摘要 |
A satellite mobile telecommunications system includes mobile terminals 2a, 2b which can communicate with one another using end-to end encryption and decryption techniques. When secure end-to-end communication is required, each terminal uses a common encryption code (RAND) to encode data and decode data transmitted between the terminals. The encryption code is transmitted in a secure manner from a remote database station (15) to the terminals. Each terminal stores a terminal key (Ka, Kb) on its SIM card and the keys are also held in the remote station (15). Partial keys (Kpa, Kb) comprising the pseudo random number (RAND) and the keys Ka, Kb stored at the station (15) are produced at the station (15) by an exclusive OR process in order to mask the keys and the random number. The partial key Kpa=Ka+(RAND) is sent to terminal 2a. At the terminal 2a, the partial key Kpa is exclusive OR-ed with the locally stored terminal key Ka on the SIM card, so as to recover (RAND). The common code (RAND) is determined by the same process at terminal 2b, from Kpb=Kb+(RAND) and the locally stored key Kb. The terminals then both run a GSM encryption algorithm (A5) to encrypt and decrypt transmitted data, on the basis of the common code (RAND).
|