Natasa Zivic

Error Correcting and Weighted Noise Tolerant Message Authentication Codes

Message Authentication Codes (MACs) are very sensitive to any modification in the message. The verification fails even if there is a slight change in the message. However, special algorithms have been introduced that tolerate a small amount of noise in messages as required by some applications. Noise Tolerant Message Authentication Code (NTMAC) is an example of noise tolerant authenticator algorithm. NTMAC is block oriented and unlike MAC it localizes errors at the block level. Nevertheless, there is no efficient way for correcting erroneous blocks by NTMAC. This paper presents a novel algorithm as an enhancement of NTMAC, called the Error Correcting - NTMAC (EC-NTMAC) and a variant of EC-NTMAC, called the Error Correcting - Weighted NTMAC (EC-WNTMAC). EC-NTMAC introduces error correction of erroneous blocks and EC-WNTMAC extends EC-NTMAC to the correction of blocks based on their importance level or the so called weight. The later approach makes the EC-NTMAC more suitable for some applications like image and multimedia communications where few errors are acceptable. Simulation results, showing capabilities of both of the proposed algorithms as well as the performance and security considerations are given in the paper.

Secure and Robust Two-Phase Image Authentication

A novel two-phase robust content-based image authentication scheme is introduced. The proposed scheme is constructed based on a combination of hard and soft authentication using two existing generic approximate message authentication codes (AMACs). The AMACs combine error- correcting codes with cryptographic primitives such as message authentication codes and symmetric encryption algorithms. The message authentication codes are used for hard authentication, whereas the error-correcting codes introduce a certain degree of robustness in authentication. This is achieved by correcting minor unintentional modifications as a result of common image processing operations such as quantization , compression , and noise addition. The two-phase image authentication scheme verifies the authenticity of an image in two phases. The low frequency elements of the image in a transform domain are subjected to the first phase while some higher frequency elements are left to the second phase if the first phase succeeds. The proposed scheme tolerates common content- preserving modifications in an image but can discriminate intentional modifications affecting the image content. Mathematical bounds for the accuracy and the security level of the proposed approach are estimated and the performance is compared with some other well-known schemes in the literature. The results demonstrate that the proposed scheme shows high discriminating capability and can detect different types of meaningful forgery attacks on images while preserving the robustness. It also outperforms the benchmark image authentication schemes in terms of tradeoff between robustness and fragility.

Noise tolerant image authentication with error localization and correction

Images transmitted over insecure communication channels are protected using a message authentication code (MAC) for authenticity and integrity. Conventional MAC algorithms are in particular not suitable for image authentication over a noisy channel. Even a single bit error will render the image unauthentic and therefore being rejected. Retransmissions might not be possible over a uni-directional channel or in case of real-time transmissions where accepting a part of image might be better than having no image at all. In this paper, algorithms for image authentication, error localization in the image and their correction are proposed. Once the errors in the image are localized to a smaller area, it is shown how the errors can be corrected and if there are still some minor errors left, the soft authentication algorithm will help in partial image acceptance. Simulation results show how the algorithm reacts to bit and block errors and how the error correction and soft authentication has little or no visual impact on the resultant image quality.

On Joint Cryptographic Verification and Channel Decoding via the Maximum Likelihood Criterion

The scenario is considered where a message, together with its message authentication code (MAC), is transmitted over a noisy channel. It is assumed that a forward error correcting channel code is used to reduce the error rate, but no repeat mechanism (ARQ) is used to correct the remaining errors. In such systems, uncorrected errors usually cause rejection of messages with an incorrect MAC. This paper introduces a technique for joint verification and decoding of the received message, based on targeting the maximum likelihood (message, MAC) pair. This allows the acceptance of corrected messages and their MACs, even if a few bits of the MAC are incorrect. This is comparable to the situation where handwritten signatures are accepted provided they are not too different from a reference. The algorithm also outputs a reliability measure on the verified message in the form of a log-likelihood ratio (LLR). A simulation-based comparison shows that the proposed scheme gives a large improvement of the acceptance rate of MACs, with respect to an equally secure conventional system.

Security analysis of the joint encryption and compressed sensing

This paper addresses the perfect secrecy analysis of the scenario for encryption via compressed sensing. In this system the measurement matrix is generated based on a secret seed and is considered as a shared secret key between sender and receiver. The knowledge of signal sparsity and shared secret key enables receiver to recover the original submitted signal. It was shown that the Shannon-sense perfect secrecy is not achievable in general in such an algorithm. Although, in this paper it is proven that a weaker sense perfect secrecy may be achieved under some assumptions. The mutual information between source and encrypted message sets is estimated to analyze the perfect secrecy problem in general for unknown statistical distribution over source message set. The numerical evidence is given to support theoretical results.

Soft correction and verification of the messages protected by cryptographic check values

The enhanced version of Soft Input Decrypion (SID) method for the correction of the messages secured by their cryptographic check values (digital signatures and/or MACs and H-MACs) are presented. The soft output values of SISO convolutional decoder (so called |L|-values) which are driven to the input of decryptor are now used in a more efficient way. By introducing the decision threshold, the process of message verification in decryptor becomes less strict, giving in that way extra benefits in processing speed and the method efficiency. The aspect of “false verification” of the message is also considered with regard to the value of the threshold. The results of simulations are presented as well, showing a significant improvement of the new method.

AACI: The mechanism for approximate authentication and correction of images

Modification of images usually originates from channel noise, image processing operations or adversarys efforts. Image authentication mechanisms protect the authenticity of images by differentiating between the effects of malicious and acceptable alterations in the original image. This paper introduces a mechanism for approximate authentication and correction of images (AACI). The proposed scheme is constructed based on two approximate message authentication code (AMAC) frameworks which use standard cryptographic primitives and error-correcting codes as their building blocks. The AACI tolerates acceptable modifications which are not effective in the image recovery process. The malicious modifications can be detected and the damaged parts can be restored by an AACI mechanism up to a certain limit. In this work, the specification of the AACI mechanism is given, proposed settings, performance and security analysis of the AACI are discussed and simulation results are presented.

Implementation of a HMIPv6 extension in the INET and xMIPv6 simulation framework with dynamic MAP discovery for OMNeT 4.x

In order to perform a simulative evaluation of the Hierarchical Mobile IPv6 protocol (HMIPv6) OMNeT++ simulation environment was used. OMNeT++ simulation package - INET framework and xMIPv6 was enhanced with an extension for HMIPv6, which includes Neighbor Discovery protocol, IPv6 router and the implementation of a Mobility Anchor Point (MAP). The simulation model was implemented as defined in RFC 5380 Hierarchical Mobile IPv6 - HMIPv6 Mobility Management. Enhancements are recognized in terms of an upgraded Router advertisement (RA) packet with option data about the MAP. We used dynamic MAP discovery, based on MAP option propagation in Router Advertisements from the MAP to the Mobile Node through certain (configured) router interfaces, within the routers in a network.

Security issues in smart metering systems

Intelligent buildings are not imaginable anymore without smart metering devices. Smart metering systems are used not only for the provisioning of instantaneous metering information on commodities, such as electricity, water and gas, to the service providers but also to make this information available to customers. This helps the customers in dynamically adapting their energy consumption behavior. The smart metering devices also help in balancing the power generation and distribution in a smart grid by tailoring the power generation according to the demand. However, the liberalization of the metering market requires few strong security and privacy requirements for the metering data. Smart metering raises many security and privacy concerns. There are worries that the personal information of consumers could be disclosed. There are also concerns about frauds exploiting security vulnerabilities in smart metering systems on a large scale, e.g., making smart meters provide false metering data to the service providers. From a macro perspective, the smart grids, including the smart metering systems and devices can be attacked to bring down the whole grid or at least some parts of the grid, which is a concern of national security. This paper focuses on the security and privacy aspects of the smart metering systems. Potential attackers, security threats and attacks on smart metering systems are listed and the security approaches to address the security issues are presented. A security by design approach for secure smart metering is discussed in the paper. The major results of a security by design approach for smart metering systems developed in the project, entitled “Trusted Computing Engineering for Resource Constraint Embedded Systems Applications”, funded by the European commission, are summarized in the end.

Iterative enhanced packet combining over hybrid-ARQ

Many widely used wireless networking protocols, such as WiMAX, UMTS and 3GPP Long Term Evolution use Hybrid ARQ for error control. H-ARQ improves the bit error rate performance and reduces the number of retransmissions. If the packet is in error even after forward error correction, then a retransmission request is made by the receiver. In order to reduce the retransmissions, different methods to combine the retransmitted erroneous packet(s) with the previous copies have been proposed earlier. In this paper, an enhanced packet combining method is presented that corrects both the even and odd errors in an erroneous packet by combining the current erroneous copy with the previous one and thereafter performing iterative decoding. The combining method uses both soft and hard information for better performance. A performance comparison is given with certain existing packet combining methods. The proposed method not only reduces the number of retransmissions, but also detects all the errors, with a high probability as given, if the number of errors remains within a certain threshold. The probability of the success of packet recovery for the proposed method is presented. Finally, simulation results for bit error rate, packet acceptance rate and retransmission rates for different packet sizes are presented for comparison.