(19) United States
(12) Patent Application Publication (io) Pub. No.: US 2005/0027985 Al
Sprunk et al. (43) Pub. Date: Feb. 3,2005
(54) INTERNET PROTOCOL TELEPHONY SECURITY ARCHITECTURE
(75) Inventors: Eric J. Sprunk, Carlsbad, CA (US);
Paul Moroney, Olivenhain, CA (US);
Alexander Medvinsky, San Diego, CA
(US); Steven E. Anderson, La Jolla,
CA (US); Jonathan A. Fellows, Del
Mar, CA (US)
TOWNSEND AND TOWNSEND AND CREW,
TWO EMBARCADERO CENTER
SAN FRANCISCO, CA 94111-3834 (US)
(73) Assignee: General Instrument Corporation, Horsham, PA
(21) Appl. No.: 10/893,047
(22) Filed: Jul. 15, 2004
Related U.S. Application Data
(63) Continuation ol application No. 09/546,900, filed on Apr. 10, 2000.
(60) Provisional application No. 60/128,772, filed on Apr. 9, 1999.
(51) Int. CI.7 11041. 12/16
(52) U.S. CI 713/171; 379/900; 713/155
A secure Internet Protocol (IP) telephony system, apparatus, and methods are disclosed. Communications over an IP telephony system can be secured by securing communications to and from a Cable Telephony Adapter (CTA). The system can include one or more CTAs, network servers, servers configured as signaling controllers, key distribution centers (KDC), and can include gateways that couple the IP telephony system to a Public Switched Telephone Network (PSTN). Each CTA can be configured as secure hardware and can be configured with multiple encryption keys that are used to communicate signaling or bearer channel communications. The KDC can be configured to periodically distribute symmetric encryption keys to secure communications between devices that have been provisioned to operate in the system and signaling controllers. The secure devices, such as the CTA, can communicate with other secure devices by establishing signaling and bearer channels that are encrypted with session specific symmetric keys derived from a symmetric key distributed by a signaling controller.