apparatus, including: a telephone, for conveying audio data over a telephone network; and a headset, including: an earphone speaker; a microphone; an encryption processor, which is coupled to receive and encrypt audio input from the microphone so as to generate outgoing encrypted audio data; and a telephone interface unit, which is configured to convey the outgoing encrypted audio data over a link to the telephone for transmission of the outgoing encrypted audio data over the telephone network without decryption of the encrypted audio data by the telephone, and which is configured to receive incoming audio data over the link from the telephone to be played as audio output via the earphone.

In a disclosed embodiment, the telephone interface unit includes a first wireless interface, and wherein the telephone includes a second wireless interface, and wherein the link is a wireless link between the first and second wireless interfaces.

There is additionally provided, in accordance with an embodiment of the present invention, communication apparatus, including first and second headsets, for use with respective first and second telephones, which are configured to communicate with one another via a telephone network, each of the first and second headsets including: an earphone speaker; a microphone; an encryption processor, which is coupled to receive and encrypt audio input from the microphone so as to generate outgoing encrypted audio data, for decryption by the other of the first and second headsets using an encryption key that is not available to the telephones, and to decrypt incoming encrypted audio data for audio output via the earphone; and a telephone interface unit, which is configured to convey the outgoing encrypted audio data over a link to the respective telephone for transmission over the telephone network, and to receive the incoming encrypted audio data over the link from the respective telephone.

There is further provided, in accordance with an embodiment of the present invention, a method for communication, including: coupling a headset to communicate over a link with a telephone, the headset including an earphone speaker, a microphone, and an encryption processor; receiving and encrypting audio input from the microphone using the encryption processor so as to generate outgoing encrypted audio data, for decryption using an encryption key that is not available to the telephone; and conveying the outgoing encrypted audio data over the link to the telephone for transmission by the telephone

over a telephone network to a receiving party having the encryption key.

There is moreover provided, in accordance with an embodiment of the present invention, audio apparatus for use with a telephone, the apparatus including: a speaker; a microphone; an encryption processor, which is coupled to receive and encrypt audio input from the microphone so as to generate outgoing encrypted audio data, for decryption using an encryption key that is not available to the telephone; and a wireless telephone interface unit, which is configured to convey the outgoing encrypted audio data over a wireless link to the telephone for transmission by the telephone over a telephone network, and to receive incoming audio data over the wireless link from the telephone to be played as audio output via the earphone.

There is furthermore provided, in accordance with an embodiment of the present invention, a method for communication, including: coupling an audio device to communicate over a wireless link with a telephone, the audio device including a speaker, a microphone, and an encryption processor; receiving and encrypting audio input from the microphone using the encryption processor so as to generate outgoing encrypted audio data, for decryption using an encryption key that is not available to the telephone; and conveying the outgoing encrypted audio data over the wireless link to the telephone for transmission by the telephone over a telephone network to a receiving party having the encryption key.

There is also provided, in accordance with an embodiment of the present invention, communication apparatus, including: a telephone, for conveying audio data over a telephone network; and an audio device, including: a speaker; a microphone; an encryption processor, which is coupled to receive and encrypt audio input from the microphone so as to generate outgoing encrypted audio data; and a wireless telephone interface unit, which is configured to convey the outgoing encrypted audio data over a wireless link to the telephone for transmission of the outgoing encrypted audio data over the telephone network without decryption of the encrypted audio data by the telephone, and which is configured to receive incoming audio data over the wireless link from the telephone to be played as audio output via the earphone.

The present invention will be more fully understood from the following detailed description of the embodiments thereof, taken together with the drawings in which: BRIEF DESCRIPTION OF THE DRAWINGS

Fig. 1 is a schematic, pictorial illustration showing a system for encrypted voice communication, in accordance with an embodiment of the present invention; and Fig. 2 is a block diagram that schematically shows functional components of a telephone headset with encryption and decryption capabilities, in accordance with an embodiment of the present invention.

DETAILED DESCRIPTION OF EMBODIMENTS

Fig. 1 is a schematic, pictorial illustration showing a system 20 for encrypted voice communication, in accordance with an embodiment of the present invention. A telephone user 22 carries on voice communication using a cellular telephone 24 via a telephone network 26 with another user 28. User 28 communicates via a wired telephone 30. Although the embodiments described hereinbelow relate mainly to cellular telephones and cellular networks, the principles of the present invention may similarly be applied in communications over networks and telephones of other kinds.

Users 22 and 28 use headsets 32 and 34, respectively, for voice input to and output from their respective telephones 24 and 30. In this exemplary embodiment, the headsets exchange encrypted digital audio data over short-range wireless radio links with the respective telephones. (The term "short-range" in this context refers to links, such a Bluetooth™ radio link, that typically operate over distances no greater than 50 m, and in common use operate over distances no greater than about 10 m. ) Alternatively, a headset implementing the principles of the present invention may communicate with a suitable telephone over other sorts of wireless links, such as an infrared link. Further alternatively, the headset may be connected by a suitable wired digital link to the telephone.

Still further alternatively, the principles of the present invention may be implemented in other types of external audio devices (not shown in the figures) , which are connected to the telephone by wireless link. For example, a desktop speakerphone device, with a wireless link to a cellular telephone, may incorporate the sort of

encryption and decryption capabilities that are described herein.

As shown in the inset in Fig. 1, headset 32 comprises a housing 34 having a clip 36 for fastening to the head of user 22. In this example, clip 36 is designed to fit over the user's ear. Housing 34 comprises a speaker 38 for playing audio output and a microphone 40 for receiving audio input from the user. Interface and encryption circuits are contained in housing 34, as described hereinbelow. The design of housing 34 and clip 36 in Fig. 1 are shown here only by way of example, however, and the principles of the present invention may be implemented in substantially any sort of headset, which may be fastened to the user's head by any suitable means. For example, headset 34 is designed to clip over the head of user 28, with the interface and encryption circuits contained in a housing together with an earphone speaker and a separate microphone extending toward the user's mouth. As another example, in an alternative embodiment (not shown in the figures), the housing that contains the interface and encryption circuits may comprise two separate units connected by wire.

Fig. 2 is a block diagram that schematically shows functional components of headset 32, in accordance with an embodiment of the present invention. Microphone 40 converts sounds vocalized by user 22 to audio input signals, which are preprocessed and digitized by an audio input circuit 42, as is known in the art. An encryption processor 44 encrypts the digitized audio input data using a key that is typically not available to telephone 24. (Headset 32 thus differs, for example, from Bluetooth headsets that are known in the art, which may use Bluetooth-standard encryption to communicate with a

telephone: In such conventional headsets the decryption key must be available to the telephone in order for the headset to perform its required function.) The encryption function of processor 44 may be switched on and off by the user, so as to enable the headset to be used both for secure and non-secure communications.

Encryption processor 44 outputs encrypted audio data to telephone 24 via a radio interface 46, which thus serves as the telephone interface unit. As noted above, radio interface 46 may comprise a Bluetooth interface, and may thus communicate with many off-shelf telephones that are equipped with such an interface, without modification to the telephone. Alternatively, the telephone interface unit may comprise a different type of radio interface, such as an IEEE 802.11 interface or a proprietary interface type, or substantially any other suitable type of wireless or wired interface.

Telephone 24 receives the encrypted audio data and transmits it over network 26 to telephone 30. As noted above, telephone 24 is typically unable to decrypt the audio data, and simply transmits the encrypted data "as is." Telephone 30 receives and passes the encrypted audio data to headset 34 for decryption. For this purpose, headset 34 is provisioned with the appropriate key, either by ' pre-configuration or by means of a suitable, secure key exchange protocol with headset 32. (For example, if an asymmetrical encryption method is used, headset 34 may transmit its public key to headset 32 for use in encrypting data, which may then be decrypted only using the private key held by headset 34.) For pre-configured operation, headsets 32 and 34 may be provided as a set, each provisioned with the necessary key or keys for encrypted communication with the other. Alternatively, a special-purpose telephone (not shown) ,

suitably configured and provisioned with the appropriate key, may be used to perform the encryption and decryption functions at one end of the call.

Communication from headset 34 to headset 32 operates in like fashion. Radio interface 46 receives encrypted incoming audio data from telephone 24 and passes the data to processor 44 for decryption. An audio output circuit 48 converts the decrypted voice data to output audio signals, which are played by speaker 38. Processor 44 may use any suitable encryption scheme, either symmetric (in which the same key is used for encryption and decryption, as in the DES and AES algorithms) or asymmetric (such as RSA) . Cellular telephones, such as telephone 24, however, typically use lossy voice compression schemes, which could corrupt the encrypted data and render it undecipherable at the receiving end. One possible solution to this problem is to operate interface 46 and telephone 24 in data transmission mode (as is used in messaging and Web browsing applications in Third-Generation [3G] cellular phones or "smart phones," for example), so that the encrypted data are transmitted without loss.

Alternatively, a special encryption scheme may be defined for use by processor 44 so that decryption is not adversely affected by the compression and decompression applied by the telephone. For example, processor 44 may

"pad" the encrypted data with dummy bits in such a way that when telephone 24 compresses the encrypted data no real voice information will be lost. Although headset 32 is shown in Fig. 2 as comprising certain functional blocks, these blocks do not necessarily correspond to the actual physical components of the headset. Other elements of the headset, such as a power source and user controls, are omitted from the

figure for the sake of simplicity. The headset may typically be implemented using a set of one or more integrated circuit chips along with discrete components. Alternatively or additionally, certain functions, such as those of processor 44, may be implemented in software running on a suitable programmable device.

It will be appreciated that the embodiments described above are cited by way of example, and that the present invention is not limited to what has been particularly shown and described hereinabove. Rather, the scope of the present invention includes both combinations and subcombinations of the various features described hereinabove, as well as variations and modifications thereof which would occur to persons skilled in the art upon reading the foregoing description and which are not disclosed in the prior art.