Ion Tutanescu

Secure TCP/IP communications over DVB-S/DVB-RCS using chaotic sequences

The DVB-S (Digital Video Broadcasting - Satellite) was originally developed as a TV broadcasting protocol. Later on two encapsulation protocols were developed in order to allow network level TCP/IP encapsulation: Multi Protocol Encapsulation — MPE and Unidirectional Lightweight Encapsulation — ULE. This provided a high quality internet access via satellite, which can be multiplexed even with radio and TV transmissions. In this paper, we propose a security system for the ULE based on chaotic sequences for the key management and data encryption. The key management system is based on a multilayer key model. The proposed system provides security services responding to the security requirements of IP over satellite DVB. To quantify the efficiency of the proposed system, we have done a comparative study (theoretically and by simulation) of the data overhead for different transport protocols and different sets of security parameters. Obtained results confirm the efficiency of the proposed system.

On the security of a new image encryption scheme based on a chaotic function

This paper analyses the security of a recently proposed image encryption algorithm and shows a series of weaknesses that make it unusable in applications requiring medium or high levels of security. We show that the algorithm has some minor flaws, such as impractical decryption or impossibility to encrypt black images as well as a major flow, linearity, which makes it vulnerable to cryptanalysis. We present a chosen cipher text attack and show that, after the cryptanalysis, an attacker can successfully decrypt any cipher image, without knowledge of the secret key.

Detecting errors in digital communications with CRC codes implemented with FPGA

Generally speaking, cyclic redundancy checks (CRCs) are used to detect errors from noise in digital data transmission. The technique is also sometimes applied to data storage devices, such as a disk drive. They also have been turned to verify the integrity of files in a system in order to prevent tampering and suggested as a possible algorithm for manipulation detection codes. It has been known that a CRC will not detect all errors but with random noise it is unlikely. In this paper, we present an efficient algorithm for parallel computation of the CRC in data transmission.

Error detection and correction using LDPC in parallel Hopfield networks

Low Density Parity Check (LDPC) coding is a classical method for the detection and correction of errors. Its problem is the relatively complex operations which must be performed at encoding, and especially at decoding, to detect and correct errors caused by communication channels. We present a solution for the errors correction using regular LDPC and Hopfield network-based associative memories. Our solution solves this problem by using an associative memory based on the Hopfield network on the decoding stage, which stores the correct code words. This memory tends to transform the code words received with errors in errors free code words. We improved the ability of the associative memory by storing the code words in a specific format (pairs with their inverses, the constant number of “1” bits). These conditions are met by using LDPC coding. To be viable in communications, which require real-time correction, our proposed solution has used Hopfield networks operating in parallel, fully integrated into the Field Programmable Gates Array (FPGA) circuit.

Chaos Based Secure IP Communications over Satellite DVB

The Digital Video Broadcasting—Satellite (DVB‐S) standard was originally conceived for TV and radio broadcasting. Later, it became possible to send IP packets using encapsulation methods such as Multi Protocol Encapsulation, MPE, or Unidirectional Lightweight Encapsulation, ULE. This paper proposes a chaos based security system for IP communications over DVB‐S with ULE encapsulation.The proposed security system satisfies all the security requirements while respecting the characteristics of satellite links, such as the importance of efficient bandwidth utilization and high latency time. It uses chaotic functions to generate the keys and to encrypt the data. The key management is realized using a multi‐layer architecture.A theoretical analysis of the system and a simulation of FTP and HTTP traffic are presented and discussed to show the cost of the security enhancement and to provide the necessary tools for security parameters setup.

Secure IP multicast over satellite

We notice a very strong “all IP” trend characterizing todays communication technology. There is a powerful IP backbone in place, but, in some cases, the “last mile problem” remains to be solved. One of the solutions for this problem is represented by IP communications over satellite. This paper analyses the compatibility between a recently proposed security enhancement for IP communications over satellite DVB and the multicast communications. We discuss the importance of multicast services and we show that the recently proposed security enhancement has built in multicast support, i.e. only a small upgrade in the receivers is needed to allow multicast communications.

Security of internet-connected computer networks

The security of computer networks connected to the internet is an important, vital and hotly contested real-world issue. Once the computer networks get connected to the internet, the number of attacks, their strength and intensity grow exponentially. All the attacks then exploit breaches in the network security. In this paper some of the passive and active attacks against the computer networks are presented. The anatomy of the attack is presented showing the phases and the techniques for penetrating into the computer networks – with the purpose to stress and highlight the several dangers faced by the network manager and the utmost necessity of setting a proper corporate network security policy in place. The detection of an attack is a difficult task because the detection technology is still in its infancy and has yet to mature, also once the attack is detected, the attacker in most cases still remains unknown. After the detection of the attack, the analyst needs some time to establish the actual nature of the attack.