Secure voice
Encyclopedia
Secure voice is a term in cryptography
for the encryption of voice communication over a range of communication types such as radio
, telephone
or IP
.
when secure communication was paramount to the US armed forces. During that time, noise was simply added to a voice signal to prevent enemies from listening to the conversations. Noise was added by playing a record of noise in synch with the voice signal and when the voice signal reached the receiver, the noise signal was subtracted out, leaving the original voice signal. In order to subtract out the noise, the receiver need to have the exact same noise signal and the noise records were only made in pairs; one for the transmitter and one for the receiver. Having only two copies of records made it impossible for the wrong receiver to decrypt the signal. To implement the system, the army contracted Bell Laboratories and they developed a system called SIGSALY
. With SIGSALY, ten channels were used to sample the voice frequency
spectrum from 250 Hz to 3 kHz and two channels were allocated to sample voice pitch and background hiss. In the time of SIGSALY, the transistor had not been developed and the digital sampling was done by circuits using the model 2051 Thyratron
vacuum tube. Each SIGSALY terminal used 40 racks of equipment weighing 55 tons and filled a large room. This equipment included radio transmitters and receivers and large phonograph turntables. The voice was keyed to two 16-inch vinyl phonograph records that contained a Frequency Shift Keying (FSK) audio tone. The records were played on large precise turntables in synch with the voice transmission.
From the introduction of voice encryption to today, encryption techniques have evolved drastically. Digital technology has effectively replaced old analog methods of voice encryption and by using complex algorithms, voice encryption has become much more secure and efficient. One relatively modern voice encryption method is Sub-band coding
. With Sub-band Coding, the voice signal is split into multiple frequency bands, using multiple bandpass filters that cover specific frequency ranges of interest. The output signals from the bandpass filters are then lowpass translated to reduce the bandwidth, which reduces the sampling rate. The lowpass signals are then quantized and encoded using special techniques like, Pulse Code Modulation (PCM). After the encoding stage, the signals are multiplexed and sent out along the communication network. When the signal reaches the receiver, the inverse operations are applied to the signal to get it back to its original state. Motorola
developed a voice encryption system called Digital Voice Protection (DVP) as part of their first generation of voice encryption techniques. DVP uses a self-synchronizing encryption technique known as cipher feedback (CFB). The basic DVP algorithm is capable of 2.36 x 1021 different "keys" based on a key length of 32 bits." The extremely high amount of possible keys associated with the early DVP algorithm, makes the algorithm very robust and gives the user a high level of security. As with any voice encryption system, the encryption key is required to decrypt the signal with a special decryption algorithm.
analog system (originally designed for HF
but used on VHF and UHF) has proven that digital compression and encryption methods are not always required to achieve voice security. Although CODAN is by no means original or unique technology or a unique product, it has achieved recognition in the security market that exclusively digital methods aren't always needed. Voice inversion
methods were commonplace in the 20th century. Few analog voice offerings exist due to the rise of exclusively digital solutions to the voice security problem.
system to provide confidentiality. What makes ciphony difficult in practice is a need to send the encrypted signal over the same voiceband
communication circuits used to transmit unencrypted voice, e.g. analog telephone line
s or mobile radio
s.
This has led to the use of Voice Coders (vocoder
s) to achieve tight bandwidth compression of the speech signals. NSA
's STU-III
, KY-57
and SCIP are examples of systems that operate over existing voice
circuits. The STE
system, by contrast, requires wide bandwidth ISDN
lines for its normal mode of operation. For encrypting GSM and VoIP, which are digital anyway, the standard protocol ZRTP
could be used as an end-to-end encryption technology.
Secure voice's robustness greatly benefits from having the voice data compressed into very low bit-rates by special component called speech coding
, voice compression or voice coder (also known as vocoder
). The old secure voice compression standards include (CVSD, CELP, LPC-10e and MELP, where the latest standard is the state of the art MELPe algorithm.
speech coding standard used mainly in military applications and satellite communications, secure voice, and secure radio devices. Its development was led and supported by NSA
, and NATO. The US government's MELPe secure voice standard is also known as MIL-STD-3005, and the NATO's MELPe secure voice standard is also known as STANAG
-4591.
The 2400 bit/s MELP was created by Texas Instruments
, and first standardized in 1997 and was known as MIL-STD-3005. Between 1998 and 2001, a new MELP-based vocoder was created at half the rate (i.e. 1200 bit/s) and substantial enhancements were added to the MIL-STD-3005 by SignalCom (later acquired by Microsoft
) and AT&T
, which included (a) additional new vocoder at half the rate (i.e. 1200 bit/s), (b) substantially improved encoding (analysis), (c) substantially improved decoding (synthesis), (d) Noise-Preprocessing for removing background noise, (e) transcoding between the 2400 bit/s and 1200 bit/s bitstreams. This fairly significant development was aimed to create a new coder at half the rate and have it interoperable with the old MELP standard.
This enhanced-MELP (also known as MELPe) was adopted as the new MIL-STD-3005 in 2001 in form of annexes and supplements made to the original MIL-STD-3005. The significant breakthrough of the 1200 bit/s MELPe enables the same quality as the old 2400 bit/s MELP's at half the rate!
One of the greatest advantages of the new 2400 bit/s MELPe is that it shares the same bit format as MELP, and hence can interoperate with legacy MELP systems, but would deliver better quality at both ends. MELPe provides much better quality than all older military standards, especially in noisy environments such as battlefield and vehicles and aircraft.
In 2002, the US DoD MELPe was adopted also as NATO standard, known as STANAG
-4591. As part of NATO testing for new NATO standard, MELPe was tested against other candidates such as France
's HSX (Harmonic Stochastic eXcitation) and Turkey
's SB-LPC (Split-Band Linear Predictive Coding), as well as the old secure voice standards such as FS1015 LPC-10e (2.4 kbit/s), FS1016 CELP (4.8 kbit/s) and CVSD (16 kbit/s). Subsequently, the MELPe won also the NATO competition, surpassing the quality of all other candidates as well as the quality of all old secure voice standards (CVSD, CELP and LPC-10e).
The NATO competition concluded that MELPe substantially improved performance (in terms of speech quality, intelligibility, and noise immunity), while reducing throughput requirements. The NATO testing also included interoperability tests, used over 200 hours of speech data, and was conducted by 3 test laboratories world wide.
In 2005, a new 600 bit/s rate MELPe vocoder was added to the NATO standard STANAG-4591 by Thales
(France
), and there are more advanced efforts to lower the bitrates to 300 bit/s and even 150 bit/s.
Cryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties...
for the encryption of voice communication over a range of communication types such as radio
Radio
Radio is the transmission of signals through free space by modulation of electromagnetic waves with frequencies below those of visible light. Electromagnetic radiation travels by means of oscillating electromagnetic fields that pass through the air and the vacuum of space...
, telephone
Telephone
The telephone , colloquially referred to as a phone, is a telecommunications device that transmits and receives sounds, usually the human voice. Telephones are a point-to-point communication system whose most basic function is to allow two people separated by large distances to talk to each other...
or IP
Voice over IP
Voice over Internet Protocol is a family of technologies, methodologies, communication protocols, and transmission techniques for the delivery of voice communications and multimedia sessions over Internet Protocol networks, such as the Internet...
.
History
The implementation of voice encryption dates back to World War IIWorld War II
World War II, or the Second World War , was a global conflict lasting from 1939 to 1945, involving most of the world's nations—including all of the great powers—eventually forming two opposing military alliances: the Allies and the Axis...
when secure communication was paramount to the US armed forces. During that time, noise was simply added to a voice signal to prevent enemies from listening to the conversations. Noise was added by playing a record of noise in synch with the voice signal and when the voice signal reached the receiver, the noise signal was subtracted out, leaving the original voice signal. In order to subtract out the noise, the receiver need to have the exact same noise signal and the noise records were only made in pairs; one for the transmitter and one for the receiver. Having only two copies of records made it impossible for the wrong receiver to decrypt the signal. To implement the system, the army contracted Bell Laboratories and they developed a system called SIGSALY
SIGSALY
In cryptography, SIGSALY was a secure speech system used in World War II for the highest-level Allied communications....
. With SIGSALY, ten channels were used to sample the voice frequency
Voice frequency
A voice frequency or voice band is one of the frequencies, within part of the audio range, that is used for the transmission of speech.In telephony, the usable voice frequency band ranges from approximately 300 Hz to 3400 Hz...
spectrum from 250 Hz to 3 kHz and two channels were allocated to sample voice pitch and background hiss. In the time of SIGSALY, the transistor had not been developed and the digital sampling was done by circuits using the model 2051 Thyratron
Thyratron
A thyratron is a type of gas filled tube used as a high energy electrical switch and controlled rectifier. Triode, tetrode and pentode variations of the thyratron have been manufactured in the past, though most are of the triode design...
vacuum tube. Each SIGSALY terminal used 40 racks of equipment weighing 55 tons and filled a large room. This equipment included radio transmitters and receivers and large phonograph turntables. The voice was keyed to two 16-inch vinyl phonograph records that contained a Frequency Shift Keying (FSK) audio tone. The records were played on large precise turntables in synch with the voice transmission.
From the introduction of voice encryption to today, encryption techniques have evolved drastically. Digital technology has effectively replaced old analog methods of voice encryption and by using complex algorithms, voice encryption has become much more secure and efficient. One relatively modern voice encryption method is Sub-band coding
Sub-band coding
Sub-band coding is any form of transform coding that breaks a signal into a number of different frequency bands and encodes each one independently. This decomposition is often the first step in data compression for audio and video signals....
. With Sub-band Coding, the voice signal is split into multiple frequency bands, using multiple bandpass filters that cover specific frequency ranges of interest. The output signals from the bandpass filters are then lowpass translated to reduce the bandwidth, which reduces the sampling rate. The lowpass signals are then quantized and encoded using special techniques like, Pulse Code Modulation (PCM). After the encoding stage, the signals are multiplexed and sent out along the communication network. When the signal reaches the receiver, the inverse operations are applied to the signal to get it back to its original state. Motorola
Motorola
Motorola, Inc. was an American multinational telecommunications company based in Schaumburg, Illinois, which was eventually divided into two independent public companies, Motorola Mobility and Motorola Solutions on January 4, 2011, after losing $4.3 billion from 2007 to 2009...
developed a voice encryption system called Digital Voice Protection (DVP) as part of their first generation of voice encryption techniques. DVP uses a self-synchronizing encryption technique known as cipher feedback (CFB). The basic DVP algorithm is capable of 2.36 x 1021 different "keys" based on a key length of 32 bits." The extremely high amount of possible keys associated with the early DVP algorithm, makes the algorithm very robust and gives the user a high level of security. As with any voice encryption system, the encryption key is required to decrypt the signal with a special decryption algorithm.
Analog Secure Voice technologies
One does not necessarily need digital secure voice to achieve security, as the Australian CODANCodan
Codan Limited is a manufacturer and supplier of communications, metal detection, and electronic equipment, headquartered in Adelaide, South Australia with revenue of A$189.3 million ....
analog system (originally designed for HF
High frequency
High frequency radio frequencies are between 3 and 30 MHz. Also known as the decameter band or decameter wave as the wavelengths range from one to ten decameters . Frequencies immediately below HF are denoted Medium-frequency , and the next higher frequencies are known as Very high frequency...
but used on VHF and UHF) has proven that digital compression and encryption methods are not always required to achieve voice security. Although CODAN is by no means original or unique technology or a unique product, it has achieved recognition in the security market that exclusively digital methods aren't always needed. Voice inversion
Voice inversion
Voice Inversion scrambling is an analog method of obscuring the content of a transmission. It sometimes used in public service radio, automobile racing, cordless telephones and the Family Radio Service. Without a descrambler, the transmission makes the speaker sound like "Donald Duck"...
methods were commonplace in the 20th century. Few analog voice offerings exist due to the rise of exclusively digital solutions to the voice security problem.
Digital
A digital secure voice usually includes two components, a digitizer to convert between speech and digital signals and an encryptionEncryption
In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...
system to provide confidentiality. What makes ciphony difficult in practice is a need to send the encrypted signal over the same voiceband
Voiceband
In electronics, voiceband means the typical human hearing frequency range that is from 20 Hz to 20 kHz. In telephony, it means the frequency range normally transmitted by a telephone line, generally about 200–3600 Hz. Frequency-division multiplexing in telephony normally uses...
communication circuits used to transmit unencrypted voice, e.g. analog telephone line
Telephone line
A telephone line or telephone circuit is a single-user circuit on a telephone communication system...
s or mobile radio
Mobile Radio
This article is about professional equipment. For mobile radios used in amateur radio, see amateur radio mobile operation. Mobile radio or mobiles refer to wireless communications systems and devices which are based on radio frequencies, and where the path of communications is movable on either...
s.
This has led to the use of Voice Coders (vocoder
Vocoder
A vocoder is an analysis/synthesis system, mostly used for speech. In the encoder, the input is passed through a multiband filter, each band is passed through an envelope follower, and the control signals from the envelope followers are communicated to the decoder...
s) to achieve tight bandwidth compression of the speech signals. NSA
National Security Agency
The National Security Agency/Central Security Service is a cryptologic intelligence agency of the United States Department of Defense responsible for the collection and analysis of foreign communications and foreign signals intelligence, as well as protecting U.S...
's STU-III
STU-III
STU-III is a family of secure telephones introduced in 1987 by the NSA for use by the United States government, its contractors, and its allies. STU-III desk units look much like typical office telephones, plug into a standard telephone wall jack and can make calls to any ordinary phone user...
, KY-57
KY-57
The Speech Security Equipment , TSEC/KY-57, is a portable, tactical cryptographic device in the VINSON family, designed to provide voice encryption for a range of military communication devices such as radio or telephone....
and SCIP are examples of systems that operate over existing voice
Plain old telephone service
Plain old telephone service is the voice-grade telephone service that remains the basic form of residential and small business service connection to the telephone network in many parts of the world....
circuits. The STE
Secure Terminal Equipment
Secure Terminal Equipment is the U.S. Government's current , encrypted telephone communications system for wired or "landline" communications. STE is designed to use ISDN telephone lines which offer higher speeds of up to 128k bits per second and are all digital...
system, by contrast, requires wide bandwidth ISDN
Integrated Services Digital Network
Integrated Services Digital Network is a set of communications standards for simultaneous digital transmission of voice, video, data, and other network services over the traditional circuits of the public switched telephone network...
lines for its normal mode of operation. For encrypting GSM and VoIP, which are digital anyway, the standard protocol ZRTP
ZRTP
ZRTP is a cryptographic key-agreement protocol to negotiate the keys for encryption between two end points in a Voice over Internet Protocol phone telephony call based on the Real-time Transport Protocol. It uses Diffie-Hellman key exchange and the Secure Real-time Transport Protocol for...
could be used as an end-to-end encryption technology.
Secure voice's robustness greatly benefits from having the voice data compressed into very low bit-rates by special component called speech coding
Speech coding
Speech coding is the application of data compression of digital audio signals containing speech. Speech coding uses speech-specific parameter estimation using audio signal processing techniques to model the speech signal, combined with generic data compression algorithms to represent the resulting...
, voice compression or voice coder (also known as vocoder
Vocoder
A vocoder is an analysis/synthesis system, mostly used for speech. In the encoder, the input is passed through a multiband filter, each band is passed through an envelope follower, and the control signals from the envelope followers are communicated to the decoder...
). The old secure voice compression standards include (CVSD, CELP, LPC-10e and MELP, where the latest standard is the state of the art MELPe algorithm.
Digital Methods using Voice Compression: MELP or MELPe
The MELPe or enhanced-MELP (Mixed Excitation Linear Prediction) is a United States Department of DefenseUnited States Department of Defense
The United States Department of Defense is the U.S...
speech coding standard used mainly in military applications and satellite communications, secure voice, and secure radio devices. Its development was led and supported by NSA
National Security Agency
The National Security Agency/Central Security Service is a cryptologic intelligence agency of the United States Department of Defense responsible for the collection and analysis of foreign communications and foreign signals intelligence, as well as protecting U.S...
, and NATO. The US government's MELPe secure voice standard is also known as MIL-STD-3005, and the NATO's MELPe secure voice standard is also known as STANAG
STANAG
STANAG is the NATO abbreviation for Standardization Agreement, which sets up processes, procedures, terms, and conditions for common military or technical procedures or equipment between the member countries of the alliance. Each NATO state ratifies a STANAG and implements it within their own...
-4591.
The 2400 bit/s MELP was created by Texas Instruments
Texas Instruments
Texas Instruments Inc. , widely known as TI, is an American company based in Dallas, Texas, United States, which develops and commercializes semiconductor and computer technology...
, and first standardized in 1997 and was known as MIL-STD-3005. Between 1998 and 2001, a new MELP-based vocoder was created at half the rate (i.e. 1200 bit/s) and substantial enhancements were added to the MIL-STD-3005 by SignalCom (later acquired by Microsoft
Microsoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
) and AT&T
AT&T
AT&T Inc. is an American multinational telecommunications corporation headquartered in Whitacre Tower, Dallas, Texas, United States. It is the largest provider of mobile telephony and fixed telephony in the United States, and is also a provider of broadband and subscription television services...
, which included (a) additional new vocoder at half the rate (i.e. 1200 bit/s), (b) substantially improved encoding (analysis), (c) substantially improved decoding (synthesis), (d) Noise-Preprocessing for removing background noise, (e) transcoding between the 2400 bit/s and 1200 bit/s bitstreams. This fairly significant development was aimed to create a new coder at half the rate and have it interoperable with the old MELP standard.
This enhanced-MELP (also known as MELPe) was adopted as the new MIL-STD-3005 in 2001 in form of annexes and supplements made to the original MIL-STD-3005. The significant breakthrough of the 1200 bit/s MELPe enables the same quality as the old 2400 bit/s MELP's at half the rate!
One of the greatest advantages of the new 2400 bit/s MELPe is that it shares the same bit format as MELP, and hence can interoperate with legacy MELP systems, but would deliver better quality at both ends. MELPe provides much better quality than all older military standards, especially in noisy environments such as battlefield and vehicles and aircraft.
In 2002, the US DoD MELPe was adopted also as NATO standard, known as STANAG
STANAG
STANAG is the NATO abbreviation for Standardization Agreement, which sets up processes, procedures, terms, and conditions for common military or technical procedures or equipment between the member countries of the alliance. Each NATO state ratifies a STANAG and implements it within their own...
-4591. As part of NATO testing for new NATO standard, MELPe was tested against other candidates such as France
France
The French Republic , The French Republic , The French Republic , (commonly known as France , is a unitary semi-presidential republic in Western Europe with several overseas territories and islands located on other continents and in the Indian, Pacific, and Atlantic oceans. Metropolitan France...
's HSX (Harmonic Stochastic eXcitation) and Turkey
Turkey
Turkey , known officially as the Republic of Turkey , is a Eurasian country located in Western Asia and in East Thrace in Southeastern Europe...
's SB-LPC (Split-Band Linear Predictive Coding), as well as the old secure voice standards such as FS1015 LPC-10e (2.4 kbit/s), FS1016 CELP (4.8 kbit/s) and CVSD (16 kbit/s). Subsequently, the MELPe won also the NATO competition, surpassing the quality of all other candidates as well as the quality of all old secure voice standards (CVSD, CELP and LPC-10e).
The NATO competition concluded that MELPe substantially improved performance (in terms of speech quality, intelligibility, and noise immunity), while reducing throughput requirements. The NATO testing also included interoperability tests, used over 200 hours of speech data, and was conducted by 3 test laboratories world wide.
In 2005, a new 600 bit/s rate MELPe vocoder was added to the NATO standard STANAG-4591 by Thales
Thales
Thales of Miletus was a pre-Socratic Greek philosopher from Miletus in Asia Minor, and one of the Seven Sages of Greece. Many, most notably Aristotle, regard him as the first philosopher in the Greek tradition...
(France
France
The French Republic , The French Republic , The French Republic , (commonly known as France , is a unitary semi-presidential republic in Western Europe with several overseas territories and islands located on other continents and in the Indian, Pacific, and Atlantic oceans. Metropolitan France...
), and there are more advanced efforts to lower the bitrates to 300 bit/s and even 150 bit/s.
See also
- ScramblerScramblerIn telecommunications, a scrambler is a device that transposes or inverts signals or otherwise encodes a message at the transmitter to make the message unintelligible at a receiver not equipped with an appropriately set descrambling device...
- MELPe
- MELP
- CryptographyCryptographyCryptography is the practice and study of techniques for secure communication in the presence of third parties...
- SIGSALYSIGSALYIn cryptography, SIGSALY was a secure speech system used in World War II for the highest-level Allied communications....
- SCIP
- Secure telephoneSecure telephoneA secure telephone is a telephone that provides voice security in the form of end-to-end encryption for the telephone call, and in some cases also the mutual authentication of the call parties, protecting them against a man-in-the-middle attack...
- Secure Terminal EquipmentSecure Terminal EquipmentSecure Terminal Equipment is the U.S. Government's current , encrypted telephone communications system for wired or "landline" communications. STE is designed to use ISDN telephone lines which offer higher speeds of up to 128k bits per second and are all digital...
- VINSONVINSONVINSON is a family of voice encryption devices used by U.S. and allied military and law enforcement, based on the SAVILLE encryption algorithm and 16 kbit/s CVSD audio compression. It replaces the Vietnam War-era NESTOR family....
- VoIP VPNVoIP VPNA VoIP VPN combines voice over IP and virtual private network technologies to offer a method for delivering secure voice. Because VoIP transmits digitized voice as a stream of data, the VoIP VPN solution accomplishes voice encryption quite simply, applying standard data-encryption mechanisms...
- NSA encryption systemsNSA encryption systemsThe National Security Agency took over responsibility for all U.S. Government encryption systems when it was formed in 1952. The technical details of most NSA-approved systems are still classified, but much more about its early systems has become known and its most modern systems share at least...
- ZRTPZRTPZRTP is a cryptographic key-agreement protocol to negotiate the keys for encryption between two end points in a Voice over Internet Protocol phone telephony call based on the Real-time Transport Protocol. It uses Diffie-Hellman key exchange and the Secure Real-time Transport Protocol for...