No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
Accommodating the Variable Timing of Software AES Decryption on Mobile Receivers
Abstract
Broadcast and multicast services in CDMA2000 wireless networks restrict the provision of high-quality multimedia services to their intended recipients by encrypting the content using the advanced encryption standard (AES) block cipher in the security layer of the broadcast protocol suite. We profile the execution time and the energy of each transformation within the AES decryption process and propose a novel analytic model for predicting the time and energy that are required to decrypt the content at a mobile receiver. The model uses the cross-layer information, including the characteristics of error control in the MAC layer and the varying conditions of the fading channel in the physical layer. In particular, we find that the decryption time varies significantly with the condition of the physical channel. Rate control is, therefore, required to smooth out these variations in the decryption time. For this purpose, we propose the introduction of a jitter buffer into the security layer and estimate the size of this jitter buffer to provide seamless multimedia services.
... Kyungtae Kang, et al, apply the Advanced Encryption Standard (AES) method in blocking the code in the background. The AES decryption process uses new analytical models to predict the time and energy needed to solve the problem of the cellphone receiver [2]. Erkay Savas, et al, the research applies the Advanced Encryption Standard (AES) algorithm for there are several different cache-based attack categories; namely, access-driven, trace-push and timedriven attacks. ...
The length of the plaintext affects the round trip time, where the longer the plaintext, the longer round trip time. In an attempt of 35 plaintext characters obtained 1.171 ms round trip time. Whereas on an attempt of 113 plaintext characters obtained 2.355 ms round trip time. In Figure 2 can be seen the graph increase of the round trip time. The author concludes that the length of the plaintext affects the round trip time in the client server based AES algorithm. The longer the plaintext, the longer the round trip time process will run.
... In recent years, communication technology has made a spurt of progress. As an important part of the communication process, demodulators have been widely used in satellite communications [1][2][3][4], navigation [5,6], mobile communications [7][8][9], and underwater communications [10,11], and so forth. Among them, due to their excellent antinoise performance, BPSK demodulators have attracted wide attention [12][13][14]. ...
In this paper, we propose a field programmable gate array (FPGA) implementation of a one-dimensional convolution neural network (1D-CNN) demodulator for binary phase shift keying (BPSK). The 1D-CNN demodulator includes two 1D-CNNs and a decision module. Discrete time series of BPSK signals are imported into the well-trained 1D-CNNs. The 1D-CNNs detect the phase shifts’ moment and type, including phase shift from 0 to π and that from π to 0. The decision module combines results of the two 1D-CNNs and outputs the demodulated data. In order to improve the efficiency of resource utilization and operation speed of the FPGA circuit, a time-delay network for convolutional calculation and a structure for piecewise approximation for the activation function were designed. To enhance the performance of the 1D-CNN demodulator, universal and diversity training data considering five impact factors were generated specially. Experimental results under different channel conditions show that the proposed demodulator has good adaptability to frequency offset and short latency. The demodulation loss of the proposed demodulator can almost be kept within 2 dB.
In this project, a hardware implementation of the AES-256 encryption and decryption algorithm is proposed. The AES cryptography algorithm can be used to encryption and decryption blocks of 128 bits and is capable of using cipher keys of 256 bits. Feature of the proposed pipeline design is depending on the round keys, which are consumed different round of encryption, are generated in parallel way with the encryption process. This lowers delay of the each round of encryption and reduces the encryption delay of a plaintext block. Xilinx ISE.14.7 (64-bit) is used for simulation by using VHDL and hardware implementation on FPGA (Xilinx Spartan 6 or Altera Cyclone 2 FPGA device).
Rijndael is the winner algorithm of the AES contest; there- fore it should become the most used symmetric-key cryptographic algo- rithm. One important application of this new standard is cryptography on smart cards. In this paper we present an optimisation of the Rijndael algorithm to speed up execution on 32-bits processors with memory con- straints, such as those used in smart cards. First a theoretical analysis of the Rijndael algorithm and of the proposed optimisation is discussed, and then simulation results of the optimised algorithm on dierent proces- sors are presented and compared with other reference implementations, as known from the technical literature.
The recent development of high-speed data transmission over wireless cellular networks has enabled the delivery of multimedia broadcasting services to mobile users. These services involve a range of interactions among different system components, including the wireless channel, the network, and mobile devices, making it crucial for the service provider to verify the model, design, and behavior of a new service before it is deployed. However, previous studies have largely relied on network simulations or scaled experiments, and there has been little work on the sort of unified framework for quality-of-service (QoS) assessment, which considers the interactions between components, that we propose in this paper. Accurate models of the wireless channel, the network, and the data processing that takes place on an embedded system of a mobile client, are integrated within our framework, and allow us to predict several key system metrics and the quality of the video stream as it is perceived by users. Furthermore, different models of system components can be easily plugged in to extend this framework. As an example application, we analyze the performance of the process of decoding scalable videos on ARM-based mobile embedded systems in CDMA2000 wireless cellular networks.
Energy efficiency is key in embedded system design. Understanding the complex issue of software power consumption in early design phases is of extreme importance to make the right design decisions. Here, not only the CPU but also the external memory plays a very important role. Power simulators offer flexibility and allow a detailed view on the sources of power consumption. However, many simulators lack accuracy and focus only on the CPU core without considering the memory subsystem. In this paper, we present XEEMU, a fast, cycle-accurate simulator, which aims at accurately simulating the power consumption of an XScale-based system including its memory subsystem. It has been validated using measurements on real hardware and shows a high accuracy for runtime, instantaneous power, and total energy consumption estimation. The average error is as low as 3.0% and 1.6% for runtime and CPU energy consumption estimation, respectively.
The third-generation WCDMA standard has been enhanced to offer significantly increased performance for packet data and broadcast services through the introduction of high-speed downlink packet access (HSDPA), enhanced uplink, and multimedia broadcast multicast services (MBMS). This article provides an overview of the key technologies used, the reasons behind their selection, and their integration into WCDMA. Performance results are also included to exemplify the performance possible in an evolved WCDMA network.
The Third Generation Partnership Project 2 recently baselined the specification for a cdma2000<sup>®</sup> high-rate broadcast packet data air interface ("cdma2000 High Rate Broadcast-Multicast Packet Data Air Interface Specification", 3GPP2 C.50054). The standard allows high-speed delivery of packet data to multiple access terminals. The article describes the air interface design adopted by 3GPP2, and presents simulation results that predict the performance of the high-speed broadcast system.
A proposed broadcast and multicast system design for the third-generation cdma2000<sup>®</sup> cellular system is described. Network, signaling, and physical layer aspects of the design are proposed to provide an efficient, scalable, and practical method to support one-to-many delivery of different contents.
The cdma2000 1timesevolution-data-only (EV-DO) mobile communication system provides broadcast and multicast services (BCMCS) to meet an increasing demand for multimedia data services. Currently, broadcast and multicast streams are scheduled using a slot-based static algorithm which cannot support dynamic environments where broadcast content is added or removed online. We propose a dynamic packet-scheduling algorithm that works with a retransmission scheme to enable a scalable and adaptive service across the cdma2000 1timesEV-DO BCMCS environments. Since it is integrated with earliest deadline first real-time scheduling, the proposed algorithm not only adapts efficiently to dynamic contexts but also satisfies the real-time requirements of broadcast streams. Furthermore, by exploiting the fine granular scalability features of the MPEG-4 Part 2 standard, our scheme can avoid abrupt playback quality degradation by protecting the base layer using a retransmission technique and can also adapt more flexibly to an environment in which the resource requirements of video streams change dynamically. Simulation results show a significant improvement in average playback quality while quantitatively validating the efficiency of our approach.
The goal of the Advanced Encryption Standard (AES) is to achieve secure communication. The use of AES does not, however, guarantee reliable communication. Prior work has shown that even a single transient error occurring during the AES encryption (or decryption) process will very likely result in a large number of errors in the encrypted/decrypted data. Such faults must be detected before sending to avoid the transmission and use of erroneous data. Concurrent fault detection is important not only to protect the encryption/decryption process from random faults. It will also protect the encryption/decryption circuitry from an attacker who may maliciously inject faults in order to find the encryption secret key. In this paper, we first describe some studies of the effects that faults may have on a hardware implementation of AES by analyzing the propagation of such faults to the outputs. We then present two fault detection schemes: The first is a redundancy-based scheme while the second uses an error detecting code. The latter is a novel scheme which leads to very efficient and high coverage fault detection. Finally, the hardware costs and detection latencies of both schemes are estimated.
Multimedia Broadcast/Multicast Service (MBMS) supports downlink streaming and download-and-play type services to large groups of users. From the radio perspective, MBMS includes point-to-point (PtP) and point-to-multipoint (PtM) modes. This paper investigates and presents different multi-resolution broadcast systems for Wideband Code Division Multiple Access (WCDMA) cellular mobile networks, namely, multi-code, hierarchical QAM constellations and multi-antenna (MIMO) systems. Each one present performance gains over conventional single-resolution broadcast systems. A comparison is made between the three proposed multi-resolution systems. The use of High Speed Downlink Packet Access (HSDPA) to multicast video streaming as a multi-resolution system, associated or not to MIMO, can be employed by the MBMS PtP mode, but dependently on the deployment scenarios it can yield substantial reduction in resource demand and optimization of the allocated radio resources
TV is regarded as a key service for mobile devices. In the past, Mobile TV was often associated with broadcast transmission. However, unicast technology is sufficient in many cases, especially since mobile users prefer to access content on-demand, rather than following a fixed schedule. In this paper we will focus on 3G mobile networks, which have been primarily optimized for unicast services. Based on a traffic model we will discuss the capacity limits of 3G networks for unicast distribution of Mobile TV. From the results it can be concluded that the capacity is sufficient for many scenarios. In order to address scenarios in which broadcast is a more appropriate technology, 3GPP has defined a broadcast extension, called Multimedia Broadcast Multicast Service (MBMS). MBMS introduces shared radio broadcast bearers and has thus the capabilities of a real broadcasting technology. We will give a short overview about MBMS including a discussion on MBMS capacity. Since MBMS is primarily a new transport technology, additional application and service layer technologies are required, like electronic service guide and service protection. These mechanisms are standardized by the Open Mobile Alliance (OMA) and are favorably combined with MBMS or 3G unicast distribution in order to create complete end-to-end solutions. In order to optimize a system for delivery of broadcast services over 3G networks, the advantages of broadcast and unicast should be combined. We argue that hybrid unicast-broadcast delivery offers the best system resource usage and also the best user experience, and is thus favorable not only for broadcast delivery in 3G networks, but actually also for non-cellular broadcast systems like DVB-H or DMB
Raptor codes have been standardized as application layer forward error correction (FEC) codes for Multimedia Broadcast and Multicast Services (MBMS) and Digital Video Broadcast (DVB) due to their extraordinary advanced FEC protection and performance. Raptor codes are known to have characteristics very close to ideal and provide a wide range of operating flexibility and efficiency unmatched by other codes, and in particular they are an excellent implementation of fountain codes. Until now, investigations of the application of Raptor codes to UMTS and EPGRS have used an overall system model that does not accurately model the physical channel and user mobility, simplistically assuming independent random packet losses at the application layer. We investigate MBMS in UMTS in a much more realistic and complete simulation environment by considering advanced and complete channel models that simulate the physical channel and user mobility in a cellular network. We use this realisitic simulation environment to determine optimal system parameters under different mobility models, with different bearer parameters, and without and with selective combining. More specifically, we investigate joint settings of the Raptor code rate, the Turbo code rate, transmission power, etc., to find settings which provide reliable download delivery of files using minimal transmission energy. One of our main results is that optimal system-wide operating points use low transmission power and a modest amount of Turbo coding that results in relatively large radio packet loss rates that is compensated for by using a substantial amount of Raptor coding. These optimal operating points use far less transmission energy for download delivery of files than possible operating points without Raptor
In this paper we study structural properties of SPN ciphers in which both the S-boxes and the affine layers are involutions. We apply our observations to the recently designed Rijndael-like ciphers Khazad and Anubis, and show several interesting properties of these ciphers. We also show that 5-round Khazad has 2 weak keys under a "slide-with-a-twist" attack distinguisher. This is the first cryptanalytic result which is better than exhaustive search for 5-round Khazad. Analysis presented in this paper is generic and applies to a large class of ciphers built from involutional components.
A new secret-key block cipher is proposed as a candidate for a new encryption standard. In the proposed cipher, the plaintext and the ciphertext are 64 bit blocks, while the secret key is 128 bit long. The cipher is based on the design concept of "mixing operations from different algebraic groups" The cipher structure was chosen to provide confusion and diffusion and to facilitate both hardware and software implementations.
From the Publisher:
IEEE Press is pleased to bring back into print this definitive text and reference covering all aspects of microwave mobile systems design. Encompassing ten years of advanced research in the field, this invaluable resource reviews basic microwave theory, explains how cellular systems work, and presents useful techniques for effective systems development. The return of this classic volume should be welcomed by all those seeking the original authoritative and complete source of information on this emerging technology. An in-depth and practical guide, Microwave Mobile Communications will provide you with a solid understanding of the microwave propagation techniques essential to the design of effective cellular systems.
Broadcast and multicast services (BCMCS) in CDMA2000 wireless telecommunications networks restrict high- quality multimedia services to their intended recipients by encrypting content. The air specification of BCMCS includes the advance encryption standard (AES) block cipher in the security layer of the broadcast protocol suite. We surveyed the AES block cipher algorithm and characterized the time it requires. We also profiled the execution time of each transformation that comprises the AES cipher. Drawing on these results, we proposed a analytic model that can predict the time required to decrypt encrypted contents at a mobile by considering cross-layer information, such as the characteristics of error control using Reed-Solomon coding in the MAC layer and varying conditions of the fading channel in the physical layer. This model will enable us to estimate the buffer size required to ensure seamless multimedia services.
Scalable video transmission over a network is easily adaptable to different types of mobile experiencing different network conditions. However the transmission of differentiated video packets in an error-prone wireless environment remains problematic. We propose and analyze a cross-layer error control scheme that exploits priority-aware block interleaving (PBI) in the MAC layer for video broadcasting in CDMA2000 systems. The PBI scheme allocates a higher priority to protecting the data which are more critical to the decoding of a video stream, and therefore has more effect on picture quality in the application layer. The use of Reed-Solomon coding in conjunction with PBI in the MAC layer can handle error bursts more effectively if its implementation takes account of underlying error distributions in the physical layer, and differentiates between different types of video packets in the application layer. We also calculate the maximum jitter from the variability of the Reed-Solomon decoding delay and determine the size of jitter buffer needed to prevent interruptions due to buffer underrun. Simulations demonstrate the extent to which we can improve the perceived quality of scalable video.
We propose secret-key cryptosystems MISTY1 and MISTY2, which are block ciphers with a 128-bit key, a 64-bit block and a variable
number of rounds. MISTY is a generic name for MISTY1 and MISTY2. They are designed on the basis of the theory of provable
security against differential and linear cryptanalysis, and moreover they realize high speed encryption on hardware platforms
as well as on software environments. Our software implementation shows that MISTY1 with eight rounds can encrypt a data stream
in CBC mode at a speed of 20Mbps and 40Mbps on Pentium/100MHz and PA-7200/120MHz, respectively. For its hardware performance,
we have produced a prototype LSI by a process of 0.5Μ CMOS gate-array and confirmed a speed of 450Mbps. In this paper, we describe the detailed specifications and design principles
of MISTY1 and MISTY2.
We consider the problem of implementing security algorithms into embedded systems deployed in automation applications. Such systems are typically built on embedded microcontrollers with limited resources and as hardware changes may not be possible or convenient, the software based cryptography is a suitable solution. In this paper we present results of performance benchmarks of different software-implemented symmetric cryptography algorithms on 8 and 16-bit microcontroller platforms. The contribution of the work is in comparing performance of different algorithms, embedded microcontroller platforms, effects of optimizations and different implementations.
A performance comparison for the 64-bit block cipher (Triple-DES, IDEA, CAST-128, MISTY1, and KHAZAD) FPGA hardware implementations is given in this paper. All these ciphers are under consideration from the ISO/IEC 18033-3 standard in order to provide an international encryption standard for the 64-bit block ciphers. Two basic architectures are implemented for each cipher. For the non-feedback cipher modes, the pipelined technique between the rounds is used, and the achieved throughput ranges from 3.0 Gbps for IDEA to 6.9 Gbps for Triple-DES. For feedback ciphers modes, the basic iterative architecture is considered and the achieved throughput ranges from 115 Mbps for Triple-DES to 462 Mbps for KHAZAD. The throughput, throughput per slice, latency, and area requirement results are provided for all the ciphers implementations. Our study is an effort to determine the most suitable algorithm for hardware implementation with FPGA devices.
Commercial third-generation (3G) cellular technologies being deployed worldwide offer a host of services that can be used to support communications among public safety officials and members of government agencies and to disseminate information to the general public. This paper reviews some of the unique requirements for voice and data services in the context of homeland security and describes how 3G CDMA2000* and Universal Mobile Telecommunications System (UMTS) networks satisfy many of them. It also discusses how the broadcast/multicast services (BCMCS) currently being standardized for 3G cellular technologies can provide team-oriented voice and broadband data communications for public safety users. Finally, it proposes an architectural framework that allows the services and capabilities of homeland security wireless networks to be upgraded using commercial 3G cellular technologies while preserving the investment in legacy public safety networks. © 2004 Lucent Technologies Inc.
Providing high-quality broadcast services for soft real-time applications over wireless networks such as CDMA2000, which have high bit error rates, requires the control of errors that occur during data transmission. Reed-Solomon (RS) forward error correction (FEC) in the medium access control (MAC) layer performs this role in 3G broadcast services. We propose new analytic models for predicting the performance of RS coding and its execution time, which take into account the memory property of a fading channel, different channel conditions, and a variable level of block interleaving. We identify RS decoding as a significant cause of variability in execution time, taking the form of jitter, which depends on the channel conditions. We analyze the size of buffer required to absorb the jitter under different channel conditions. We then formulate a trade-off between the performance of RS coding and the delay that it causes in transmitting a fixed amount of data with different levels of block interleaving. Finally, we show how to balance the quality with which content is presented against an acceptable buffering delay, which is very important to soft real-time applications, by using an adequate level of block interleaving. This study offers a guide for the provision of efficient broadcast services in real time with stochastically guaranteed quality.
Compact design is very important for embedded systems such as wireless sensor nodes, RFID tags and mobile devices because of their limited hardware (H/W) resources. This paper proposes a compact H/W implementation for the KASUMI block cipher, which is the 3GPP standard encryption algorithm. In [8] and [9], Yamamoto et al. proposed a method of reducing the register size for the MISTY1 FO function (YYI-08), and implemented very compact MISTY1 H/W. In this paper we aim to implement the smallest KASUMI H/W to date by applying a YYI-08 configuration to KASUMI, whose FO function has a similar structure to that of MISTY1. However, we discovered that straightforward application of YYI-08 raises problems. We therefore propose a new YYI-08 configuration improved for KASUMI and the compact H/W architecture. The new YYI-08 configuration consists of new FL function calculation schemes and a suitable calculation order. According to our logic synthesis on a 0.11-mu m ASIC process, the gate size is 2.99 K gates, which, to our knowledge, is the smallest to date.
In cdma2000 1xEV-DO Broadcast and Multicast Services (BCMCS), Reed-Solomon coding is applied to the layers above the turbo code, and is particularly effective in correcting long bursts of errors. An additional block interleaving mechanism improves the performance of RS coding by increasing the time diversity, to an extent controlled by the width of the error control block (ECB), which converts error bursts into random patterns. We propose and evaluate a performance model of RS coding under varying conditions of Rayleigh fading on the broadcast channel, within the levels of block interleaving that the BCMCS specification allows. Simulation results show that our model predicts the performance of RS coding accurately. This evaluation will allow a service provider to determine the most efficient RS code for their target service quality, that maximizes the effective data-rate and minimizes the energy required for the RS decoding process.
At the dawn of the new millennium, third generation (3G) advanced digital systems are being deployed worldwide. This latest generation is characterized by improvements to system capacity, reliability, extended services and, most importantly, expanded support for high-speed data communications. High speed means that bandwidth hungry multimedia applications can be provided to the mobile user. cdma2000 1X and Wideband Code Division Multiple Access (WCDMA) supports both voice and data. While cdma2000 1×EV-DO is unique in that it is ideal for supporting data communication.
We investigate the behavior of block errors which arise in data
transmission on fading channels. Our approach takes into account the
details of the specific coding/modulation scheme and tracks the fading
process symbol by symbol. It is shown that a Markov approximation for
the block error process (possibly degenerating into an identically
distributed (i.i.d.) process for sufficiently fast fading) is a good
model for a broad range of parameters. Also, it is observed that the
relationship between the marginal error rate and the transition
probability is largely insensitive to parameters such as block length,
degree of forward error correction and modulation format, and depends
essentially on an appropriately normalized version of the Doppler
frequency. This relationship can therefore be computed in the simple
case of a threshold model and then used more generally as an accurate
approximation. This observation leads to a unified approach for the
channel modeling, and to a simplified performance analysis of upper
layer protocols
This paper presents a new family of convolutional codes, nicknamed
turbo-codes, built from a particular concatenation of two recursive
systematic codes, linked together by nonuniform interleaving. Decoding
calls on iterative processing in which each component decoder takes
advantage of the work of the other at the previous step, with the aid of
the original concept of extrinsic information. For sufficiently large
interleaving sizes, the correcting performance of turbo-codes,
investigated by simulation, appears to be close to the theoretical limit
predicted by Shannon
Combining broadcast and mobile phone technologies, 3GPP2 has introduced the Broadcast and Multicast Services (BCMCS) architecture to deliver multimedia content over cdma2000 1xEV-DO wireless networks. In designing a mobile device to support multimedia broadcast services, it is important to reduce delay and energy consumption, while maintaining a tolerable level of data loss. We analyse the energy consumed by a mobile device receiving broadcast services, focusing on error recovery using the Reed-Solomon (RS) MAC-layer coding scheme. Our model is based on the energy consumed by each computational component of the RS decoder, which we determined by running the decoding process on a realistic ARM7TDMI testbed with experimentally justified cache sizes, and characterizing the energy consumption accurately with the SNU Energy Explorer. By varying the radio channel conditions, RS coding scheme and other system parameters, we determined energy-efficient cache configurations and operating ranges for each RS encoding scheme, corresponding to given levels of service quality in a video application. We have also found that significant energy can be saved by selecting a size of error control block that is appropriate to the target video quality and the channel conditions at the mobile
In cellular environments, video broadcasting is a challenging problem in which the number of users receiving the service and the average successfully decoded video data-rate have to be intelligently optimized. When video is broadcasted using the 3G packet data standard, 1xEV-DO, the code space may be divided among the multiple layers if scalable video coding is employed. In this paper, we propose a novel, multi-objective optimized video broadcasting scheme for 1xEV-DO and investigate the feasibility of using multiple layers for transmission. The multi-objective optimization aims to find the best compromise between maximizing the average decodable video data-rate and minimizing the basic quality video outage probability. Simulations conducted for the ITU Pedestrian A and Vehicular B channels show that high data-rates with low outages are possible when 1xEV-DO is used for video broadcasting, however, it may not be desirable to use scalable video coding for this purpose
The authors examine the past and future of the Data Encryption
Standard (DES), which is the first, and to the present date, only,
publicly available cryptographic algorithm that has been endorsed by the
US government of the standard during the early 1970s, the controversy
regarding the proposed standard during the mid-1970s, the growing
acceptance and use of the standard in the 1980s, and some recent
developments that could affect its future
In this paper, we study the correlation properties of the fading mobile radio channel. Based on these studies, we model the channel as a one-step Markov process whose transition probabilities are a function of the channel characteristics. Then we present the throughput performance of the Go-Back-N and Selective-Repeat ARQ protocols with timer control, using the Markov model for both forward and feedback channels. This approximation is found to be very good, as confirmed by simulation results. I. INTRODUCTION Interest in wireless communication has increased in recent years to foster Personal Communication Services (PCS), as well as to explore the feasibility of ATM communications over wireless links. In this context, there is a need to integrate voice, data and other types of traffic over radio channels. This integration is likely to involve the segmentation of all types of traffic into blocks prior to their multiplexing on the link, and it is important that the system be robust enough...