Post on 02-Jun-2015
description
CBC Mode and Initial Vector for the AES algorithm in WIMAX Protocol Stack
CBC Mode and Initial Vector for the AES algorithm in WIMAX Protocol Stack
JAN 2, 2012
AJALA.AJ
ec2reach@gmail.com
AJAL.A.J ASST PROF – METS SCHOOL OF ENGG , MALA; KERALA MOB: 0- 8907305642
OBJECTIVE
TO IMPLEMENT THE NETWORK LEVEL SECURITY IN IEEE-802.16e STANDARDS USING Advanced Encryption Standards [AES]
WIMAX
MOBILE WIMAXFIXED WIMAX
AJAL.A.J ASST PROF – METS SCHOOL OF ENGG , MALA; KERALA MOB: 0- 8907305642
MOTIVATION ( SECURITY ISSUES )
CONFIDENTALITY
MESSAGE INTEGRITY
AUTHENTICATION
NON- REPUDATION
AJAL.A.J ASST PROF – METS SCHOOL OF ENGG , MALA; KERALA MOB: 0- 8907305642
Review of the Block Cipher
Pseudo-random number
generator
Plaintext data byte p
“key stream” byte b
Ciphertext data byte c = p b
AJAL.A.J ASST PROF – METS SCHOOL OF ENGG , MALA; KERALA MOB: 0- 8907305642
Encryption Algorithms
Unclassified use Suite B
Through2010
After2010
Secret Top Secret
AES
128
192
256
TDES
2key TDES
3key TDES
AJAL.A.J ASST PROF – METS SCHOOL OF ENGG , MALA; KERALA MOB: 0- 8907305642
66
WiMAX Protocol Stack● Provides secure
communication Data encrypted with cipher
clock chaining mode of DES
● Prevents theft of service SSs authenticated by BS using
key management protocol
Authentication
7
Data Key Exchange
8
Data Encryption
9
WIMAX –
FEATURES
OFDM
Sub Channelization
Directional Antennas
Adaptive Modulation
System Architecture 2008
OFDMAOFDMA
System Architecture 2008 11
BS
User A
User B
User C
Spectrum
Frequency
User A
User B
User C
Frequency
TimeUser A
User B
User C
04/12/23
WiMAX Security Architecture
13
System Architecture
13
14
Subsystem design (Data Privacy Subsystem)
14
Security Suite Specification
It is based on 3 security mechanisms:
CBC-MAC mode, to provide for data authentication only
AES-CTR mode, to provide data confidentiality only
AES-CCM mode, to provide both data confidentiality and data authenticity.
AJAL.A.J ASST PROF – METS SCHOOL OF ENGG , MALA; KERALA MOB: 0- 8907305642
CBC Mode
P1
IV
EK
C1
P2
EK
C2
C1
DK
P1
IV
C2
DK
P2
Pn
EK
Cn
Cn
DK
Pn
EN
CR
YP
TD
EC
RY
PT
AJAL.A.J ASST PROF – METS SCHOOL OF ENGG , MALA; KERALA MOB: 0- 8907305642
Counter Mode(a stream cipher mode)
EN
CR
YP
TD
EC
RY
PT
C1
EK
CTR11
P1
P2
EK
C2
CTR2
C2
EK
P2
CTR2
Pn
EK
Cn
Cn
EK
Pn
CTRn
CTRn
• • •
• • •
P1
EK
C1
CTR1
Keystream
AJAL.A.J ASST PROF – METS SCHOOL OF ENGG , MALA; KERALA MOB: 0- 8907305642
CCM Mode Overview
Designed for IEEE 802.11 wireless LANs
Use CBC-MAC to compute a MIC (Message Integrity Code) on the plaintext header, length of the header, and the payload
Use CTR mode to encrypt the payload— Counter values 1, 2, 3, …
Use CTR mode to encrypt the MIC — anywhere else we’d call it a MAC rather than a MIC
— Counter value 0
Header Payload MIC
Authenticated
Encrypted
AJAL.A.J ASST PROF – METS SCHOOL OF ENGG , MALA; KERALA MOB: 0- 8907305642
System Architecture 2008
BI-SOVA BLOCK DIAGRAM
System Architecture 2008
TRACE BACK SYSTOLIC ARRAY OF BI-SOVA – SIMULATION RESULTS
System Architecture 2008
SYSTOLIC ARRAYTimeunit
11
10
1000
0000
0100
1011
0000
1101
1101
0000
0000
00xx
01 10
1000
0000
0100
1011
0000
1101
1101
0000
0000
00xx
11
1110
9
0000
0100
1011
0000
1101
1101
0000
0000
00xx
SELE-CTIONUNIT
1SELE-CTIONUNIT
00XX
20
1111
0000
0000
1011
0001
1000
1101
0001
0100
1110
1000
0000
0100
1011
0000
1101
1101
0000
01 10 01 00 10 11 00 01 01 00 0
0000
.
.
19
11 00 10 01 01 10 00 10 10 00
0000
0000
1011
0001
1000
1101
0001
0100
1110
1000
0000
0100
1011
0000
1101
1101
0000
0000
00XX
SELE-CTIONUNIT
SELE-CTIONUNIT
SELE-CTIONUNIT
SELE-CTIONUNIT
.
.
A register containing Decision Vector
A register containing Smallest Path Metric
System Architecture 2008
System Architecture 2008
BI-SOVA SIMULATION RESULTS
AJAL.A.J ASST PROF – METS SCHOOL OF ENGG , MALA; KERALA MOB: 0- 8907305642
System Architecture 2008
System Architecture 2008
System Architecture 2008
TRANCEIVER OF MIMO OFDM
System Architecture 2008
SUMMARY
Advanced Encryption standard comes under suite B achieves top level secret using CCM mode
Decoder part has been completely implemented sucessfully
FFT module has been analyzed to suite IEEE802.16e standards
AJAL.A.J ASST PROF – METS SCHOOL OF ENGG , MALA; KERALA MOB: 0- 8907305642
System Architecture 2008
REFERENCES[1] C. Thmas, M. A. Bickerstaff, L. M. Davis, T. Prokop, B. Widdup,
G. Zhou, D. Garrett, C. Nicol, “Integrated circuits for channel coding in 3G cellular mobile wireless systems,” IEEE Commun. Mag., vol. 41, no. 8, pp. 150-159, Aug. 2003.
[2] C.-S. Lee, T. Keller, and L. Hanzo, “OFDM-based turbo-coded hierarchical and non-hierarchical terrestrial mobile digital video broadcasting,” IEEE Trans. on Broadcasting, vol. 46, no. 1, pp. 1-
22, Mar. 2000.
[3] C.-H. Wang, W.-T. Wang, and C.-C. Chao, “A unified structure of trellis-based soft-output decoding algorithms for turbo codes,” IEEE Trans. on Commun., vol. 52, no. 8, pp. 1355-1366, Aug. 2004.
[4] L. Papke and P. Robertson, “Improved decoding with the SOVA in a parallel concatenated (turbo-code) scheme,” in Proc. ICC96, pp. 102-106.
AJAL.A.J ASST PROF – METS SCHOOL OF ENGG , MALA; KERALA MOB: 0- 8907305642
Feedback?
AJAL.A.J ASST PROF – METS SCHOOL OF ENGG , MALA; KERALA MOB: 0- 8907305642