Architectural overview of the SPEAKeasy system

SPEAKeasy is a successful implementation of a software-defined radio (SDR) for military applications. It permits general-purpose digital hardware to communicate over a wide range of frequencies, modulation techniques, data encoding methods, cryptographic types, and other communication parameters. The background of SDRs for military and commercial needs is discussed, and the SPEAKeasy architecture is defined     

SDR中新型自适应复分接芯片的板级验证

针对多用户型软件无线电(SDR)的发展需求,基于FPGA,采用新型时钟提取方案,设计实现了自适应数字复分接芯片的板级验证平台,详细阐述了平台的软、硬件设计及自适应实现过程,给出了平台的各项测试指标.测试结果表明,该平台可满足数字复分接芯片的验证需求.     

一种软件密钥托管设计方案

近年来密钥托管算法受到了广泛的关注。Clipper、Capstone等硬件芯片均采用保密的加密算法,而遭到公众的不满和怀疑。1993年8月,NIST宣布了一项工业合作计划,考虑用开发软件技术实现密钥托管。本文设计了一种用软件实现的密钥托管方案,采用单钥密码算法加密消息,并利用公钥密码算法、单向杂凑函数算法等实现用户识别和密钥检验。     

Broadband RF stage architecture for software-defined radio inhandheld terminal applications

Broadband RF is a general-purpose common RF stage for every standard within a set of RF bands. The RF stage architecture presented in this article is suitable for software-defined radios. This article first defines the conceptual scheme of a handheld software defined radio (SDR) terminal, and then describes how the direct conversion principle is applied to the SDR. The discussion focuses on receiver hardware implementation and systematic control     

GUC安全的关系联结算子保密计算协议

分布式数据库系统的关系算子的保密计算协议是多方保密计算(MPC)理论的重要应用领域之一,目前该方向的绝大部分工作主要针对如何构造查询类算子的保密计算协议,对如何构造数据生成类算子的保密计算协议则较少涉及。针对广泛应用的关系联结(join)算子,基于保密及匿名的身份基公钥加密(IBE)方案及其用户私钥盲生成协议给出联结算子的2-方保密计算协议的一种通用的、不依赖于随机oracle(即标准模型)的有效构造,并证明该构造具有GUC(generlized universal composability)安全性。     

SecureDL: A privacy preserving deep learning model for image recognition over cloud

The key benefits of cloud services such as low cost, access flexibility, and mobility have attracted worldwide users to utilize deep learning algorithms for computer vision. These cloud servers are maintained by third parties, where users are always concerned about sharing their confidential data with them. In this paper, we addressed these concerns for by developing SecureDL, a privacy-preserving image recognition model for encrypted data over cloud. The proposed block-based image encryption scheme is well designed to protect image’s visual information. The scheme constitutes an order-preserving permutation ordered binary number system and pseudo-random matrices. The proposed method is proved to be secure in a probabilistic viewpoint, and using various cryptographic attacks. Experiments are conducted over several image recognition datasets, and the trade-off analytics between the achieved recognition accuracy and data encryption is well described. SecureDL overcomes the storage and computational overheads that occur with fully-homomorphic and multi-party computation based secure recognition schemes.     

Optimization method for attribute-based cryptographic access control in mobile cloud computing

For the problem of secure data sharing and access control in mobile cloud,the drawback of traditional cryptographic access control schemes was deeply analyzed.Considering the truth that mobile devices were usually equipped with limited resources,an optimized attribute-based cryptographic access control scheme was proposed in this study.In the proposed scheme,a third party proxy was introduced into the system model,and the two-layer encryption method was applied.Combining traditional attribute-based encryption (ABE) algorithm with multi-secret sharing and split measurement of ABE encryption,the scheme could greatly reduce the cost of mobile users in terms of data publish and access management.Theoretical and experimental analysis shows that the contribution can well meet the requirements of mobile cloud in terms of security,computational complexity and communication cost,which means that it is promising for future applications.     

Techniques for Random Masking in Hardware

A new technique for Boolean random masking of the logic and operation in terms of nand logic gates is proposed and applied for masking the integer addition. The new technique can be used for masking arbitrary cryptographic functions and is more efficient than previously known techniques, recently applied to the Advanced Encryption Standard (AES). New techniques for the conversions from Boolean to arithmetic random masking and vice versa are also developed. They are hardware oriented and do not require additional random bits. Unlike the previous, software-oriented techniques showing a substantial difference in the complexity of the two conversions, they have a comparable complexity being about the same as that of one integer addition only. All the techniques proposed are in theory secure against the first-order differential power analysis on the logic gate level. They can be applied in hardware implementations of various cryptographic functions, including AES, (keyed) SHA-1, IDEA, and RC6     

Multi-authority attribute-based encryption scheme with policy dynamic updating

Attribute-based encryption (ABE) is a new cryptographic technique which guarantees fine-grained access control of outsourced encrypted data in the cloud environment.However,a key limitation remains,namely policy updating.Thus,a multi-authority attribute-based encryption scheme with policy dynamic updating was proposed.In the scheme,an anonymous key issuing protocol was introduced to protect users’ privacy and resist collusion attack of attribute authority.The scheme with dynamic policy updating technique was secure against chosen plaintext attack under the standard model and can support any types of policy updating.Compared to the existing related schemes,the size of ciphertext and users’ secret key is reduced and can significantly reduce the computation and communication costs of updating ciphertext.It is more effective in the practical application.     

An efficient anonymous authentication and confidentiality preservation schemes for secure communications in wireless body area networks

Wireless body area network (WBAN) is utilized in various healthcare applications due to its ability to provide suitable medical services by exchanging the biological data between the patient and doctor through a network of implantable or wearable medical sensors connected in the patients’ body. The collected data are communicated to the medical personals through open wireless channels. Nevertheless, due to the open wireless nature of communication channels, WBAN is susceptible to security attacks by malicious users. For that reason, secure anonymous authentication and confidentiality preservation schemes are essential in WBAN. Authentication and confidentiality play a significant role while transfers, medical images securely across the network. Since medical images contain highly sensitive information, those images should be transferred securely from the patients to the doctor and vice versa. The proposed anonymous authentication technique helps to ensure the legitimacy of the patient and doctors without disclosing their privacy. Even though various cryptographic encryption techniques such as AES and DES are available to provide confidentiality, the key size and the key sharing are the main problems to provide a worthy level of security. Hence, an efficient affine cipher-based encryption technique is proposed in this paper to offer a high level of confidentiality with smaller key size compared to existing encryption techniques. The security strength of the proposed work against various harmful security attacks is proven in security analysis section to ensure that it provides better security. The storage cost, communication cost and computational cost of the proposed scheme are demonstrated in the performance analysis section elaborately. In connection to this, the computational complexity of the proposed scheme is reduced around 29% compared to the existing scheme.

     

Secure information transmission for mobile radio

A new technique for secure information transmission in a mobile environment is described. This technique uses the short term reciprocity of the radio channel so that information is intelligible only to an intended receiver. The exchange of information does not require the availability of a common secure key between two users; however, the proposed technique can also be used for cryptographic key agreement between two users     

安全的两方协作SM2签名算法

在签名算法中,一旦签名私钥被窃取,敌手就可以随意伪造合法用户的签名,从而致使合法用户的权益受到侵害.为了降低签名私钥泄露的风险,本文提出了一种安全的两方协作SM2数字签名算法,该算法将签名私钥拆分成两个部分,分别交由两方来保管,通过采用零知识证明、比特承诺、同态加密等密码学技术保证了只有合法的通信双方才能安全地协作产生完整的SM2签名,任何一方都不能单独恢复出完整的签名私钥,方案的安全性在通用可组合安全框架下被证明,与已有的SM2协作签名方案相比,本文方案具有交互次数少、协作签名效率高等优势.     

Effective autocorrelation-based spectrum sensing technique for cognitive radio network applications

Spectrum sensing based on detection techniques enables cognitive radio networks to detect vacant frequency bands. The spectrum sensing gives the opportunity to increase the radio spectrum channels re-utilization. However, the main challenge in spectrum sensing is the simplicity of the considered detection approach and the amount of prior information needed to make an accurate decision. This paper proposes a novel sensing technique based on the autocorrelation function. This novel approach is based on the speed of convergence to zero of all autocorrelation coefficients. This technique shows the highest probability of detection for the same probability of false alarm target at low signal-to-noise ratio (SNR) compared with many standard detection techniques. The proposed method has been implemented using GNU Radio software and SDR (software-defined radio) platforms. The experimental results show the effectiveness of the proposed method under real scenarios.     

Analyzing encryption protocols using formal verification techniques

An approach to analyzing encryption protocols using machine-aided formal verification techniques is presented. The properties that the protocol should preserve are expressed as state invariants, and the theorems that must be proved to guarantee that the cryptographic facility satisfies the invariants are automatically generated by the verification system. A formal specification of an example system is presented, and several weaknesses that were revealed by attempting to verify and test the specification formally are discussed.<>     

On supporting rapid prototyping of embedded systems with reconfigurable architectures

Reducing time-to-market while improving product quality is a big challenge. This paper proposes a software-supported framework for rapid prototyping that offers a concurrent fast hardware/software system-level design. The introduced framework enables the constant evaluation and verification of the prototype under development, while it provides automatic functionality mapping to hardware via High-Level Synthesis techniques. We evaluate our framework and its software instantiation with a computer vision algorithm. Based on our experimentation, we show that our approach reduces the development time by almost 64×, it prunes the hardware design space by 34×, while maintaining designs that trade-off high Quality-of-Report on the Pareto frontier.     

Bulk encryption algorithm for use with RSA

The public-key cryptosystem known as RSA is widely judged to be secure, but in software implementations is slow, and even in hardware implementations encryption with a general 512-bit exponent runs only at tens of kilobits per second. Use of a small public exponent can speed encryption by up to 375-fold, but decryption speed can be increased only by four-fold in software or two-fold in hardware using the method of Quisquater and Couvreur (1982). It is therefore common to employ a second, fast, secret-key, cryptosystem such as the DES as the bulk encryption method, while the session key for that system is transferred using RSA. This however increases the security risk, as breaking either RSA or DES is sufficient to obtain knowledge of the plaintext, and DES in particular has been the subject of intense cryptanalytic activity in recent years. It is therefore desirable to use a fast secret-key bulk encryption algorithm whose security can be demonstrably related to that of RSA. The following proposed system, designated QS, goes some way to meeting this aim.<>     

Joint channel mitigation and side information estimation for GFDM systems in indoor environments

Generalized frequency division multiplexing (GFDM) is the foremost contender for physical layer of 5G communication. The flexible nature of GFDM allows multiple symbols in time domain to superimpose, thereby creating high peak to average power ratio (PAPR). The idea of selective mapping (SLM) is to use a sequence of phase rotation vectors for generating alternatives using original GFDM signal. Among them, signal with lowest PAPR is selected for transmission. This procedure requires mandatory side information (SI) estimation or transmission which in turn decreases data reliability or efficiency. To address these issues, authors present a modified approach of pilot-assisted GFDM SLM system without need of SI transmission and to enable joint PAPR reduction and data recovery. In the proposed approach, we utilize a common modulating phase to modulate all subcarriers in a subsymbol assuming that each subsymbol consists of at least two pilots. This creates an inherent SI cancellation mechanism using the pilots which are employed for channel estimation. For practical validation of proposed concepts, we used software-defined radio (SDR) experimental setup employing universal software radio peripheral USRP) 2953R as hardware and Labview as software. Experimental results show a significant reduction in out-of-band spectral leakage without disturbing the estimated channel response.     

Antenna design strategy and demonstration for software-defined radio (SDR)

Antennas are a key enabling technology for software-defined radio (SDR). Although software is extremely flexible, SDR??s potential is limited by antenna size and performance. In this paper, we review typical antenna miniaturization techniques and fundamental theories that limit antenna size and performance including operational bandwidth, gain (or range), and radiation pattern. Possible antenna design strategies are discussed to meet the desired specifications in SDR based on observations from the limit theories. The application of strategies to enable multiband (resonant), continuous multiband (frequency independent), and instantaneous, ultra-wideband antennas are discussed qualitatively. Advantages, disadvantages, and design trade-off strategies for different types of antennas are compared from a system-level perspective. A design example for a compact ultra-wideband (UWB) antenna is presented for a software-defined platform. The example involves a direct-conversion radio developed in Wireless@VT that uses a Motorola RFIC having a 100 MHz?C6 GHz operational frequency range with a 9 kHz?C20 MHz channel bandwidth. The example antenna covers frequencies from 450 MHz to 6 GHz instantaneously with approximately 5-dBi realized gain over a finite-size ground plane, including return loss and omni-directional coverage.     

ITPMAP: An Improved Three-Pass Mutual Authentication Protocol for Secure RFID Systems

Radio frequency identification (RFID) is a wireless technology used in various applications to minimize the complexity of everyday life. However, it opens a large number of security and privacy issues that require to be addressed before its successful deployment. Many RFID authentication protocols are proposed in recent years to address security and privacy issues, and most of them are based on lightweight cryptographic techniques such as pseudo-random number generators (PRNGs), or bitwise logical operations. However, the existing RFID authentication protocols suffer from security weaknesses, and cannot solve most of the security and privacy problems. A new solution is necessary to address security and privacy issues. In this paper, an improved three-pass mutual authentication protocol (ITPMAP) for low-cost RFID tags is proposed to offer an adequate security level for RFID systems. The proposed ITPMAP protocol uses one PRNG on the tag side and heavy-weighted cryptographic techniques (i.e., digital signature and password-based encryption schemes) on the back-end server side instead of lightweight cryptographic techniques to address the security and privacy issues. The ITPMAP protocol is secure against various attacks such as cloning, spoofing, replay, and desynchronization attacks. Furthermore, as a proof of concept, the ITPMAP protocol is adopted to propose the design of three real-life RFID systems; namely: Signing and Verification of Graduation Certificate System, issuing and verification of e-ticketing system, and charging and discharging of prepaid card system. The Unified Modeling Language is used to demonstrate the design of the proposed ITPMAP protocol and systems. Java language is used for the implementation of the proposed systems. In addition, the “Mifare Classic” tags and readers are used as RFID apparatuses for the proposed systems.     

嵌入式AES加密存储器的硬件实现

本设计主要介绍一种基于FPGA的AES硬件加密系统,实现电子数据的加密及存储。文中详细说明了AES加密算法的FPGA架构,AES核心算法的接口时序设计,AES加密存储器的硬件设计以及算法验证。硬件加密较之软件加密有实时性高、数据量大以及性能好的特点。FPGA开发周期短的特点与AES灵敏性好、实现效率高、安全性能高的优势相辅相成,为需要保密的电子数据提供更加可靠的保证。