753 research outputs found
Coding for Cryptographic Security Enhancement using Stopping Sets
In this paper we discuss the ability of channel codes to enhance
cryptographic secrecy. Toward that end, we present the secrecy metric of
degrees of freedom in an attacker's knowledge of the cryptogram, which is
similar to equivocation. Using this notion of secrecy, we show how a specific
practical channel coding system can be used to hide information about the
ciphertext, thus increasing the difficulty of cryptographic attacks. The system
setup is the wiretap channel model where transmitted data traverse through
independent packet erasure channels with public feedback for authenticated ARQ
(Automatic Repeat reQuest). The code design relies on puncturing nonsystematic
low-density parity-check codes with the intent of inflicting an eavesdropper
with stopping sets in the decoder. Furthermore, the design amplifies errors
when stopping sets occur such that a receiver must guess all the channel-erased
bits correctly to avoid an expected error rate of one half in the ciphertext.
We extend previous results on the coding scheme by giving design criteria that
reduces the effectiveness of a maximum-likelihood attack to that of a
message-passing attack. We further extend security analysis to models with
multiple receivers and collaborative attackers. Cryptographic security is
enhanced in all these cases by exploiting properties of the physical-layer. The
enhancement is accurately presented as a function of the degrees of freedom in
the eavesdropper's knowledge of the ciphertext, and is even shown to be present
when eavesdroppers have better channel quality than legitimate receivers.Comment: 13 pages, 8 figure
Implementation and Deployment of a Distributed Network Topology Discovery Algorithm
In the past few years, the network measurement community has been interested
in the problem of internet topology discovery using a large number (hundreds or
thousands) of measurement monitors. The standard way to obtain information
about the internet topology is to use the traceroute tool from a small number
of monitors. Recent papers have made the case that increasing the number of
monitors will give a more accurate view of the topology. However, scaling up
the number of monitors is not a trivial process. Duplication of effort close to
the monitors wastes time by reexploring well-known parts of the network, and
close to destinations might appear to be a distributed denial-of-service (DDoS)
attack as the probes converge from a set of sources towards a given
destination. In prior work, authors of this report proposed Doubletree, an
algorithm for cooperative topology discovery, that reduces the load on the
network, i.e., router IP interfaces and end-hosts, while discovering almost as
many nodes and links as standard approaches based on traceroute. This report
presents our open-source and freely downloadable implementation of Doubletree
in a tool we call traceroute@home. We describe the deployment and validation of
traceroute@home on the PlanetLab testbed and we report on the lessons learned
from this experience. We discuss how traceroute@home can be developed further
and discuss ideas for future improvements
Sparse Signal Processing Concepts for Efficient 5G System Design
As it becomes increasingly apparent that 4G will not be able to meet the
emerging demands of future mobile communication systems, the question what
could make up a 5G system, what are the crucial challenges and what are the key
drivers is part of intensive, ongoing discussions. Partly due to the advent of
compressive sensing, methods that can optimally exploit sparsity in signals
have received tremendous attention in recent years. In this paper we will
describe a variety of scenarios in which signal sparsity arises naturally in 5G
wireless systems. Signal sparsity and the associated rich collection of tools
and algorithms will thus be a viable source for innovation in 5G wireless
system design. We will discribe applications of this sparse signal processing
paradigm in MIMO random access, cloud radio access networks, compressive
channel-source network coding, and embedded security. We will also emphasize
important open problem that may arise in 5G system design, for which sparsity
will potentially play a key role in their solution.Comment: 18 pages, 5 figures, accepted for publication in IEEE Acces
Trustworthy authentication on scalable surveillance video with background model support
H.264/SVC (Scalable Video Coding) codestreams, which consist of a single base layer and multiple enhancement layers, are designed for quality, spatial, and temporal scalabilities. They can be transmitted over networks of different bandwidths and seamlessly accessed by various terminal devices. With a huge amount of video surveillance and various devices becoming an integral part of the security infrastructure, the industry is currently starting to use the SVC standard to process digital video for surveillance applications such that clients with different network bandwidth connections and display capabilities can seamlessly access various SVC surveillance (sub)codestreams. In order to guarantee the trustworthiness and integrity of received SVC codestreams, engineers and researchers have proposed several authentication schemes to protect video data. However, existing algorithms cannot simultaneously satisfy both efficiency and robustness for SVC surveillance codestreams. Hence, in this article, a highly efficient and robust authentication scheme, named TrustSSV (Trust Scalable Surveillance Video), is proposed. Based on quality/spatial scalable characteristics of SVC codestreams, TrustSSV combines cryptographic and content-based authentication techniques to authenticate the base layer and enhancement layers, respectively. Based on temporal scalable characteristics of surveillance codestreams, TrustSSV extracts, updates, and authenticates foreground features for each access unit dynamically with background model support. Using SVC test sequences, our experimental results indicate that the scheme is able to distinguish between content-preserving and content-changing manipulations and to pinpoint tampered locations. Compared with existing schemes, the proposed scheme incurs very small computation and communication costs.</jats:p
- …