Stephan Wesemeyer

An Improved Decoding Algorithm for the Davey-MacKay Construction

The Deletion-Insertion Correcting Code construction proposed by Davey and MacKay consists of an inner code that recovers synchronization and an outer code that provides substitution error protection. The inner code uses low-weight codewords which are added (modulo two) to a pilot sequence. The receiver is able to synchronise on the pilot sequence in spite of the changes introduced by the added codeword. The original bit-level formulation of the inner decoder assumes that all bits in the sparse codebook are identically and independently distributed. Not only is this assumption inaccurate, but it also prevents the use of soft a- priori input to the decoder. We propose an alternative symbol-level inner decoding algorithm that takes the actual codebook into account. Simulation results show that the proposed algorithm has an improved performance with only a small penalty in complexity, and it allows other improvements using inner codes with larger minimum distance.

Formal security analysis of NFC M-coupon protocols using Casper/FDR

Near field communication (NFC) is a standard-based, radio frequency (RF), wireless communication technology that allows data to be exchanged between devices that are less than 10 cm apart. NFC security protocols require formal security analysis before massive adoptions, in order to check whether these protocols meet its requirements and goals. In this paper we formally analyse NFC-based mobile coupon protocols using formal methods (Casper/FDR). We find an attack against the advanced protocol, and then we provide a solution that addresses the vulnerability formally.

Time-varying block codes for synchronisation errors: maximum a posteriori decoder and practical issues

In this study, the authors consider time-varying block (TVB) codes, which generalise a number of previous synchronisation error-correcting codes. They also consider various practical issues related to maximum a posteriori (MAP) decoding of these codes. Specifically, they give an expression for the expected distribution of drift between transmitter and receiver because of synchronisation errors. They determine an appropriate choice for state space limits based on the drift probability distribution. In turn, they obtain an expression for the decoder complexity under given channel conditions in terms of the state space limits used. For a given state space, they also give a number of optimisations that reduce the algorithm complexity with no further loss of decoder performance. They also show how the MAP decoder can be used in the absence of known frame boundaries, and demonstrate that an appropriate choice of decoder parameters allows the decoder to approach the performance when frame boundaries are known, at the expense of some increase in complexity. Finally, they express some existing constructions as TVB codes, comparing performance with published results and showing that improved performance is possible by taking advantage of the flexibility of TVB codes.

SimCommSys: taking the errors out of error-correcting code simulations

In this paper we present SimCommSys, a Simulator of Communication Systems that we are releasing under an open source license. The core of the project is a set of C++ libraries defining communication system components and a distributed Monte Carlo simulator. Of principal interest is the error-control coding component, where various kinds of binary and non-binary codes are implemented, including turbo, LDPC, repeat-accumulate, and Reed-Solomon. The project also contains a number of ready-to-build binaries implementing various stages of the communication system (such as the encoder and decoder), a complete simulator, and a system benchmark. Finally, SimCommSys also provides a number of shell and python scripts to encapsulate routine use cases. As long as the required components are already available in SimCommSys, the user may simulate complete communication systems of their own design without any additional programming. The strict separation of development (needed only to implement new components) and use (to simulate specific constructions) encourages reproducibility of experimental work and reduces the likelihood of error. Following an overview of the framework, we provide some examples of how to use the framework, including the implementation of a simple codec, the specification of communication systems and their simulation.

Formal Analysis of V2X Revocation Protocols

Research on vehicular networking (V2X) security has produced a range of securitymechanisms and protocols tailored for this domain, addressing both security and privacy. Typically, the security analysis of these proposals has largely been informal. However, formal analysis can be used to expose flaws and ultimately provide a higher level of assurance in the protocols. This paper focusses on the formal analysis of a particular element of security mechanisms for V2X found in many proposals, that is the revocation of malicious or misbehaving vehicles from the V2X system by invalidating their credentials. This revocation needs to be performed in an unlinkable way for vehicle privacy even in the context of vehicles regularly changing their pseudonyms. The Rewire scheme by Forster et al. and its subschemes Plain and R-token aim to solve this challenge by means of cryptographic solutions and trusted hardware. Formal analysis using the Tamarin prover identifies two flaws: one previously reported in the lierature concerned with functional correctness of the protocol, and one previously unknown flaw concerning an authentication property of the R-token scheme. In response to these flaws we propose Obscure Token (O-token), an extension of Rewire to enable revocation in a privacy preserving manner. Our approach addresses the functional and authentication properties by introducing an additional key-pair, which offers a stronger and verifiable guarantee of successful revocation of vehicles without resolving the long-term identity. Moreover O-token is the first V2X revocation protocol to be co-designed with a formal model.

Anonymous Single-Sign-On for n Designated Services with Traceability.

Anonymous Single-Sign-On authentication schemes have been proposed to allow users to access a service protected by a verifier without revealing their identity which has become more important due to the introduction of strong privacy regulations. In this paper we describe a new approach whereby anonymous authentication to different verifiers is achieved via authorisation tags and pseudonyms. The particular innovation of our scheme is authentication can only occur between a user and its designated verifier for a service, and the verification cannot be performed by any other verifier. The benefit of this authentication approach is that it prevents information leakage of a users service access information, even if the verifiers for these services collude which each other. Our scheme also supports a trusted third party who is authorised to de-anonymise the user and reveal her whole services access information if required. Furthermore, our scheme is lightweight because it does not rely on attribute or policy-based signature schemes to enable access to multiple services. The schemes security model is given together with a security proof, an implementation and a performance evaluation.

Cloning localization approach using k-means clustering and support vector machine

Abstract. Passive forensics is increasing in significance due to the availability of various software tools that can be used to alter original content without visible traces and the increasing public awareness of such tampering. Many passive image tamper detection techniques have been proposed in the literature, some of which use feature extraction methods for tamper detection and localization. This work proposes a flexible methodology for detecting cloning in images based on the use of feature detectors. We determine whether a particular match is the result of a cloning event by clustering the matches using k-means clustering and using a support vector machine to classify the clusters. This descriptor–agnostic approach allows us to combine the results of multiple feature descriptors, increasing the potential number of keypoints in the cloned region. Results using maximally stable extremal regions’ features, speeded up robust features, and scale-invariant feature transform show a very significant improvement over the state of the art, particularly when different descriptors are combined. A statistical filtering step is also proposed, increasing the homogeneity of the clusters and thereby improving the results. Finally, our methodology uses an adaptive technique for independently selecting the optimal k value for each image, allowing our method to work well when there are multiple cloned regions. We also show that our methodology works well when the training and testing datasets are mismatched.

Cloning Localization Based on Feature Extraction and K-means Clustering

The field of image forensics is expanding rapidly. Many passive image tamper detection techniques have been presented. Some of these techniques use feature extraction methods for tamper detection and localization. This work is based on extracting Maximally Stable Extremal Regions (MSER) features for cloning detection, followed by k-means clustering for cloning localization. Then for comparison purposes, we implement the same approach using Speeded Up Robust Features (SURF) and Scale-Invariant Feature Transform (SIFT). Experimental results show that we can detect and localize cloning in tampered images with an accuracy reaching 97 % using MSER features. The usability and efficacy of our approach is verified by comparing with recent state-of-the-art approaches.

Some soft-decision decoding algorithms for Reed-Solomon codes

In this paper we introduce three soft-decision decoding algorithms for Reed-Solomon (RS) codes. We compare them in terms of performance over both the AWGN and Rayleigh Fading Channels and in terms of complexity with a special emphasis on RS codes over IF16. The algorithms discussed are variants of well known algorithms for binary codes adapted to the multilevel nature of RS codes. All involve a re-ordering of the received symbols according to some reliability measure. The choice of reliability measure for our simulations is based on a comparison of three in terms of how they affect the codes’ performances.