Internet protocol telephony security architecture

US 20050027985A1

(54) INTERNET PROTOCOL TELEPHONY SECURITY ARCHITECTURE

(75) Inventors: Eric J. Sprunk, Carlsbad, CA (US);

Paul Moroney, Olivenhain, CA (US);
Alexander Medvinsky, San Diego, CA
(US); Steven E. Anderson, La Jolla,
CA (US); Jonathan A. Fellows, Del
Mar, CA (US)

Correspondence Address:

TOWNSEND AND TOWNSEND AND CREW,
LLP

TWO EMBARCADERO CENTER
EIGHTH FLOOR

SAN FRANCISCO, CA 94111-3834 (US)

(73) Assignee: General Instrument Corporation, Horsham, PA

(21) Appl. No.: 10/893,047

(22) Filed: Jul. 15, 2004

Related U.S. Application Data

(63) Continuation ol application No. 09/546,900, filed on Apr. 10, 2000.

(60) Provisional application No. 60/128,772, filed on Apr. 9, 1999.

Publication Classification

(51) Int. CI.7 11041. 12/16

(52) U.S. CI 713/171; 379/900; 713/155

(57) ABSTRACT

A secure Internet Protocol (IP) telephony system, apparatus, and methods are disclosed. Communications over an IP telephony system can be secured by securing communications to and from a Cable Telephony Adapter (CTA). The system can include one or more CTAs, network servers, servers configured as signaling controllers, key distribution centers (KDC), and can include gateways that couple the IP telephony system to a Public Switched Telephone Network (PSTN). Each CTA can be configured as secure hardware and can be configured with multiple encryption keys that are used to communicate signaling or bearer channel communications. The KDC can be configured to periodically distribute symmetric encryption keys to secure communications between devices that have been provisioned to operate in the system and signaling controllers. The secure devices, such as the CTA, can communicate with other secure devices by establishing signaling and bearer channels that are encrypted with session specific symmetric keys derived from a symmetric key distributed by a signaling controller.