A Wire‑Tap Approach to Enhance Security in Communication Systems Using the Encoding‑Encryption Paradigm

A Wire‑Tap Approach to Enhance Security in Communication Systems Using the Encoding‑Encryption Paradigm

This document is downloaded from DR‑NTU (https://dr.ntu.edu.sg) Nanyang Technological University, Singapore. A wire‑tap approach to enhance security in communication systems using the encoding‑encryption paradigm Mihaljevic, Miodrag; Oggier, Frederique 2010 Mihaljevic, M. & Oggier, F. (2010). A wire‑tap approach to enhance security in communication systems using the encoding‑encryption paradigm. Information and Coding Theory Workshop, International Conference on Telecommunications (ICT) 2010. https://hdl.handle.net/10356/93759 Downloaded on 28 Sep 2021 14:24:25 SGT A Wire-tap Approach to Enhance Security in Communication Systems using the Encoding-Encryption Paradigm Miodrag Mihaljevic´ Fred´ erique´ Oggier Mathematical Institute Division of Mathematical Sciences Serbian Academy of Sciences and Arts, Belgrade, Serbia School of Physical and Mathematical Sciences and Research Center for Information Security (RCIS) Nanyang Technological University Institute of Advanced Industrial Science and Technology (AIST), Singapore Tokyo, Japan Email: [email protected] Email:[email protected] Abstract—Motivated by the GSM system, we consider com- the redundant data from the cryptographic security point of munication systems which employ the encoding-encryption view has been pointed out even in [6] where the cryptography paradigm of first encoding the data before encrypting it for as a scientific topic has been established. Performing error- transmission. We add one level of security to the existing system designs by introducing a wiretap encoder. We analyze the security correction coding of a message before encryption introduces a from an information theoretical point of view, and prove the structured redundancy, which could be an origin for mounting enhanced security of the proposed scheme, focusing on the certain attacks against the employed keystream generator. case of known plain text attacks that can endanger not only The question that we address in this work is a generic the confidentiality of some messages but also the safety of the approach for enhancing the security of communication systems key used for encryption, and thus the security of the whole communication system. where the data is first encoded and then encrypted, of which GSM is maybe the most famous motivating example. We are I. INTRODUCTION mainly focusing on the security of the keystream generator, Reliability in wireless communication systems has been more important than the security of a given confidential extensively studied in the past decades. Recently, more and message. This is done by employing an additional dedicated more attention has been paid to the fact that wireless channels wire-tap channel coding. Similar ideas have recently appeared are by nature more vulnerable to eavesdropping. Accordingly in the context of stream ciphers designs [3], [4], but the focus wireless systems should include coding algorithms for pro- of this paper is very different since we deal with existing viding error-corrections as well as ciphering algorithms for (given) encryption schemes. encryption and decryption. The contribution of this paper is to propose and elaborate An illustrative example where the coding and ciphering an approach for improving the security of communication are of high importance is GSM (see [2]-[1]), which is the systems which utilize the “first encoding then encryption” most widespread system of mobile communications. GSM paradigm, employing a stream cipher and an error correcting must use error correction to withstand reception errors, as code. As a starting point for our study, we consider the case well as encryption to provide privacy for the users. The GSM of certain discrete memoryless channels (DMCs). We involve protocol uses the encoding-encryption paradigm: a message is into an existing system an additional block which performs a first subjected to an error-correction code which considerably dedicated wire-tap channel like coding. This dedicated coding increases the size of the message. The encoded message is then provides origin for enhancing the security as a trade-off with a encrypted and transmitted (see [1], Annex A). This approach slight/moderate increase of the implementation complexity and contradicts to the common practice of first encrypting a the communications overhead. The improved security appears message, and only then subjecting it to error-correction codes. as a consequence of joint impact of the proposed dedicated Note that an advantage of encoding and then encrypting wire-tap channel coding based on a linear mapping controlled is that even in a known plaintext attacking scenario, a wire- by a pure randomness and a noise which is inherent in the tapper can learn only a noisy version of the keystream which communication channel. makes, generally speaking, the cryptanalysis of the employed We study the security of the proposed approach from an keystream generator more complex. On the other hand, this information-theoretic point. More precisely, we show that approach implies encryption of more data because the error- the information-theoretic security of the keystream is a de- correction encoding generates redundant data in order to creasing function of the sample available for cryptanalysis. provide possibility of the errors correction. Undesirability of The achieved trade-off between the enhanced security and • operators of the homophonic wire-tap channel encoding Transmitter Keystream −1 Generator CH (·) and decoding C (·). secret key H {xi} {yi} {ai} Error-Correction A. Encoding and encryption at the transmitter Encoding encryption message {b } i The transmitter goes through the following steps: Discrete Memoryless 1) Employing the random vector u, it performs the homo- Channel (DMC) phonic (wire-tap channel) encoding of the plain text a Receiver to get { } {a } zi i Error-Correction decryption CH (a||u), Decoding message {bi} {x } i where || denotes the concatenation. How the wire-tap Keystream channel coding is concretely done will be discussed later secret key Generator on. 2) The transmitter then does the error-correction encoding Fig. 1. Model of the communications system under consideration. of the resulting vector: CE(CH (a||u)). (1) the increased implementation and communications overheads 3) Finally, it generates the ciphertext in form of an n- appears as very appropriate in a number of scenarios where dimensional binary vector y given by the security is a high priority. y = CECC (CH (a||u)) ⊕ x, (2) II. COMMUNICATION SYSTEMS MODEL where x is the output of the keystream generator and ⊕ We consider a class of communications systems which denotes XOR or addition modulo 2. employs coding and ciphering for providing the reliability and The vector y is then sent over the channel. secrecy of the transmissions, as shown in Fig. 1. The system is composed of: B. Decryption and decoding at the receiver • an ℓ-dimensional binary vector of message/plaintext data ℓ Assuming transmission over a class of binary discrete a = [ai]i=1 to be sent; n memoryless channel (DMC), the receiver gets the noisy vector • an n-dimensional binary vector x = [xi]i=1 of the keystream generator output bits used to protect the vector z given by a of data; z = y ⊎ v • a noisy binary channel, represented by an n-dimensional n binary vector v = [vi]i=1 of random noise, where each = CECC (CH (a||u)) ⊕ x ⊎ v, (3) coefficient vi is the output of a random variable Vi where stands for the operations of complementation and/or satisfying that Pr(Vi = 1) = p and Pr(Vi = 0) = 1 − p; ⊎ −1 erasures controlled by the vector v in the considered class of • CECC (·) and CECC (·): operator of the error-correction encoding and decoding, respectively. binary DMCs. Upon reception, the receiver first computes We assume the employed encryption is a stream ciphering. Indeed, the trick of reversing the order of encryption and z ⊕ x = C (C (a||u)) ⊎ v error-correction is not possible if a block-cipher were to be ECC H used for encryption. Accordingly, modulo 2 addition of the and then decode z ⊕ x: corrupted binary sequence of ciphertext and the keystream −1 −1 yields a corrupted version of the error-correction encoded CECC (z ⊕ x) = CECC (CECC (CH (a||u)) ⊎ v) plaintext where the employed encoding provides possibility for = CH (a||u) recovering the error-free plaintext. As such, the above given system is already able to provide reliability via error correcting since by assumption the error correcting code can correct the codes and some security via the use of the keystream generator. errors introduced by v. The only things left are thus to decode To enhance the security without having to change the the wire-tap code, and to remove the random bit string u, existing system, we incorporate a wire-tap encoder, composed namely of: −1 −1 a = tcatℓ(CH (CECC (z ⊕ x))) • an (m−ℓ)-dimensional binary vector of random data u = m−ℓ [ui]i=1 where each ui is the realization of the random where tcatℓ(·) denotes truncation of the argument vector to variable Ui such that Pr(Ui = 1) = Pr(Ui = 0) = 1/2; the first ℓ bits. the employed codeword inside the coset u(s) ⊕ C. The Transmitter Keystream Generator transmitted word c is specified by: secret key {xi} C C C {y } c = s1h1 ⊕s2h2 ⊕. .⊕slhl ⊕u1g1 ⊕u2g2 ⊕. .⊕ukgk {ai} i Homophonic Error-Correction encryption Encoding Encoding message { } where u = [u1,u2,...,uk] is a uniformly distributed {u } bi i random k-bit vector and k ≤ n − l. Source of Discrete Randomness Memoryless Channel We can now summarize the overall encoding operation: (DMC) Receiver h1 {z } {a } i i Homophonic Error-Correction decryption h2 Decoding Decoding message . {bi} c = [s||u] . = [s||u]G , {x } . H i Keystream hl Generator C secret key G where GH is a (l + k) × n binary matrix corresponding to Fig. 2. A framework for enhancing security employing dedicated wire-tap CH (·). channel like coding and pure randomness. B.

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    7 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us