`
`4,182,933
`11]
`119)
`United States Patent
`
`
`[45] Rosenblum Jan. 8, 1980eaaeceire
`[54] SECURE COMMUNICATION SYSTEM WITH
`[57]
`ABSTRACT
`REMOTE KEY SETTING
`An apparatus for maintaining secure communication
`Inventor: Howard E. Rosenblum,Silver Spring,
`between subscribers. A centrally located key distribu-
`Md.
`tion center, which includes a data processor,is utilized
`:
`.
`;
`°
`as a source of remotely selected working variables
`‘The United States of America ss
`which are utilized to enable secure communication
`[73] Assignee:
`eeeienDe. of the betweenaplurality of selected subscribers. Each sub-
`
`:
`,
`scriberin the system has a unique variable whichidenti-
`[21] Appl. No.: 800,371
`fies him to the data processor, and enables a secure
`communication with the data processor, which will
`[22] Filed:
`Feb, 14, 1969
`pation
`witl
`I
`then provide him with the working variable of the sub-
`Tints C1? nnseseesnesesennnenees H04K 1/00; HO4L 9/00
`[ST]
`scriber that he wishesto call. The key distribution cen-
`
`[52] U.S.CD nseeersreesersnseessernnnernenns 179/1.5 R; 178/,= ter also reiteratively replaces the working variable of
`[58] Field of Search .............seeneeaeanenes 179/1.5; hs the caller, and the called subscriber ifdesired, each time
`/32
`contact is made with the key distribution center.
`Primary Examiner—Howard A.Birmiel
`Attorney, Agent, or Firm—John R. Utermohle
`
`10 Claims, 2 Drawing Figures
`
`20
`yi?
`ee wo
`oo
`STANDARD 1
`r
`
`nan
`5
`TELEPHONE
`
`
`
`
`
`GENERAL
`!
`
`
`TELEPHONE!|
`
`
`
`SYSTEM
`SWITCHING|
`CONTROL
`
`
`
`NETWORK |)
`SWITCHING
`
`
`
`£;
`
`I |
`
`
`
`
`fy
`RANDOM
`ry
`SS ;
`9
`|_| STATE
`i
`SVSTEM
`GENERATOR
`
`
`CONTROL
`|
`
`SWITCHING
`| L----Gppate 4!
`
`
`L-~---|GENERATOR}
`NETWORK
`
`KEY
`GENERATOR
`SeeSe J
`KEY DISTRIBUTION CENTER
`
`PS
`!
`
`SUBSCRIBER 2
`
`PMC Exhibit 2097
`Apple v. PMC
`
`Page 1
`
`
`
`PMC Exhibit 2097
`Apple v. PMC
`IPR2016-00753
`Page 1
`
`
`
`U.S. Patent
`
`Jan. 8, 1980
`
`Sheet 1 of 2
`
`4,182,933
`
`eeea
`
`JOVYOLS|
`SS
`
`Tt
`
`ONIHOLIMS
`
`L---—|aaoTJ0yLNo2|||3WALSAS|||| Y¥aLNdWOd
`
` ||||CTT_||YOLVYANSO||___82__2%Aa||HOLveaNaet-—-—->MDMISR
`ASM9¢ Y3LN3ONOILNGINLSIG
`
`
` YOLVYSN39
`BLivis||WOGNVY
`
`jy,WHOMLSN|JOYLNOD1ONIHOLIMS||WALSAS
`
`||BNOHAT1a.|)Iqwaango!!
`
`13ivadn
`
`PMC Exhibit 2097
`Apple v. PMC
`IPR2016-00753
`Page 2
`
`PMC Exhibit 2097
`Apple v. PMC
`IPR2016-00753
`Page 2
`
`
`
`
`
`
`
`U.S. Patent
`
`Jan. 8, 1980
`
`Sheet 2 of 2
`
`4,182,933
`
`Ze
`
` eo=U!.waaon|!zeJ)|git—=ol-DalguanaatYOLVYAN39
`ska—2-
`
`
`c-----
`
`NSPS|L__GuvaNwis|
`TeSaASOSNVET
`
`CoSe7|YaGOOOA!Le=r—--——
`
`|||||||||||||||||
`
`L
`
`|MOLVYSNZO|—|\LeeTy,
`zg7%
`
`N\
`
`GpNON
`
`Iv
`
`AOIAaG\&YOLINOWovo¢
`
`ONIONANODSAS
`
`MOSHDALIYVd
`
`HOLIMS
`
`SdIASG
`
`AYVYOdWAL
`
`S9VyOLS
`
`Po
`
`eeeeoa
`
`PMC Exhibit 2097
`Apple v. PMC
`IPR2016-00753
`Page 3
`
`PMC Exhibit 2097
`Apple v. PMC
`IPR2016-00753
`Page 3
`
`
`
`
`
`
`1
`
`4,182,933
`
`SECURE
`
`COMMUNICATION SYSTEM WITH
`REMOTE KEY SETTING
`
`5
`
`2
`tion of a working variable in the sense that the’switch
`setting information receivedis notutilized to transmit a
`secure message between the subscriber and another
`subscriber, but rather merely to receive information
`already existent.
`SUMMARYOF THE INVENTION
`Anobject of this invention is to provide a new and
`improved secure communication system which over-
`comes the disadvantagesofthe priorart.
`Anotherobject of the present invention is to provide
`a new and improved secure communication system
`wherein the information necessary to enable secure
`communication is remotely selected.
`Another object of the present invention is to provide
`a new and improved secure communication system
`wherein the information necessary to enable secure
`communicationis reiteratively varied.
`SUMMARY
`
`BACKGROUND OF THE INVENTION
`1. Field of the Invention
`The present invention is a communication system,
`moreparticularly it is a secure communications system
`for maintaining secure communication between sub-
`scribers:
`2. Prior Art
`Prior art secure communication systems which utilize
`at least one working variable for enciphering and deci-
`phering secure messages transmitted therein, do not
`remotely select these working variables for purposes of
`retransmission of a secure message between subscribers
`in the system. These prior art systems utilize a working
`variable which must be known toall subscribers receiv-
`ing the secure message. This working variable, known
`by the subscribers, must be inserted into their enci-
`phering/deciphering means in order to maintain secure
`With these objects in view a secure communication
`communication. If\each subscriber to the system has a
`system may include a remotely selectable means for
`different working variable, the one initiating the mes-
`selecting a key-setting variable and a unique variable
`sage in such a system must have at his disposal the
`and transmitting the remotely selected key-setting vari-
`working variable of the subscriber he wishes to call so
`able, the remotely selectable means including a means
`that he may insert it in his enciphering/deciphering
`for reiteratively replacing the key-setting variable when
`means in order to maintain a secure message between
`the key-setting variable is remotely selected, the reitera-
`subscribers. This requires a substantial
`inventory of
`tive key-setting variable replacement replacing the key-
`working variables at the place of messageinitiation, and
`setting variable necessary to maintain secure communi-
`reception, thus minimizing the security of the system.
`cation the next successive time remote selection occurs;
`Another feature of prior art secure communication
`a first meansforinitiating remote selection, for receiv-
`systems, which has limited desirability from a security
`ing the transmitted remotely selected key-setting vari-
`viewpoint, is the requirement that in order to change
`able, and for transmitting a secure communication enci-
`the working variables utilized in these systems these
`phered in accordance with key-setting variable,thefirst
`variables must be changed in accordance with a prede-
`receiving means being unique to the unique variable;
`termined schedule, known to all subscribers in the sys-
`and a second means for receiving communications from
`tem; thus, thereisonce again a minimization ofsecurity.
`the first receiving means using the most recently ob-
`In the. secure communication system of the present
`tained key-setting variable to enable secure communica-
`invention, the security liabilities of prior art systems are
`overcome by providing for an automatic reiterative
`tion betweenthe first and second receiving means.
`replacement for the working variables of the system
`Other objects and many of the intended advantages
`subscribers, and by providing a means by which the
`of this invention will be readily appreciated as the in-
`working variable of the subscriber which is called is
`vention becomes better understood by reference to the
`remotely selected for purposes of retransmission by the
`following description when taken in conjunction with
`subscriberinitiating the call. By reiteratively replacing
`the following drawings wherein:
`the working variables automatically, there is no need
`FIG.1 is a functional diagram of a system whichis a
`for conforming to a rigid schedule known toall parties.
`preferred embodimentof the present invention, and
`By accomplishing remote selection and reiterative re-
`FIG. 2 is a functional diagram of a portion of the
`placement by some meansexternal to the subscribers to
`system shownin FIG.1.
`the system, at some central location, an absolute maxi-
`Referring now to FIG. 1, whichis a functional dia-
`mization of system security is provided. This is due to
`gram of the entire system of the present invention, a
`the singular remote location of the necessary informa-
`general
`telephone switching network is shown, al-
`tion, as opposed to the multiplicity of locations, one at
`though the basic theory underlining the system is func-
`each subscriber, necessary in prior art systems, as well
`tional with any type of communication media. A sub-
`as the fact that the actual working variable which is
`scriber has a secure module 10 comprising a standard
`utilized, at any given time, is unknowntoall subscribers
`telephone transceiver 11; a standard vocoder 12, or
`in ‘the system, the setting of the enciphering/decipher-
`other speech-to-digit converter means such as a delta-
`ing means of the subscribers being accomplished auto-
`modulation coder, or other digital communication de-
`matically with information received from a remote
`vice, such as a teletypewriter; a key generator 15; a
`selection means. Furthermore, the security of the sys-
`modem 16, whichis a standard modulator-demodulator
`tem of the present invention is enhanced dueto the ease
`communication device for accomplishing conversion of
`of reiterative replacement, which may occuras often as
`a digital signal to an analog type signal, and vice versa,
`once per message instead of once per day, or once per
`for direct delivery to and from a telephone network;
`plurality of messages, as in prior art systems.
`and a system control switching network 17, shown in
`Prior art subscription television systems employing
`more detail in FIG. 2, which supervises the overall
`remote selection of switch setting information in order
`operation of the subscriber module 10. Each subscriber
`to allow the subscriber to receive a scrambled subscrip-
`to the system has an identical secure module with re-
`tion television picture cannot provide for remote selec-
`
`40
`
`45
`
`50
`
`60
`
`65
`
`PMC Exhibit 2097
`Apple v. PMC
`IPR2016-00753
`Page 4
`
`PMC Exhibit 2097
`Apple v. PMC
`IPR2016-00753
`Page 4
`
`
`
`4,182,933
`
`10
`
`40
`
`3
`4
`spect to structure, differing only in its associated secu-
`The_key-distribution-center-computer-associated-
`rity parameters, as will be explained herein below.
`storage device 22, which maybe a drum storage, a tape
`The key distribution center 20 is the heart of the
`storage,a disc storage, or any other acceptable comput-
`system in that it provides the remote selection capabil-
`er-associated-storage means, would contain the unique
`ity, as well as the reiterative replacement capability, of
`variables and key-setting variables, associated with the
`the present invention. The key distribution center 20,
`telephone identification numbers of the subscribers, T;,
`whichis centrally located with respect to the subscrib-
`Tx, for all the subscribers in the secure communication
`system.
`ers to the system, comprises a standard computer 21,
`which has an associated storage means 22; a random
`The function of the various key-setting variables in
`state generator 24, for generating random variables to
`this system is to determine the key that is produced by
`enable reiterative replacement, to be described later; a
`the associated key generators, the key that is generated
`key generator 25; a modem 26; and a standard commu-
`being generated from the key-setting variable, whether
`nication line-finder device 27, which acts as a concen-
`directly or indirectly, the generated key being utilized
`trator and selects the open terminal pair of the modem
`to encipher the communication in order to enable a
`26 when contacted by a subscriber,
`the modem 26
`secure messageto be transmitted, and/or received. The
`shown as a singular modem having a plurality of termi-
`key-setting variables associated with the key generators
`nal pairs, rather than a plurality of modems, forillustra-
`can be electrically changed so as'to alter the key which
`tive purposes. The key distribution center 20 may also
`is produced by the associated key generator, and thus
`contain an update generator 28, shown by hidden lines,
`vary the enciphering/deciphering of the message, en-
`when an alternate embodimentofthe general system is
`abling a more secure system than possible in prior art
`utilized, to be explained later.
`devices. In one embodiment of the general system, the
`Just as the key distribution center 20 is the heart of
`key-setting variable of the called subscriber is directly
`the entire system, the system control switching network
`utilized as the dynamic working variable, which is the
`17, shown in more detail in FIG. 2, is the heart of the
`variable which is ultimately utilized by the associated
`subscriber module 10, as it controls the sequence of
`subscriber key generators to enable secure communica-
`operations occurring in the subscriber module 10, from
`tion between associated subscribers whose key genera-
`the initiation of a call to another subscriber in the sys-
`tors are set in accordance with the dynamic working
`tem, until the cessation of contact with the called sub-
`variable.
`In an alternate embodiment of the general
`scriber, and the going off line. The system control
`system, the key-setting variable of the called subscriber
`switching network 17 contains a storage device 29,
`is not directly utilized as the dynamic working variable,
`but
`instead is combined with an indicator variable,
`which maybe any type of standard storage device com-
`prising either a permanentstorage (read only) and tem-
`which is a variable which denotes the function to be
`porary storage (read-write) portion, or be completely of
`performed on the key-setting variable to updateit, to
`the read-write variety. The selection of storage device
`obtain the dynamic working variable whichis utilized
`to set the associated subscriber key generators.
`29 is merely a matter of choice, the system functioning
`equally well with other types of storage. For purposes
`The normal operating condition ofall the subscriber
`of explanation, we will assume that a permanentstor-
`modules 10 in the secure communication system of the
`age-temporary storage type of storage device 29is uti-
`present invention, when the telephonetransceiver 11 is
`lized.
`on-hook, in the particular embodiment where the key-
`setting variable is directly utilized as the dynamic work-
`A subscriber module storage device 29 would havein
`its permanent storage a unique key-setting variable,
`ing variable, is to have the associated working key-set-
`designated U,this unique key-setting variable being of a
`ting variable, V,filled into its associated key generator
`predetermined bit length, and being used for purposes
`15 while the subscriber is on-hook, so that he may re-
`of secure communication with the key distribution cen-
`ceive a
`secure communication immediately after
`ter computer 21,
`to be explained subsequently;
`the
`contact is established without any further operation
`unique telephone numberofthe subscriber, designated
`being necessary in order to place him in the secure
`mode, unless it is desired to override this automatic
`T;, consisting of the predetermined numberof digits
`which are necessary to uniquely identify the subscriber
`operation with a manual switch means, to be explained
`in the system, the numberofdigits being dependent on
`later. The normal operating condition ofall the sub-
`the numberof subscribers in the system; and the number
`scriber modules 10 in the secure communication system
`of digits necessary to contact any subscriber in a world-
`of the present invention, when the telephone trans-
`ceiver 11 is on-hook,in the alternate embodiment where
`wide system, for example 12 digits; and the uniquetele-
`phone number ofthe key distribution center 20, desig-
`the key-setting variable of the called subscriber is com-
`nated Txpc, consisting of the predetermined number of
`bined with an indicator variable to obtain the dynamic
`working variable, is to have the associated key genera-
`digits necessary to contact the key distribution center 20
`tor 15 blank while the subscriber is on-hook.
`from any point in a world-wide system, for example 12
`digits. The temporary storage portion of the subscriber
`module storage device 29 would contain a key-setting
`variable, designated V, this key-setting variable being
`utilized to maintain a secure communication between
`any subscribers in the system having this key-setting
`variable; and, after a call has been initiated to another
`subscriber in the system,
`this operation to be subse-
`quently explained, the telephone number of the sub-
`scriber being called, designated Tx, consisting of the
`predetermined numberofdigits necessary for contact-
`ing the called subscriber anywhere in the secure com-
`munication network, for example, 12 digits.
`
`Theoperation of the secure communication system of
`the present invention, in order to enable a secure com-
`munication between subscribers for the system, differs
`slightly for each embodiment,
`the differences to be
`subsequently explained,
`the choice of embodiment
`being dependent on the degree of security desired.
`PREFERRED EMBODIMENT
`
`OPERATION
`
`60
`
`65
`
`The operation of the system when the particular
`embodiment, wherein the key-setting variable is di-
`
`PMC Exhibit 2097
`Apple v. PMC
`IPR2016-00753
`Page 5
`
`PMC Exhibit 2097
`Apple v. PMC
`IPR2016-00753
`Page 5
`
`
`
`4,182,933
`
`5
`rectly utilized as the dynamic working variable, willbe
`described first. In this embodiment, the subscriber ‘initi-
`ating the call, for the purposes ofillustration to be
`knownas subscriber 1, dials the telephone number of
`the subscriber he wishes to call, for purposesof illustra-
`tion to be known as subscriber 2, in any known manner.
`This operation inputs the called subscriber’s telephone
`number,letting this number be represented by T,, into
`the temporary storage portion ofthe calling subscriber
`module storage device 29,
`through the programmed
`sequencing switch 30, the sequencing switch 30 control-
`ling the sequence of operations performed at the sub-
`scriber module 10 and being a standard sequencing
`means such as series of cyclical counters, the input to
`the switch being via a terminal pair 31—31 to the stor-
`age device 29 via another terminal pair 32—32. Simulta-
`neously with the insertion of the called subscribertele-
`phone number, T;, into the storage device 29, the pro-
`grammed sequencing switch 30 selects the unique vari-
`able, Uj, of its associated subscriber, which is initiating
`the call, and routes it to its associated key generator 15,
`via another terminal pair 35—35 where it replaces the
`working key-setting variable, V, of the caller by reset-
`ting the key generator 15 using the unique variable, U},
`which is a key-setting variable.
`the pro-
`After this operation has been performed,
`grammed sequencing switch 30 selects the telephone
`number of the key distribution center, Txpc, from the
`permanent storage portion of the storage device 29, and
`routes it to the line 37—37 via a variable rate clock 40,
`which determines the proper readout rate, along the
`associated terminal pair 41—41 at the proper network
`rate determined by the clock 40, which for the Bell
`Telephone System would be 16 pulses per second, to
`the modem 16, where it is output over the telephone line
`37—37 to connect the subscriber to the key distribution
`center 20 through the general telephone switching net-
`work42 via the path shown,for purposes ofillustration,
`by hidden lines 43—43. There is a monitor device 45
`associated with the subscriber modem 16 which senses
`when the key distribution center 20 is on-line, due to a
`supervisory signal being received from the key distribu-
`tion center 20, such as a sudden cessation of the com-
`pleted ringing circuit.
`When the key distribution center 20is called, the line
`finder 27 locates an open terminal pair to its associated
`modem 26, and a supervisory signal, as was just previ-
`ously described,is sent to the subscriber who has trans-
`mitted the telephone number of the key distribution
`center, Txpc, enabling contact to be established.
`When the subscriber receives the supervisory signal,
`from the key distribution center 20, the programmed
`sequencing switch 30 selects the predetermined number
`of digits necessary to uniquely identify the caller, Tj,
`for purposes ofillustration we will assumefive digits,
`from the permanent storage portion of the storage de-
`vice 29, and the same predetermined numberof unique
`identifying digits from the telephone number of the
`called subscriber, T,, in the example being given five
`digits are selected, and routes these to the phoneline
`37—37 via the clock 40, and through the modem 16 at
`a rate higher than the telephone switching network rate,
`this rate once again determined by the clock 40,via the
`established path 43—43 to the keydistribution center 20
`whereit is routed to the computer 21. A higherinfor-
`mation transfer rate is utilized due to the fact that the
`computer 21 information acceptance rate is faster than
`that of the telephone switching network 42, and this
`
`_ 5
`
`25
`
`40
`
`45
`
`50
`
`60
`
`65
`
`6
`will minimize the time necessary to obtain the security
`parameters, which are the key-setting variables.
`The computer21 looksup in its associated storage 22
`the unique key-setting variable ofthe caller, U;, and the
`working key-setting variable, of the party being called,
`for purposes of illustration designated Vx, from the
`identification contact variables it has received, Tj), and
`Tx. The computer 21 then feeds the caller’s unique
`key-setting variable, Uj,
`into a high speed dynamic
`logic key generator 25, as the enciphering variable
`which will determine the key generated by the key
`generator 25. The computer 21 then draws a new work-
`ing key-setting variable for the caller, Via, from the
`random state generator 24, which may be any random
`source, and puts this quantity in its temporary storage
`47.
`Atthis point, the computer 21 will generate a parity
`word so that error correction, or parity checking, may
`be accomplished in order to maintain the integrity of the
`transmission. If there is sufficient faith in the integrity of
`the transmission with the equipmentthatis utilized, the
`error correction procedure may be eliminated.
`Several schemes may beutilized in order to accom-
`plish parity checking. In one such scheme the computer
`21 generates a parity word from the bit stream com-
`posed of the working key-setting variables of the called
`subscriber, V,, and the reiteratively-replaced, working-
`key-setting variable, Via, of the caller, in order to pro-
`vide a subscriber check of the accuracy of the transmis-
`sion. This parity word is transmitted along with the
`information.
`The computer21 then inserts the working key-setting
`variable of the called subscriber, Vx, the reiteratively-
`replaced, working-key-setting variable of the caller,
`Vie, and the parity wordinto its associated key genera-
`tor 25 where it is enciphered in accordance with the
`unique key-setting variable of the caller subscriber, U1.
`The computer 21 then transmits this information from
`the key generator 25 at the high computer 21 informa-
`tion rate to the caller subscriber via the established path
`Ba.
`After this information is sent from the computer 21,
`the enciphered stream is received by the caller sub-
`scriber through its modem 16, where this enciphered
`stream is immediately routed to the key generator 15
`and deciphered. In this instance, it is not necessary to
`first go through the programmed sequencing switch 30,
`this being the only such instance in which programmed
`sequencing switch 30 is bypassed. After this information
`is deciphered, the key generator 15 sends this informa-
`tion to the programmed sequencing switch 30, which
`then commences parity checking by routing the infor-
`mation to the parity check device 48, which could be
`any standard parity checking device.
`If the parity check results in a lack of parity condi-
`tion, then a signal is sent to the caller, indicating parity
`does not exist and he mustinitiate the call again; a signal
`is also sent to the key distribution center 20. Upon re-
`ceipt of the lack-of-parity signal by the key distribution
`center 20, the computer 21 clears the reiterative-work-
`ing-key-setting-variable replacement of the caller, Via,
`from its temporary storage 47 location and goes off-line.
`The caller must then reinitiate the operationif hestill
`desires to contact the called subscriber. Since parity did
`not exist, the working key-setting variable of the caller
`was notreiteratively replaced,as it was notinserted into
`the computer associated storage device 22.
`
`PMC Exhibit 2097
`Apple v. PMC
`IPR2016-00753
`Page 6
`
`PMC Exhibit 2097
`Apple v. PMC
`IPR2016-00753
`Page 6
`
`
`
`4,182,933
`
`7
`If the parity check results in an existence of parity
`condition, then a parity check signal indicating this is
`sent to the key distribution center 20, and the reitera-
`tively-replaced, working-key-setting variable of the
`caller, Via, is entered in the subscriber’s storage device
`29 in place of the previous subscriber working key-set-
`ting variable V1; and the working key-setting variable
`of the called subscriber, Vx, is routed to the key genera-
`tor 15 in order to reset the key generator 15 to a new
`key in accordance with the working key-setting vari-
`able of the called subscriber, Vx, in place of the unique
`key-setting variable of the caller subscriber, U}.
`The parity check signal indicating an existence of
`parity condition that is transmitted to the key distribu-
`tion center 20, is routed to the computer 21, the com-
`puter 21 then entering the caller subscriber reiterative-
`working-key-setting-variable-replacement, Vig,
`in its
`associated storage device 22 in place of the previous
`working key-setting variable of the caller subscriber,
`V}, clears its temporary storage 47, and causes the key
`distribution center 20 to go off-line.
`After the caller subscriber enters the working key-
`setting variable of the called subscriber, Vx, in its key
`generator 15, the programmed sequencing switch 30
`removes the telephone numberof the called subscriber,
`Tx, from the temporary storage portion ofits storage
`device 29, and routes this phone number, T,, to the
`phoneline 37—37, via the clock 40, at the propertele-
`phone switching network rate through its modem 16.
`If the called subscriber telephoneis off-hook and a
`busy signal is received, or if no answer is received, or at
`any time whenthe caller subscriber hangs up byplacing
`his telephone 11 on-hook, the working key-setting vari-
`able ofthe called subscriber, Vx, is cleared from the key
`generator 15; the called subscriber’s telephone number,
`Tx, is cleared from the storage device 29; and the sub-
`scriber module 10 reverts to the normal condition, in
`this case resetting the key generator 15 in accordance
`with the most recently obtained working key-setting
`variable associated with it, Vj.
`If the called subscriber answers, then a connectionis
`established via a path 51—51, shown forillustrative
`purposes in FIG. 1 by hiddenlines, and the secure com-
`munication enciphered by the key, generated in accor-
`dance with the called subscriber key-setting working
`variable, Vx, is received through the called subscriber’s
`modem 53, which is identical with the caller subscrib-
`er’s modem 16, and routed to a digital-signal-rate detec-
`tor 54, which is a device which merely recognizes the
`transmission of a digital signal as opposed to an audio
`signal indicating the presence of cipher, the digital rate
`detector 54 being any standardbit rate detection means,
`such as a narrowfilter at the frequencyofthe desired bit
`rate. The caller subscriber also transmits a cipher syn-
`chronizing stream in order to synchronize the key gen-
`erators 15, 55, which areidentical structurally, although
`this structural identity is not necessary for the operation
`of this system.
`Whenthedigital-signal-rate detector 54 of the called
`subscriber recognizes that it is cipher which is being
`transmitted, it passes this signal and routesit to the key
`generator 55 where it is deciphered and then, in turn,
`routed to the vocoder 56, and then to the associated
`telephone transceiver 57, whereby a secure communica-
`tion is received.
`A secure conversation may then be carried on be-
`tween the subscribers, enciphered by the key derived in
`accordance with the working key-setting variable of the
`
`_0
`
`20
`
`45
`
`60
`
`65
`
`8
`called subscriber, Vx, a message proceeding from the
`telephonetransceiver; through the vocoder; to the key
`generator, whereit is enciphered; through the modem;
`through the general telephone switching network into
`the other party’s modem; through his key generator,
`whereit is deciphered; through this vocoder; to his
`telephone transceiver. After the call is completed, and
`the caller hangsup, as was previously stated, his module
`10 reverts to the normal condition, his key generator 15
`being reset in accordance with his most recently ob-
`tained working key-setting variable, Vj. There is no
`need for the key generator 55ofthe called subscriber to
`be resetas it is already in its normal state, V, when the
`called subscriber hangs up.
`If it is desired, reiterative replacement can be applied
`to the working key-setting variable of the called sub-
`scriber, as well as the caller subscriber, so that it would
`not be necessary for the called subscriber to initiate a
`telephonecall to another subscriber in order to have his
`working key-setting variable, Vx, reiteratively replaced.
`A possible procedure for accomplishing this, when the
`above-described embodimentis utilized, is to have the
`programmed sequencing switch of the called sub-
`scriber, after he goes off-line, select the telephone num-
`ber of the key distribution center, Txpc, from his stor-
`age device and route it to the telephone line, then to the
`key distribution center 20 thusestablishing a connection
`path 60—60, shown forillustrative purposes in FIG. 1
`by hidden lines, and the same reiterative replacement
`operation as was previously described for the calier
`subscriber would occur, with the exception that, since
`anothersubscriber is not being called, the computer 21
`will not receive any called subscriber telephone num-
`ber, Tx, but rather will receive a stream of zeros in its
`place, since this position has been cleared from the
`storage device of the subscriber.
`Upon receipt of this stream of zeros in place of Tx,
`the computer 21 will knowthatit is reiteratively replac-
`ing the called subscriber’s working key-setting variable
`Vx. When parity exists and the key distribution center
`20 goes off-line,
`the reiterative replacement of the
`working key setting variable, Vx, will be completed; the
`new reiterative replacement working key-setting vari-
`able, Vxa, will have been inserted in the computer asso-
`ciated storage device 22 in place of the previous work-
`ing key-setting variable, V,; and the key generator 55 of
`the called subscriber will have been reset in accordance
`with the new reiterative-replacement-working-key-set-
`ting-variable, Vxq. The called subscriber will then also
`go off-line.
`ALTERNATE EMBODIMENT
`
`The operation of the system when the particular
`embodiment wherein the key-setting variable of the
`called subscriber is combined with an indicator variable
`to obtain the dynamic working variableis utilized will
`now be described. In this embodiment, the subscriber
`key generators 15, 55 are blank in the normalstate, as
`was previously mentioned.
`The subscriberinitiating the call, subscriber 1, does so
`in the same manneras in the previously described em-
`bodiment. The subsequent procedure for contacting the
`key distribution center 20, including selecting U; from
`the subscriber associated storage device 29 and routing
`it to the associated key generator 15, where it resets the
`key generator 15, is also accomplished in the same man-
`ner as for the previously described embodiment, with
`the exception that the key generator 15 is reset from its
`
`
`
`ss
`
`i
`
`PMC Exhibit 2097
`Apple v. PMC
`IPR2016-00753
`Page 7
`
`PMC Exhibit 2097
`Apple v. PMC
`IPR2016-00753
`Page 7
`
`
`
`4,182,933
`
`50
`
`55
`
`65
`
`9
`normal blankstate rather than the normal V} state of the
`previous embodiment.
`The operation of the key distribution center 20 in this
`instanceis similar to the operation previously described,
`with the exception of the selection of an indicator vari-
`able for the called subscriber and the derivation of the
`dynamic working variable of the called subscriber from
`the indicator variable and key-setting variable, this op-
`eration to be subsequently described.
`After the caller subscriber, subscriber 1, has transmit-
`ted the caller and called subscriber contact variables,
`T, and Tjj, necessary to uniquely identify the subscrib-
`ers in the system, to the key distribution center 20, the
`computer 21 looks up in its associated storage 22 the
`unique: key-setting variable of the caller, U, and the
`key-setting variable of the party being called, Vx, from
`the identification contact variables it has received, as in
`the previously described embodiment.
`The computer 21 then draws a new key-setting vari-
`able for the caller, Vj, and an indicator variable for the
`called subscriber, I,, from the random state generator
`24, which may be any random source. The computer 21
`then routes the called subscriber key-setting and indica-
`tor variables, Vx, I,, to.an update generator 28, which
`then forms the dynamic working variable of t