WikiPatents - Community Patent Review
Create Free Account  |  License or Sell Your Patent  |  WikiPatents Marketplace  |  WikiPatents Blog
Username:  Password:  
    
Advanced Search
Secure communication of information    
United States Patent5577122   
Link to this pagehttp://www.wikipatents.com/5577122.html
Inventor(s)Schipper; John F. (Palo Alto, CA); Melton; Walter C. (Los Gatos, CA)
AbstractMethods for secure communication of location and other information by two spaced apart receivers in a location determination (LD) system, such as GPS, GLONASS and LORAN-C, that use pseudorange corrections to enhance the accuracy of the computed present location of an LD receiver. A pseudorange correction signal PRC(t;i;j), presenting a correction of a pseudorange measurement made at time t at an LD receiver number i from an LD signal issued by an LD signal source number j, is transmitted at a consecutive sequence of times t=t.sub.0, t.sub.1, t.sub.2, . . . , t.sub.n. The pseudorange correction signal PRC(t.sub.n ;i;j), or a message sent in a time interval t.sub.n-1 <t.ltoreq.t.sub.n, is encrypted, using an encryption key that is a function of and depends non-trivially upon one or more of the preceding pseudorange correction values PRC(t.sub.k ;i;j) (k.ltoreq.n-1). This encryption key varies from one time interval t.sub.n-1 <t.ltoreq.t.sub.n, to another as the collection of preceding pseudorange correction values changes. Several suitable encryption algorithms that depend upon one or more of the preceding pseudorange correction values are discussed.
   














 Title Information Submit all comments and votes
 
Patent Text Patent PDF Print Page Summary File History
Plain text PDF images Print Summary File History
Drawing from US Patent 5577122
Secure communication of information - US Patent 5577122 Drawing
Secure communication of information
Inventor     Schipper; John F. (Palo Alto, CA); Melton; Walter C. (Los Gatos, CA)
Owner/Assignee     Trimble Navigation Limited (Sunnyvale, CA)
Patent assignment
All assignments
Publication Date     November 19, 1996
Application Number     08/367,440
PAIR File History     Application Data   Transaction History
Image File Wrapper   Patent Term   Fees
Litigation
Filing Date     December 29, 1994
US Classification     380/28 342/357.03 342/358 701/219 701/226
Int'l Classification     H04K 001/00 H09B 007/185 G01C 021/00
Examiner     Buczinski; Stephen C.
Assistant Examiner    
Attorney/Law Firm     Schipper; John
Address
Parent Case    
Priority Data    
USPTO Field of Search     342/357 342/358 364/449 364/459 364/452 380/28 380/30 380/29
Patent Tags     secure communication information
   
Enter a comma (,) or semicolon (;) between multiple tag words/phrases.
Describe this patent:
 Amusing   
 Clever   
 Complex   
 Efficient   
 Historic   
 Important   
 Innovative   
 Interesting   
 Practical   
 Simple   
[no votes]
Patent WIKI

Share information and news about this patent, including information and news about the technology, inventors, company, ligation and licensing.
 References Submit all comments and votes
 
*references marked with an asterisk below are user-added references
 U.S. References
 
Add a new US reference:  
ReferenceRelevancyCommentsReferenceRelevancyComments
5495257
Loomis
342/357.03
Feb,1996
[0 after 0 votes]		5451964
Babu

Sep,1995
[0 after 0 votes]
5323322
Mueller
701/215
Jun,1994
[0 after 0 votes]
 Foreign References
 Other References
 Market Review Submit all comments and votes
   
Market Size
Estimate the gross annual revenues of the relevant market sector:
> $10B
$5B - $10B
$2B - $5B
$500M - $2B
$100M - $500M
$10M - $100M
$1M - $10M
$500K - $1M
$100K - $500K
< $100K
[No votes]
$0
 
$0   $2.5B   $5B   $7.5B   $10B
Market Share
Estimate the percentage of the relevant market sector this invention will capture:
75% - 100%
50% - 74.99%
25% - 49.99%
10 - 24.99%
5 - 9.99%
2 - 4.99%
1 - 1.99%
< 1%
[No votes]
0.0%
 
0%   25%   50%   75%   100%
Reasonable Royalty
What percentage of gross sales should the inventor or assignee be paid?
75% - 100%
50% - 74.99%
25% - 49.99%
10 - 24.99%
5 - 9.99%
2 - 4.99%
1 - 1.99%
< 1%
[No votes]
0.0%
 
0%   25%   50%   75%   100%
Public's "Guesstimation" of Royalty Value
Market SizeN/A[No votes]
xMarket ShareN/A[No votes]
xReasonable RoyaltyN/A[No votes]
N/A
License Availablity
If you are NOT the owner or assignee, answer here:
Yes, license is available for purchase

No, license is not currently available



 [No votes]
License Availablity
If you ARE the owner or assignee, answer here:
Yes, license is available for purchase

No, license is not currently available



 [No votes]
Competitive Advantage
Does this invention have a significant competitive advantage over similar technologies?
Yes

No



 [No votes]
Most helpful competitive advantage comment
[No comments]
Commercial Alternatives
Are there viable commercial alternatives for this invention?
Yes

No



 [No votes]
Most helpful commercial alternative comment
[No comments]
 Technical Review Submit all comments and votes
 Claims Submit all comments and votes
 


We claim:

1. A method for secure electromagnetic communication of location correction information between two Location Determination System stations, or "LDS stations", the method comprising the steps of:

providing an LDS reference station, having location coordinates that are known with high accuracy, the reference station having an LDS signal antenna and associated LDS signal receiver/processor for receiving and processing location determination signals, or "LD signals", from a plurality of LD signal sources to determine spatial location and clock coordinates for that station;

providing an LDS mobile station, having an LDS signal antenna and associated LDS signal receiver/processor for receiving and processing LD signals from a plurality of LD signal sources to determine spatial location and clock coordinates for that station;

causing each of the reference station and the mobile station to receive LD signals from a plurality of LD signal sources, numbered j=1, 2, . . . M[(M.gtoreq.2)], with M.gtoreq.2, in common view with each other, and to determine the LD signal values LD(t;i;j) as a function of time t for that station, numbered i=reference and i=mobile, from the signals received from the M common view LD signal sources;

causing the reference station to determine location determination adjustment signal values, or "LDA signal values", LDA(t;ref;j) at one or more times t that, when added to the LD signal values LD(t;ref;j) available at the reference station for the time t, produce spatial location coordinates that approximately agree with the known spatial location coordinates for the reference station for the time t; and

providing the LDA signal values LDA(t;ref;j) in an encrypted form for the mobile station for a sequence of at least two consecutive times t=t.sub.1, t.sub.2, . . . , t.sub.n, t.sub.n+1, . . . so that the mobile station can correct its mobile station measured LD signal values, LD(t;mob;j), where this encrypted form of an LDA signal LDA(t.sub.n ;ref;j) for at least one of this sequence of times t.sub.n (n.gtoreq.1) uses an encryption key K.sub.n that has at least one parameter that depends non-trivially upon at least one of the preceding LDA signal values, LDA(t.sub.1 :ref;j) . . . , and LDA(t.sub.n-1 :ref:j), provided by the reference station, and where at least two encryption keys, K.sub.n1 and K.sub.n2, for different times t.sub.n =t.sub.n1 and t.sub.n =t.sub.n2 differ from each other.

2. The method of claim 1, further comprising the step of selecting said LDA signals from a class of such signals consisting of pseudorange correction signals and carrier phase correction signals.

3. The method of claim 1, further comprising the steps of:

causing said mobile station to use said encryption key K.sub.n to attempt to decrypt said encrypted form of said LDA signals received by the mobile station for said time t=t.sub.n, and to determine whether said LDA signals received for said time t=t.sub.n were encrypted using said encryption key K.sub.n ;

when said LDA signals received by the mobile station for said time t=t.sub.n are determined to have been encrypted using said encryption key K.sub.n, causing said mobile station to form corrected LD signal values CLD(t.sub.n ;mob;j)=LD(t.sub.n ;mob;j)+LDA(t.sub.n ;ref;j), to replace said LD signal value LD(t.sub.n ;mob;j) by this corrected LD signal value for j=1, . . . , M, and to compute a corrected mobile station location for said time t=t.sub.n using the corrected LD signal values; and

when said LDA signals received by the mobile station for the time t=t.sub.n are determined not to have been encrypted using said encryption key K.sub.n, causing said mobile station to reject or ignore said LDA signals for said time t=t.sub.n.

4. A method for secure electromagnetic communication of information between two Location Determination System stations, or "LDS stations", the method comprising the steps of:

providing an LDS reference station, having location coordinates that are known with high accuracy, the reference station having an LDS signal antenna and associated LDS signal receiver/processor for receiving and processing location determination signals, or "LD signals", from a plurality of LD signal sources to determine spatial location and clock coordinates for that station;

providing an LDS mobile station, having an LDS signal antenna and associated LDS signal receiver/processor for receiving and processing LD signals from a plurality of LD signal sources to determine spatial location and clock coordinates for that station;

causing each of the reference station and the mobile station to receive LD signals from a plurality of LDS satellites, numbered j=1, 2, . . . , M, with M.gtoreq.2, in common view with each other, and to determine the LD signal values LD(t;i;j) as a function of time t for that station, numbered i (i=reference and i=mobile), from the signals received from the M common view LDS signal sources;

causing the reference station to determine location determination adjustment signal values, or "LDA signal values," LDA(t;ref;j) at one or more times t that, when added to the LD signal values LD(t;ref;j) available at the reference station for the time t, produce spatial location coordinates that approximately agree with the known spatial location coordinates for the reference station for the time t;

providing the LDA signals LDA(t;ref;j) for the mobile station for a sequence of at least two consecutive times t=t.sub.1, t.sub.2, . . . , t.sub.n, t.sub.n+1, . . . so that the mobile station can correct its mobile station measured LD signal values; and

for times t in at least one time interval t.sub.n <t.ltoreq.t.sub.n+1, causing the reference station to encrypt a message to produce an encrypted message M.sub.n and to transmit the message M.sub.n from the reference station to the mobile station, where this encrypted message uses an encryption key K.sub.n that has at least one parameter that depends upon at least one of the preceding LDA signal values, LDA(t.sub.1 ;ref;j), . . . , LDA(t.sub.n-1 ;ref;j), provided by the reference station, and where at least two encryption keys K.sub.n1 and K.sub.n2 for different times t.sub.n =t.sub.n1 and t.sub.n =t.sub.n2 differ from each other.

5. The method of claim 4, further comprising the step of selecting said LDA signals from a class of such signals consisting of pseudorange correction signals and carrier phase correction signals.

6. The method of claim 4, further comprising the steps of:

causing said mobile station to use said encryption key K.sub.n to attempt to decrypt a message M'.sub.n received by said mobile station for said time t=t.sub.n, and to determine whether the encrypted message M'.sub.n received for said time t=t.sub.n was encrypted using said encryption key K.sub.n ;

when the message M'.sub.n received by said mobile station for said time t=t.sub.n is determined to have been encrypted using said encryption key K.sub.n, causing said mobile station to accept a decrypted version of the message M'.sub.n as received from said reference station; and

when the message M'.sub.n received by said mobile station for said time t=t.sub.n is determined not to have been encrypted using said encryption key K.sub.n, causing said mobile station to treat the message M'.sub.n. as not received from said reference station.

7. The method of claim 4, wherein said step of causing said reference station to encrypt a message comprises the steps of:

providing a universe U(N) having N distinct characters from which the cleartext message is drawn;

providing an invertible transformation T1 of the set U(N) of characters onto a set of integers R(N)={0, 1, 2, . . . , N-1}, where the mth character, X.sub.CLR,m, of the cleartext message is transformed into an mth cleartext integer representative, I.sub.CLR,m =T1(X.sub.CLR,m), by the transformation T1;

providing an encryption transformation E of the set R(N) into R(N) that receives the cleartext integer representative, I.sub.CLR,m, and produces a ciphertext integer representative, I.sub.CYF,m =E(I.sub.CLR,m); and

providing an invertible transformation T2 of the set R(N) onto the universe U(N) of characters, where the mth character of the ciphertext message, X.sub.CYF,m, is the image under the transformation T2 of an mth integer, I.sub.CYF,m ;

where, for at least two time intervals given by t.sub.n <t.ltoreq.t.sub.n+1, for n=n1 and n=n2 with a.ltoreq.n1<n2, at least one of the transformations T1, E and T2 has a parameter that depends upon at least one of said preceding LDA signal values, LDA(t.sub.0 ;ref;j), . . . LDA(t.sub.n-1 ;ref;j), provided by said reference station.

8. The method of claim 7, further comprising the step of selecting said transformation T1 so that T1 depends non-trivially upon at least one of said preceding LDA signal values LDA(t.sub.k ;ref;j) with k<n.

9. The method of claim 8, further comprising the step of selecting said transformation T1 to be of the form ##EQU3## where P.sub.N is a selected permutation on said set R(N), T1' is a second selected transformation from said set U(N) onto said set R(N), and S(n-q1;n-q2;r1;r2) is an integer defined by ##EQU4## s(k;r1;r2)=sum of digits in the sequence m(k;r1;r2) (mod N), m(k;r1;r2)=selected sequence of r2-r1+1 digits, each having a value between 0 and 9 inclusive, in the digit positions r1, r1+1, . . . , r2-1, r2 in a selected LDA signal value LDA(t.sub.k' :ref;j) with k'<n,

where q1, q2, r1 and r2 are positive integers satisfying 1.ltoreq.q1<q2 and 1.ltoreq.r1<r2.

10. The method of claim 8, further comprising the step of selecting said transformation T1 to be of the form ##EQU5## where P.sub.N is a selected permutation on said set R(N), T1' is a second selected transformation from said set U(N) onto said set R(N), and P is an integer defined by ##EQU6## p(k;r1;r2)=product of digits in the sequence m(k;r1;r2) (mod N), excluding 0, 1 and any non-trivial integer divisor of N,

m(k;r1;r2)=selected sequence of r2-r1+1 digits, each having a value between 0 and 9 inclusively, in the digit positions r1, r1+1, . . . , r2-1, r2 in a selected LDA signal value LDA(t.sub.k' ;ref;j with k'<n,

where q1, q2, r1 and r2 are positive integers satisfying 1.ltoreq.q1<q2 and 1.ltoreq.r1<r2.

11. The method of claim 7, further comprising the step of selecting said transformation T2 so that T2 depends non-trivially upon at least one of said preceding LDA signal values LDA(t.sub.k ;ref;j) with k<n.

12. The method of claim 11, further comprising the step of selecting said transformation T2 to be of the form ##EQU7## where P.sub.N is a selected permutation on said set R(N), T2' is a second selected transformation from said set R(N) onto said set U(N), and S(n-q1;n-q2;r1;r2) is an integer defined by ##EQU8## s(k;r1;r2)=sum of digits in the sequence m(k;r1;r2) (mod N), n(k;r1;r2)=selected sequence of r2-r1+1 digits, each having a value between 0 and 9 inclusive, in the digit positions r1, r1+1, . . . , r2-1, r2 in a selected LDA signal value LDA(t.sub.k' ;ref;j) with k'<n,

where q1, q2, r1 and r2 are positive integers satisfying 1.ltoreq.q1<q2 and 1.ltoreq.r1<r2.

13. The method of claim 11, further comprising the step of selecting said transformation T2 to be of the form ##EQU9## where P.sub.N is a selected permutation on said set R(N), T2' is a second selected transformation from said set R(N) onto said set U(N), and P(n-q1;n-q2;r1;r2) is an integer defined by ##EQU10## p(k;r1;r2)=product of digits in the sequence m(k;r1;r2) (mod N), excluding 0, 1 and any non-trivial integer divisor of N,

m(k;r1;r2)=selected sequence of r2-r1+1 digits, each having a value between 0 and 9 inclusive, in the digit positions r1, r1+1, . . . r2-1, r2 in a selected LDA signal value LDA(t.sub.k' ;ref;j) with k'<n,

where q1, q2, r1 and r2 are positive integers satisfying 1.ltoreq.q1<q2 and 1<r1<r2.

14. The method of claim 7, further comprising the step of selecting said encryption transformation E so that E depends non-trivially upon at least one of said preceding LDA signal values LDA(t.sub.k ;ref;j with k<n.

15. The method of claim 14, further comprising the steps of choosing said encryption transformation E as follows:

providing a sequence of N.times.N matrices {K.sub.a (b,c)}.sub.a, where b and c denote the row index and the column index, respectively, where each column of entries K.sub.a (b,c) (c fixed) for each matrix K.sub.a is a permutation of said set of integers R(N) and no two columns of a matrix K.sub.a (b,c) are identical;

providing a sequence{.psi..sub.m }.sub.m of integers in R(N), with m=1,2, . . . , defined by a functional relationship .psi..sub.m =.psi..sub.m (q,r)=f(I.sub.CLR,m-q, .psi..sub.m-r), where r and s are selected positive integers, for m.gtoreq.MAX=max(q,r)-1, and providing a set of initial values, .psi..sub.0, .psi..sub.1, . . . , .psi..sub.MAX, lying in said set R(N), for this sequence, where at least one of this set of initial values depends non-trivially upon at least one of said preceding LDA signal values LDA(t.sub.k ;ref;j with k<n; and

for at least one integer m.gtoreq.MAX, defining said mth cleartext integer representative I.sub.CYF,m by the relation

I.sub.CYF,m =K.sub.m (I.sub.CLR,m, .psi..sub.m).

16. The method of claim 14, further comprising the steps of choosing said encryption transformation E as follows:

providing a sequence of N.times.N matrices {K.sub.a (b,c)}.sub.a, where b and c denote the row index and the column index, respectively, where each column of entries K.sub.a (b,c) (c fixed) for each matrix K.sub.a is a permutation of said set of integers R(N) and no two columns of a matrix K.sub.a (b,c) are identical;

providing a sequence{.psi..sub.m }.sub.m of integers in R(N), with m=1, 2, . . . , defined by a functional relationship .psi..sub.m =.psi..sub.m (q,r)=f(I.sub.CLR,m-q, .psi..sub.m-r),where r and s are selected positive integers, for m.gtoreq.MAX=max(q,r)-1, and providing a set of initial values, .psi..sub.0, .psi..sub.1, . . . .psi..sub.MAX, lying in said set R(N), for this sequence, where at least one of this set of initial values depends non-trivially upon at least one of said preceding LDA signal values LDA(t.sub.k ;ref;j) with k<n; and

for at least one integer m.gtoreq.MAX, defining said mth cleartext integer representative I.sub.CYF,m by the relation

I.sub.CYF,m =K.sub.m (.psi..sub.m, I.sub.CLR,m).

17. The method of claim 14, further comprising the steps of choosing said encryption transformation E as follows:

providing a sequence of N.times.N matrices {K.sub.a (b,c)}.sub.a, where b and c denote the row index and the column index, respectively, where each column of entries K.sub.a (b,c) (c fixed) for each matrix K.sub.a is a permutation of said set of integers R(N) and no two columns of a matrix K.sub.a (b,c) are identical; and

for at least one integer m.gtoreq.1, defining said mth cleartext integer representative I.sub.CYF,m by the relation

I.sub.CYF,m =K.sub.m (I.sub.CLR,m, (P.sub.N).sup.S(n-q1;n-q2;r1;r2) I.sub.CLR,m),

where PN is a selected permutation on said set R(N), and S(n-q1;n-q2;r1;r2) is an integer defined by ##EQU11## s(k;r1;r2)=sum of digits in the sequence m(k;r1;r2) (mod N), m(k;r1;r2)=selected sequence of r2-r1+1 digits, each having a value between 0 and 9 inclusive, in the digit positions r1, r1+1, . . . , r2-1, r2 in a selected LDA signal value LDA(t.sub.k' ;ref;j with k'<n,

where q1, q2, r1 and r2 are positive integers satisfying 1.ltoreq.q1<q2 and 1.ltoreq.r1<r2.

18. The method of claim 14, further comprising the steps of choosing said encryption transformation E as follows:

providing a sequence of N.times.N matrices {K.sub.a (b,c)}.sub.a, where b and c denote the row index and the column index, respectively, where each column of entries K.sub.a (b,c) (c fixed) for each matrix K.sub.a is a permutation of said set of integers R(N) and no two columns of a matrix K.sub.a (b,c) are identical; and

for at least one integer m.gtoreq.1, defining said mth cleartext integer representative I.sub.CYF,m by the relation

I.sub.CYF,m =K.sub.m (I.sub.CLR,m, (P.sub.N).sup.P(n-q1;n-q2;r1;r2) I.sub.CLR,m),

where P.sub.N is a selected permutation on said set R(N), and P(n-q1;n-q2;r1;r2) is an integer defined by ##EQU12## p(k;r1;r2)=product of digits in the sequence m(k;r1;r2) (mod N), excluding 0, 1 and any non-trivial integer divisor of N,

m(k;r1;r2)=selected sequence of r2-r1+1 digits, each having a value between 0 and 9 inclusive, in the digit positions r1, r1+1, . . . , r2-1, r2 in a selected LDA signal value LDA(t.sub.k' ;ref;j) with k'<n,

where q1, q2, r1 and r2 are positive integers satisfying 1<q1<q2 and 1.ltoreq.r1<r2.

19. The method of claim 14, further comprising the steps of choosing said encryption transformation E as follows:

providing a sequence of N.times.N matrices {K.sub.a (b,c)}.sub.a, where b and c denote the row index and the column index, respectively, where each column of entries K.sub.a (b,c) (c fixed) for each matrix K.sub.a is a permutation of said set of integers R(N) and no two columns of a matrix K.sub.a (b,c) are identical; and

for at least one integer m.gtoreq.1, defining said mth cleartext integer representative I.sub.CYF,m by the relation

I.sub.CYF,m =K.sub.m ((P.sub.N).sup.S(n-q1;n-q2;r1;r2) I.sub.CLR,m,I.sub.CLR,m)

where P.sub.N is a selected permutation on said set R(N), and S(n-q1;n-q2;r1;r2) is an integer defined by ##EQU13## s(k;r1;r2)=sum of digits in the sequence m(k;r1;r2) (mod N), m(k;r1;r2)=selected sequence of r2-r1+1 digits, each having a value between 0 and 9 inclusive, in the digit positions r1, r1+1, . . . , r2-1, r2 in a selected LDA signal value LDA(t.sub.k' ;ref;j) with k'<n,

where q1, q2, r1 and r2 are positive integers satisfying 1.ltoreq.q1<q2 and 1.ltoreq.r1<r2.

20. The method of claim 14, further comprising the steps of choosing said encryption transformation E as follows:

providing a sequence of N.times.N matrices {K.sub.a (b,c)}.sub.a, where b and c denote the row index and the column index, respectively, where each column of entries K.sub.a (b,c) (c fixed) for each matrix K.sub.a is a permutation of said set of integers R(N) and no two columns of a matrix K.sub.a (b,c) are identical; and

for at least one integer m.gtoreq.1, defining said mth cleartext integer representative I.sub.CYF,m by the relation

I.sub.CYF,m =K.sub.m ((P.sub.N).sup.P(n-q1;n-q2;r1;r2) I.sub.CLR,m, I.sub.CLR,m)

where P.sub.N is a selected permutation on said set R(N), and P(n-q1;n-q2;r1;r2) is an integer defined by ##EQU14## p(k;r1;r2)=product of digits in the sequence m(k;r1;r2) (mod N), excluding 0, 1 and any non-trivial integer divisor of N.

m(k;r1;r2)=selected sequence of r2-r1+1 digits, each having a value between 0 and 9 inclusive, in the digit positions r1, r1+1, . . . , r2-1, r2 in a selected LDA signal value LDA(t.sub.k' ;ref;j) with k'<n,

where q1, q2, r1 and r2 are positive integers satisfying 1.ltoreq.q1<q2 and 1.ltoreq.r1<r2.

21. A method for secure electromagnetic communication of information between two Location Determination System stations, or "LDS stations," the method comprising the steps of:

providing an LDS reference station, having location coordinates that are known with high accuracy, the reference station having an LDS signal antenna and associated LDS signal receiver/processor for receiving and processing location determination signals, or "LD signals," from a plurality of LD signal sources to determine spatial location and clock coordinates for that station;

providing an LDS mobile station, having an LDS signal antenna and associated LDS signal receiver/processor for receiving and processing LD signals from a plurality of LD signal sources to determine spatial location and clock coordinates for that station;

causing each of the reference station and the mobile station to receive LD signals from a plurality of LDS satellites, numbered j=1, 2, . . . , M, with M.gtoreq.2, in common view with each other, and to determine the LD signal values LD(t;i;j) as a function of time t for that station, numbered i=reference and i=mobile, from the signals received from the M common view LDS signal sources;

causing the reference station to determine location determination adjustment (LDA) signal values LDA(t;ref;j) at one or more times t that, when added to the LD signal values LD(t;ref;j) available at the reference station for the time t, produce spatial location coordinates that approximately agree with the known spatial location coordinates for the reference station at the time t;

providing the LDA signals LDA(t;ref;j) for the mobile station and for a selected message recipient that is spaced apart from the mobile station, at a sequence of at least two consecutive times t=t.sub.1, t.sub.2, . . . , t.sub.n, t.sub.n+1, . . . so that the mobile station can correct its measured LD signal values; and

for times t in at least one time interval t.sub.n <t.ltoreq.t.sub.n+1, causing the mobile station to encrypt a message to produce an encrypted message M.sub.n and to transmit the message M.sub.n from the mobile station to the selected recipient, where this encrypted message M.sub.n uses an encryption key K.sub.n that has at least one parameter that depends non-trivially upon at least one of the preceding LDA signal values, LDA(t.sub.1 ;i;j), . . . , LDA(t.sub.n-1 ;i;j), provided by the reference station, and where at least two encryption keys K.sub.n1 and K.sub.n2 for different times t.sub.n =t.sub.n1 and t.sub.n =t.sub.n2 differ from each other.

22. The method of claim 21, further comprising the step of selecting said LDA signals from a class of such signals consisting of pseudorange correction signals and carrier phase correction signals.

23. The method of claim 21, further comprising the steps of:

causing said selected recipient to use said encryption key K.sub.n to attempt to decrypt a message M'.sub.n received by said selected recipient for said time t=t.sub.n, and to determine whether the encrypted message M'.sub.n received for said time t=t.sub.n was encrypted using said encryption key K.sub.n ;

when the message M'.sub.n received by said selected recipient for said time t=t.sub.n is determined to have been encrypted using said encryption key K.sub.n, causing said selected recipient to accept a decrypted version of the message M'.sub.n as received from said mobile station; and

when the message M'.sub.n received by said selected recipient for said time t=t.sub.n is determined not to have been encrypted using said encryption key K.sub.n, causing said selected recipient to treat the message M'.sub.n. as not received from said mobile station.

24. The method of claim 21, further comprising the step of selecting said reference station as said recipient of said encrypted message.

25. The method of claim 21, further comprising the step of selecting a second selected LDS mobile station that is spaced apart from said mobile station as said recipient of said encrypted message.

26. The method of claim 21, wherein said step of causing said reference station to encrypt a message comprises the steps of:

providing a universe U(N) having N distinct characters from which the cleartext message is drawn;

providing an invertible transformation T1 of the set U(N) of characters onto a set of integers R(N)={0, 1, 2, . . . , N-1 }, where the mth character, X.sub.CLR,m, of the cleartext message is transformed into an mth cleartext integer representative, I.sub.CLR,m =T1 (X.sub.CLR,m), by the transformation T1;

providing an encryption transformation E of the set R(N) into R(N) that receives the cleartext integer representative, I.sub.CLR,m, and produces a ciphertext integer representative, I.sub.CYF,m =E(I.sub.CLR,m); and

providing an invertible transformation T2 of the set R(N) onto the universe U(N) of characters, where the mth character of the ciphertext message, X.sub.CYF,m, is the image under the transformation T2 of an mth integer, I.sub.CYF,m ;

where, for at least two time intervals given by t.sub.n <t.ltoreq.t.sub.n+1 with n=n1 and n=n2, at least one of the transformations T1, E and T2 has a parameter that depends non-trivially upon at least one of said preceding LDA signal values, LDA(t.sub.0 ;i;j), . . . , and LDA(t.sub.n-1 ;i;j), provided by said reference station.

27. The method of claim 26, further comprising the step of selecting said transformation T1 so that T1 depends non-trivially upon at least one of said preceding LDA signal values LDA(t.sub.k ;ref;j) with k<n.

28. The method of claim 27, further comprising the step of selecting said transformation T1 to be of the form ##EQU15## where P.sub.N is a selected permutation on said set R(N), T1' is a second selected transformation from said set U(N) onto said set R(N), and S(n-q1;n-q2;r1;r2) is an integer defined by ##EQU16## s(k;r1;r2)=sum of digits in the sequence m(k;r1;r2) (mod N), m(k;r1;r2)=selected sequence of r2-r1+1 digits, each having a value between 0 and 9 inclusive, in the digit positions r1, r1+1, . . . , r2-1, r2 in a selected LDA signal value LDA(t.sub.k' ;ref;j) with k'<n,

where q1, q2, r1 and r2 are positive integers satisfying 1.ltoreq.q1<q2 and 1.ltoreq.r1<r2.

29. The method of claim 27, further comprising the step of selecting said transformation T1 to be of the form ##EQU17## where P.sub.N is a selected permutation on said set R(N), T1' is a second selected transformation from said set U(N) onto said set R(N), and P(n-q1;n-q2;r1;r2) is an integer defined by ##EQU18## p(k;r1;r2)=product of digits in the sequence m(k;r1;r2) (mod N), excluding 0, 1 and any non-trivial integer divisor of N,

m(k;r1;r2)=selected sequence of r2-r1+1 digits, each having a value between 0 and 9 inclusive, in the digit positions r1, r1+1, . . . , r2-1, r2 in a selected LDA signal value LDA(t.sub.k' ;ref;j) with k'<n,

where q1, q2, r1 and r2 are positive integers satisfying 1.ltoreq.q1<q2 and 1.ltoreq.r1<r2.

30. The method of claim 26, further comprising the step of selecting said transformation T2 so that T2 depends non-trivially upon at least one of said preceding LDA signal values LDA(t.sub.k' ;ref;j) with k<n.

31. The method of claim 30, further comprising the step of selecting said transformation T2 to be of the form ##EQU19## where P.sub.N is a selected permutation on said set R(N), T2' is a second selected transformation frown said set R(N) onto said set U(N), and S(n-q1;n-q2;r1;r2) is an integer defined by ##EQU20## s(k;r1;r2)=sum of digits in the sequence m(k;r1;r2) (mod N), m(k;r1;r2)=selected sequence of r2-r1+1 digits, each having a value between 0 and 9 inclusive, in the digit positions r1, r1+1, . . . , r2-1, r2 in a selected LDA signal value LDA(t.sub.k' ;ref;j) with k'<n,

where q1, q2, r1 and r2 are positive integers satisfying 1.ltoreq.q1<q2 and 1.ltoreq.r1<r2.

32. The method of claim 30, further comprising the step of selecting said transformation T2 to be of the form ##EQU21## where P.sub.N is a selected permutation on said set R(N), T2' is a second selected transformation from said set R(N) onto said set U(N), and P(n-q1;n-q2;r1;r2) is an integer defined by ##EQU22## p(k;r1;r2)=product of digits in the sequence m(k;r1;r2) (mod N), excluding 0, 1 and any non-trivial integer divisor of N,

m(k;r1;r2)=selected sequence of r2-r1+1 digits, each having a value between 0 and 9 inclusive, in the digit positions r1, r1+1, . . . , r2-1, r2 in a selected LDA signal value LDA(t.sub.k' ;ref;j with k'<n,

where q1, q2, r1 and r2 are positive integers satisfying 1.ltoreq.q1<q2 and 1.ltoreq.r1<r2.

33. The method of claim 26, further comprising the step of selecting said encryption transformation E so that E depends non-trivially upon at least one of said preceding LDA signal values LDA(t.sub.k ;ref;j) with k<n.

34. The method of claim 33, further comprising the steps of choosing said encryption transformation E as follows:

providing a sequence of N.times.N matrices {K.sub.a (b,c)}.sub.a, where b and c denote the row index and the column index, respectively, where each column of entries K.sub.a (b,c) (c fixed) for each matrix K.sub.a is a permutation of said set of integers R(N) and no two columns of a matrix K.sub.a (b,c) are identical;

providing a sequence{.psi..sub.m }.sub.m of integers in R(N), with m=1, 2, . . . , defined by a functional relationship .psi..sub.m =.psi..sub.m (q,r)=f(I.sub.CLR,m-q, .psi..sub.m-r), where r and s are selected positive integers, for m.gtoreq.MAX=max(q,r)-1, and providing a set of initial values, .psi..sub.0, .psi..sub.1, . . . , .psi..sub.MAX, lying in said set R(N), for this sequence, where at least one of this set of initial values depends non-trivially upon at least one of said preceding LDA signal values LDA(t.sub.k ;ref;j) with k<n; and

for at least one integer m.gtoreq.MAX, defining said mth cleartext integer representative I.sub.CYF,m by the relation

I.sub.CYF,m =K.sub.m (I.sub.CLR,m, .psi..sub.m).

35. The method of claim 33, further comprising the steps of choosing said encryption transformation E as follows:

providing a sequence of N.times.N matrices {K.sub.a (b,c)}.sub.a, where b and c denote the row index and the column index, respectively, where each column of entries K.sub.a (b,c) (c fixed) for each matrix K.sub.a is a permutation of said set of integers R(N) and no two columns of a matrix K.sub.a (b,c) are identical;

providing a sequence{.psi..sub.m }.sub.m of integers in R(N), with m=1, 2, . . . , defined by a functional relationship .psi..sub.m =.psi..sub.m (q,r)=f(I.sub.CLR,m-q, .psi..sub.m-r), where r and s are selected positive integers, for m.gtoreq.MAX=max(q,r)-1, and providing a set of initial values, .psi..sub.0, .psi..sub.1, . . . , .psi..sub.MAX, lying in said set R(N), for this sequence, where at least one of this set of initial values depends non-trivially upon at least one of said preceding LDA signal values LDA(t.sub.k ;ref;j) with k<n; and

for at least one integer m.gtoreq.MAX, defining said mth cleartext integer representative I.sub.CYF,m by the relation

I.sub.CYF,m =K.sub.m n(.psi..sub.m, I.sub.CLR,m).

36. The method of claim 33, further comprising the steps of choosing said encryption transformation E as follows:

providing a sequence of N.times.N matrices {K.sub.a (b,c)}.sub.a, where b and c denote the row index and the column index, respectively, where each column of entries K.sub.a (b,c) (c fixed) for each matrix K.sub.a is a permutation of said set of integers R(N) and no two columns of a matrix K.sub.a (b,c) are identical; and

for at least one integer m.gtoreq.1, defining said mth cleartext integer representative I.sub.CYF,m by the relation

I.sub.CYF,m =K.sub.m (I.sub.CLR,m, (P.sub.N).sup.S(n-q1;n-q2;r1;r2) I.sub.CLR,m),

where P.sub.N is a selected permutation on said set R(N), and S(n-q1;n-q2;r1;r2) is an integer defined by ##EQU23## s(k;r1;r2)=sum of digits in the sequence m(k;r1;r2) (mod N), m(k;r1;r2)=selected sequence of r2-r1+1 digits, each having a value between 0 and 9 inclusive, in the digit positions r1, r1+1, . . . , r2-1, r2 in a selected LDA signal value LDA(t.sub.k ;ref;j) with k'<n,

where q1, q2, r1 and r2 are positive integers satisfying 1.ltoreq.q1<q2 and 1.ltoreq.r1<r2.

37. The method of claim 33, further comprising the steps of choosing said encryption transformation E as follows:

providing a sequence of N.times.N matrices {K.sub.a (b,c)}.sub.a, where b and c denote the row index and the column index, respectively, where each column of entries K.sub.a (b,c) (c fixed) for each matrix K.sub.a is a permutation of said set of integers R(N) and no two columns of a matrix K.sub.a (b,c) are identical; and

for at least one integer m.gtoreq.1, defining said mth cleartext integer representative I.sub.CYF,m by the relation

I.sub.CYF,m =K.sub.m (I.sub.CLR,m,(P.sub.N).sup.P(n-q1;n-q2;r1;r2) I.sub.CLR,m),

where P.sub.N is a selected permutation on said set R(N), and P(n-q1;n-q2;r1;r2) is an integer defined by ##EQU24## p(k;r1;r2)=product of digits in the sequence m(k;r1;r2) (mod N), excluding 0, 1 and any non-trivial integer divisor of N,

m(k;r1;r2)=selected sequence of r2-r1+1 digits, each having a value between 0 and 9 inclusive, in the digit positions r1, r1+1, . . . , r2-1, r2 in a selected LDA signal value LDA(t.sub.k' ;ref;j) with k'<n,

where q1, q2, r1 and r2 are positive integers satisfying 1.ltoreq.q1<q2 and 1.ltoreq.r1=r2.

38. The method of claim 33 further comprising the steps of choosing said encryption transformation E as follows:

providing a sequence of N.times.N matrices {K.sub.a (b,c)}.sub.a, where b and c denote the row index and the column index, respectively, where each column of entries K.sub.a (b,c) (c fixed) for each matrix K.sub.a is a permutation of said set of integers R(N) and no two columns of a matrix K.sub.a (b,c) are identical; and

for at least one integer m.gtoreq.1, defining said mth cleartext integer representative I.sub.CYF,m by the relation

I.sub.CYF,m =K.sub.m ((P.sub.N).sup.S(n-q1;n-q2;r1;r2) I.sub.CLR,m, I.sub.CLR,m)

where P.sub.N is a selected permutation on said set R(N), and S(n-q1;n-q2;r1;r2) is an integer defined by ##EQU25## s(k;r1;r2)=sum of digits in the sequence m(k;r1;r2) (mod N), m(k;r1;r2)=selected sequence of r2-r1+1 digits, each having a value between 0 and 9 inclusive, in the digit positions r1, r1+1, . . . , r2-1, r2 in a selected LDA signal value LDA(t.sub.k' ;ref;j) with k'<n,

where q1, q2, r1 and r2 are positive integers satisfying 1.ltoreq.q1<q2 and 1.ltoreq.r1<r2.

39. The method of claim 33, further comprising the steps of choosing said encryption transformation E as follows:

providing a sequence of N.times.N matrices {K.sub.a (b,c)}.sub.a, where b and c denote the row index and the column index, respectively, where each column of entries K.sub.a (b,c) (c fixed) for each matrix K.sub.a is a permutation of said set of integers R(N) and no two columns of a matrix K.sub.a (b,c) are identical; and

for at least one integer m>1, defining said mth cleartext integer representative I.sub.CYF,m by the relation

I.sub.CYF,m =K.sub.m ((P.sub.N).sup.P(n-q1;n-q2;r1;r2) I.sub.CLR,m, I.sub.CLR,m)

where P.sub.N is a selected permutation on said set R(N), and P(n-q1;n-q2;r1;r2) is an integer defined by ##EQU26## p(k;r1;r2)=product of digits in the sequence m(k;r1;r2) (mod N), excluding 0, 1 and any non-trivial integer divisor of N,

m(k;r1;r2)=selected sequence of r2-r1+1 digits, each having a value between 0 and 9 inclusive, in the digit positions r1, r1+1, . . . , r2-1, r2 in a selected LDA signal value LDA(t.sub.k' ;ref;j) with k'<n,

where q1, q2, r1 and r2 are positive integers satisfying 1.ltoreq.q1<q2 and 1.ltoreq.r1<r2.
 Description Submit all comments and votes
 


TECHNICAL FIELD

This invention relates to encryption of electromagnetic wave communications to and from a mobile receiver that uses present and past mobile receiver location information to vary the encryption key.

BACKGROUND OF THE INVENTION

In the past 20 years, many electronic location determination (LD) systems have been introduced that can determine, with varying inaccuracies, the present location of a mobile receiver. The LD system can be based on electromagnetic signals received frown satellites, such as the Global Positioning System (GPS), the Global Navigation Satellite System (GLONASS), and the ORBCOMM system. The LD system can also be based on electromagnetic signals received from ground-based systems (usually, but not necessarily, fixed in location), such as LORAN-C, TACAN, DECCA, OMEGA, JTIDS Relnav and the Position Locating and Reporting System (PLRS). Many of these LD systems are summarized in Tom Logsdon, The Navstar Global Positioning System, Van Nostrand Reinhold, New York, 1992, pp. 17-47, incorporated by reference herein.

In many instances, an LD system is used to determine the location of a mobile station, containing an LD system antenna and receiver/processor, and the results are transmitted to a central station for further processing and/or storage. The results transmitted by the mobile station may be the raw measurements made at that station, or may be the results of partial or full processing of these measurements at that station. In many situations, the location of the mobile station and the time the LD measurements were made are sensitive or proprietary, and the mobile station user prefers that this location information, as well as other related sensitive information, be transmitted and received confidentially. For example, if a geological survey team is conducting a mineral or petroleum survey of a large area of land, extending over several days or weeks, and is periodically transmitting its findings to a central station for analysis and storage, the team will wish to keep its results, and the locations corresponding to these results, confidential and unavailable to anyone else who receives these transmitted messages.

One attractive method of assuring confidentiality is to encrypt the transmitted data. If a single, static code or cipher is used for such transmissions, the great amount of data transmitted by the mobile station using such a code or cipher allows an eavesdropper greater opportunity to decode or decipher the encrypted data by looking for similarities in these data and working backward to determine the cleartext or non-encrypted data.

A satellite-based or ground-based LD system can provide for transmission of messages, including but not limited to present location information, but provides no security for such messages. Security concerns are two-told here: (1) a concern that no unauthorized person obtain access to the information contained in such messages (Type 1 security) and (2) a concern that no unauthorized person obtain access to and make adulterating changes in this information before such information is received by its intended recipients (Type 2 security). Type 1 security is a concern if the information transmitted is, or will be used as a basis for preparation of, confidential or proprietary information. Type 2 security is a concern in transmission of confidential or non-confidential information, such as financial transactions information, where accuracy is of greater importance than secrecy.

Hermann, in U.S. Pat. No. 4,102,521, discloses a system for coding guidance signals that are produced at a central station and transmitted to a self-propelled vehicle, such as a missile or guidable satellite, that is to be guided or whose control surfaces are to be adjusted from time to time. The length of the coded signal is kept low, and transmission of the coded signal is immediately preceded by transmission of a noise signal with uniform power density per unit frequency interval, to frustrate attempts to jam or interfere with transmission and receipt of the coded signal. The coded signal, when received by the vehicle, is decoded and applied to guide or control the vehicle. The concern here is interference with receipt by the intended recipient (the vehicle) of the transmitted message, not receipt and comprehension of the guidance signal by some other entity. Coding and anti-interference measures, but not encryption and decryption, are employed.

Teeter et al disclose use of pseudo-noise modulations and specific address encoding to permit multiple conversations or signal transmissions between a central station and a plurality of vehicles, or between the vehicles, in U.S. Pat. No. 4,117,271. A receiver for such (broadcast) signals is provided with a filter that accepts only signals with the proper address coding and disposes of all other messages. The encoded address also identifies the source of the message. The inventors note that this technique is useful only over modest ranges and that the most suitable frequency range is tens of kilohertz up to tens of megahertz.

Encryption using destination addresses using a TDMA satellite communications system is disclosed in U.S. Pat. No. 4,418,415, issued to Fennel et al. A common encryption/deception key is held by all authorized users of a network. This key is EXclusively ORed with the specified destination address, and the output (digital) signal is passed through an encryption engine, on the satellite and at the intended ground-based receiver, using the same key or another key. The encryption engine output signal is then combined with the channel data to be transmitted in another EXclusive OR circuit and transmitted to the network users. Each of the receivers receives the message and reverses the encryption process, using its own destination address as part of the decryption key. However, only the (single) intended receiver produces a cleartext message that is comprehensible.

Hanas et al, in U.S. Pat. No. 4,709,266, disclose use of s satellite scrambling network to provide messages that are scrambled or encrypted differently for different geographical regions. This is useful for distributing scrambled video, voice and data subscriber messages. A master uplink message (ground-to-satellite) is used to control the scrambling or encryption commands that determine the scrambling applied to each geographical area and/or to groups of individual subscribers.

U.S. Pat. No. 4,739,510, issued to Jeffers et al, discloses insertion of digitized audio and control signals in the horizontal blanking intervals of a television signal. The control signals appear as frames or packets, with a header containing a group address, synchronization and program-related information. A second portion of the header, containing control information addressed only to one or more specified receiver units, allows control of certain receiver functions at the transmission end of the system. The system uses several tiers of message authorization levels and a common audio or video key that is encrypted differently for use by each receiving authorized receiver. An authorized receiver receives only the information intended for that receiver, and unauthorized receivers receive only a scrambled message.

A satellite communication system for financial institutions, with message authentication, is disclosed by Laurance et al in U.S. Pat. No. 4,860,352. Specification of the transmitter position is appended to the message transmitted. The receiver authenticates the message by first comparing this transmitted position information with the actual transmitter information stored in the receiver system. If the two sets of transmitter position information do not agree, the receiver discards the remainder of this message as originating from an invalid sender.

Horne, in U.S. Pat. No. 4,887,296, discloses a three-key cryptographic system for a direct broadcast satellite system, to be used in video broadcasting to a plurality of ground-based receivers, each having a unique address number. A signature key, which is an encryption using the address number for that receiver, is stored in the receiver at the time of manufacturing. At the transmitter, a common key is encrypted, using the unique signature key for a receiver that is targeted for a portion of the message to be transmitted. The data stream contains message portions intended