Ganapathy Subramanian Sundaram

Downlink scheduling in CDMA data networks

Packet data is expected to dominate third generation wireless networks, unlike current generation voice networks. This opens up new and interesting problems. Physical and link layer issues have been studied extensively, while resource allocation and scheduling issues have not been addressed satisfactorily. In this work, we address resource management on the downlink of CDMA packet data networks. Network performance (for example, capacity) has been addressed, but user centric performance has not received much attention. Recently, various non-traditional scheduling schemes based on new metrics have been proposed, and target user performance (mostly without reference to wireless). We adapt these metrics to the CDMA context, and establish some new results for the offline scheduling problem. In addition, we modify a large class of online algorithms to work in our setup and conduct a wide range of experiments. Based on detailed simulations, we infer that:Algorithms which exploit “request sizes” seem to outperform those that do not. Among these, algorithms that also exploit channel conditions provide significantly higher network throughput. Depending on continuous or discretized bandwidth conditions, either pure time multiplexing or a combination of time and code multiplexing strikes an excellent balance between user satisfaction and network performance. Discrete bandwidth conditions can lead to degraded user level performance without much impact on network performance. We argue that the discretization needs to be fine tuned to address this shortcoming.

Efficient constructions of variable-input-length block ciphers

Existing block ciphers operate on a fixed-input-length (FIL) block size (e.g., 64-bits for DES). Often, one needs a variable-input-length (VIL) primitive that can operate on a different size input; it is, however, undesirable to construct this primitive from “scratch.” This paper contains two constructions that start with a fixed-input-length block cipher and show how to securely convert it to a variable-input-length block cipher without making any additional cryptographic assumptions. Both constructions model the FIL block cipher as a pseudorandom permutation (PRP) – that is, indistinguishable from a random permutation against adaptive chosen plaintext attack. The first construction converts it to a VIL PRP and is an efficiency improvement over the scheme of Bellare and Rogaway [4]. The second construction converts it to a VIL super pseudorandom permutation (SPRP) – that is, the resulting VIL block cipher is indistinguishable from a random permutation against adaptive chosen plaintext and ciphertext attack.

Towards Making Luby-Rackoff Ciphers Optimal and Practical

We provide new constructions for Luby-Rackoff block ciphers which are efficient in terms of computations and key material used. Next, we show that we can make some security guarantees for Luby-Rackoff block ciphers under much weaker and more practical assumptions about the underlying function; namely, that the underlying function is a secure Message Authentication Code. Finally, we provide a SHA-1 based example block cipher called Sha-zam.

Wireless network security architecture

Cellular bandits have exploited security limitations of analog technology from its infancy. First-generation analog system security has been primarily left up to system manufacturers and service providers. With the advent of digital technology (second generation [2G]), the standards organizations aggressively developed techniques and cryptographic methods to protect the service provider from fraudulent use of network resources and to provide user privacy. Third-generation (3G) digital wireless systems offer significant improvement of security techniques that address all known 2G deficiencies and allow strong service protection for many years to come. This paper discusses in detail the wireless security architecture evolution (voice and data) with special emphasis on the latest standards developed for 3G wireless systems, including 2G/3G interoperability issues. Both the Universal Mobile Telecommunications System (developed by the 3rd Generation Partnership Project [3GPP]) and CDMA2000∗ (developed by the 3rd Generation Partnership Project 2 [3GPP2]) architectures are addressed.

Luby-Rackoff Ciphers: Why XOR Is Not So Exclusive

This work initiates a study of Luby-Rackoff ciphers when the bitwise exclusive-or (XOR) operation in the underlying Feistel network is replaced by a binary operation in an arbitrary finite group. We obtain various interesting results in this context: - First, we analyze the security of three-round Feistel ladders over arbitrary groups. We examine various Luby-Rackoff ciphers known to be insecure when XOR is used. In some cases, we can break these ciphers over arbitrary Abelian groups and in other cases, however, the security remains an open problem. - Next, we construct a four round Luby-Rackoff cipher, operating over finite groups of characteristic greater than 2, that is not only completely secure against adaptive chosen plaintext and ciphertext attacks, but has better time / space complexity and uses fewer random bits than all previously considered Luby-Rackoff ciphers of equivalent security in the literature. Surprisingly, when the group is of characteristic 2 (i.e., the underlying operation on strings is bitwise exclusive-or), the cipher can be completely broken in a constant number of queries. Notably, for the former set of results dealing with three rounds (where we report no difference) we need new techniques. However for the latter set of results dealing with four rounds (where we prove a new theorem) we rely on a generalization of known techniques albeit requires a new type of hash function family, called a monosymmetric hash function family, which we introduce in this work. We also discuss the existence (and construction) of this function family over various groups, and argue the necessity of this family in our construction. Moreover, these functions can be very easily and efficiently implemented on most current microprocessors thereby rendering the four round construction very practical.

Group authentication: A new paradigm for emerging applications

Traditional secure registration protocols rely on client-server authentication procedures. This concept has been extended to support single client registration to multiple servers, using “single sign-on” protocols. In this paper, we design a framework to solve the “reverse single sign-on” problem: How can multiple clients securely register with the same server/network in a single registration procedure? The main advantage of our framework is that it allows multiple clients to register with an infrastructure, such as a cellular network, as a “group,” yet generate individual session keys as well as a group session key. With this, the process of authenticating a large number of clients is greatly simplified, thereby dramatically reducing overheads. With a view towards simplifying the exposition, we describe how our framework can be applied for performing group authentication of devices in the machine-to-machine context. While this is an immediate area of application, we outline other extensions of the framework in the application layer including webcasting in a social networking environment.

Detecting and preventing machine-to-machine hijacking attacks in cellular networks

Machine-to-machine (M2M) communications are increasingly popular over cellular networks, due to their unlimited potential and the low cost of deployment. As a result, M2M infrastructures are attractive targets to attackers. For instance, hackers may use a water meter to browse the web over a mobile network. Given the expected tremendous growth of the M2M market within the next few years, such attacks can have a devastating impact on the economics of mobile broadband. However, prior studies in the area of fraud have not considered the inherent properties of cellular M2M deployments. In this paper, we demonstrate how hijacking attacks apply to contemporary networks, and provide a solution for mitigating them. In particular, we propose a novel framework for detecting and preventing M2M device hijacking. Our solution is novel in two main ways: 1) It is network centric, and 2) it completely avoids the use of overhead-intensive cryptographic functions.

Secure enablement of real time applications: A novel end-to-end approach

The Internet has evolved into a multi-service Internet Protocol (IP) network with support for various types of traffic, including multimedia. Given the relatively open nature of IP networks, securely enabling multimedia services is increasingly important. While protocols such as Secure Real Time Protocol (SRTP) provide container formats for various applications, the supporting security solutions lack end-to-end secure key management. In this paper, we propose a novel secure key management framework targeted for real time applications in multi-operator environments. In particular, by leveraging an Identity-Based Authenticated Key Exchange (IBAKE) protocol, we develop secure key management solutions to support two-party communications, conferencing applications, call forking, call redirect, and deferred delivery. Our framework eliminates the need for costly public key infrastructure (PKI) or other online solutions, overcomes the problem of key escrow while providing perfect forward and backwards secrecy, and works across applications and media types. Overall, our solution opens-up new lines of research and business opportunities in secure application enablement.