Joint Channel Coding and Cryptography for SMS

1

> REPLACE THIS LINE WITH YOUR PAPER IDENTIFICATION NUMBER (DOUBLE-CLICK HERE TO EDIT) <



Joint Channel Coding and Cryptography for SMS

Ashok Kumar Nanda, Lalit Kumar Awasthi

Abstract—SMS has a variety of advantages and disadvantages for M-Commercepurpose. The advantages are easy to use, common messaging tool among consumers, works across all wireless operators, affordable for mobile users, no specific software required for installation, allows banks and financial institutions to provide real-time information to consumers & employees, stored messages can be accessed without a network connection. Most important disadvantage of SMS so it does not offer a secure environment for confidential data during transmission and there is no standard procedure to certify the SMS sender. There is a need for an end to end SMS Encryption with errorless message transmission in order to provide a secure with error free data transmission for communication. These two factors are important for SMS. Till now there is no such scheme that provides complete solutions. The transmission of an SMS in GSM network is not secure at all. Therefore it is desirable to fully secure with errorless SMS for business purposes. Both these two issues are researched and dealt separately with sufficient literature available. However these solutions were dealt separately till now. In this paper, we have analyzed about Joint Channel Coding and Cryptography (JCCC), Soft Input Decryption (SID). We theoretically proposed a novel scheme XTR – NR Signature algorithm in this paper. We are expecting that it will improve the current security level, fastest speed and provide reliable message recovery at receiver end with respect to key generation, encryption decryption, signing and verification and small key size for SMS application in any kind of mobile device.

Index Terms—Joint Channel Coding and Cryptography (JCCC), SMS, Soft Input Decryption (SID), XTR – NR Signature

I.INTRODUCTION

W

ireless networks offers mobility and easy if use to many applications. Most popular applications are cellular telephony, Short message Service (SMS), multimedia messaging service (MMS), web browsing and Internet access, file transfer, sensing streaming audio & video and video conferencing. Scope, coverage and deployment infrastructure of the wireless communication vary depending on the desired application. Wireless communication is more prone transmission errors. The tolerable data error rate depends upon the application. For more transmission error is allowed in voice communication as compared to file transfer application. Similarly SMS is also a kind of file transmission. Here data transmission error should be absolutely negligible. In wireless environment, the transmission errors are due to its broadcast nature. Presently many business organizations are using SMS as an application in business. Cryptography is a time tested technique to provide security. A new concept has been proposed as called as Joint Channel Coding and Cryptography (JCCC) to provide both security & error control. It combines the cryptographic methods for data security with the techniques for error correction.

Nataša ŽIVIĆ has stated interesting property of the cryptographic algorithms in [1] that a good cryptographic algorithm should be such that a one bit error in the input to the encryption should result in about 50% of the decrypted bits to be wrong. Thus, if we make use of such algorithm for verification of data at the receiver and there was an error of at least one bit introduced during the transmission, then the verification of cryptographic check value should fail. This means, that all bits of the message and the cryptographic check value have to be correct at the input of encryption for successful verification of data. SID corrects bits at the input of decryptor. If the decoder is not able to reconstruct the original message and cryptographic check value because of a noisy channel or inefficiency of the channel decoding algorithm, it is possible to correct the message with the cryptographic check value using side information of the channel decoder in form of so called L-values. Channel decoding improvement depends on using a message with its cryptographic check value which has been corrected by Soft Input Decryption. It is a combination of Soft Input Soft Output (SISO) convolution channel coding and decrypting. Corrected L-values are used as feedback information to the channel decoder for improving decoding process of bits in error.

Rest of paper is organized as follows. Section II provides an overview of Joint Channel Coding and Cryptography. SectionIII analyses overview of the Soft Input Decryption (SID) scheme and its algorithm.Section IVpresents briefly about XTR - Nyberg Rueppel (XTR – NR) message recovery signature scheme. Section V discusses the anticipated result of application of novel scheme and followed by conclusion.

II.Joint Channel Coding and Cryptography (JCCC) [2]

Soft Input Decryption (with feedback) is used for Joint Channel Coding and Cryptography. The data block is the input of the encryptor. This data block is equally divided two parts -- message ma and message mb (each of length of m). To each message, its digital signature is appended i.e. na and nb, each of length n, using a cryptographic check function (CCF) as shownin Fig 1.

In general, the lengths of message parts ma and mb and the lengths of cryptographic check values na and nb do not have to be the same. The different lengths of ma, mb, naand nb have only minor influence on the bit error rate (BER). Therefore equal lengths of message parts as well as cryptographic check values are used to obtain the simulation results in this work.

Block ‘a’ consists of the message part ma and the appended XTR – NR Signature message na:

Block ‘b’ consists of the message part mb and the appended XTR – NR Signature message nb:

Interleaving of the blocks a and b forms the assembled message u:

u is encoded by a convolutional code, modulated and transferred over the noisy channel.

After demodulation of the received message, Joint Channel Coding and Cryptography is applied in 3 steps (Fig. 2).

The first step consists of the following sub tasks,

1. channel decoding
2. segmentation and de-interleaving of the output u’ of the decoder into block ‘a and blockb’, and
3. parallelSID with feedback of blocks a’and b’.

The second step is the feedback from block a’ corrected by SID to block b’, or vice versa, from block b’ corrected by SID to block a’. L-values of bits of the corrected block (for example, block a’) are set to ±∞, because bits are known and correspondingly their L-values are known. L-values of bits of another – not corrected block (for example, block b’) are set to 0, which represent unknown bits. These L-values are fed back to channel decoder, enabling improved bit error correction of block which has to be corrected.

The third step is additional SID of block, which has been improved corrected by feedback in the second step (for example, block b’).

Fig. 2 shows the joint channel coding and cryptography process for a received message using the serial SID with feedback. BER after each of the process components is recorded as,

•BERcd1 is the BER after the first decoding

•BER1.SID is the BER after the first step

•BERcd2 is the BER after the second step

•BER2.SIDis the BER after the third step

The second and third step dependent on one of the following cases:

•If theresults of SID of block a’ and SID of block b’ are correct, then the decoding succeeds. In this case BER2.SID= 0

•If theresult of SID of block a’ is correct, but block b’ could not be corrected then the following step the corrected block a’ is used for the correction of block b’ by feedback to the second channel decoding, resulting in BERfeedback. Block b´ is tried to be corrected by SID (BER2.SID).

•If theresult of SID of block b’ is correct, but block a’ could not corrected then the second step the corrected block b’ is used for the correction of block a’ by feedback to the second channel decoding, resulting in BERfeedback. In the third step, block a´ is tried to be corrected by SID (BER2.SID).

•If neither the result of SID of block a’ nor the result of SID of block b’ is correct then BER is equal to BER of the convolutional decoder (BER of the inner code).

III.SOFT INPUT DECRYPTION (SID) Algorithm [3]

SIDis a method for the correction of SID blocks which contain cryptographic check values (digitalsignatures, MACs, H-MACs) by using L-values as the output of the SISO channel decoder.Cryptographic check values provide data integrity, data originauthentication and non repudiation. It works in block oriented fashion.The input for SID contains data which are secured bycryptographic check values. The block which has to becorrected by SID after channel decoding is called

Figure 1.Interleaving of blocks a and b into message u [4].

SID block (SID block). It may contain data and cryptographic check values, or just cryptographic check values, depending on the used scenario. The standard verification process without SID is presented in fig. 3.

The algorithm of Soft Input Decryption (fig. 4) is as follows: If the verification of the cryptographic check value is successful, i.e. the output is “true”, thenSID is successfully completed. If the verification is false, then soft output of the channel decoder is analyzed and the bits with the lowest |L|-values are flipped (XOR 1). Then the decryptor performs the verification process and proves the result of the verification again. If the verification is false, then the bits with another combination of the lowest |L|-values are changed. This iterative process will stop when the verification is successfulor the needed resources are consumed.

Figure Algorithm of Joint Channel Coding Cryptography

Figure 2.Algorithm of Joint Channel Coding and Cryptography [4].

L – Values of bits of SID block

No

No

Successfully

Verified data Yes Not Verified data

Figure 3.Verification of SID block without soft Input Decryption [3].

In the case that the attempts for correction fail, the number of modified bits is too large as a result of a very noisy channel, a very long SID block or an attack, so that the resources are not sufficient to find the correct content of a SID block.

Figure 4.Algorithm of the Soft Input Decryption [3].

It may happen that the attempts for the correction of a SID block succeed, but the content of a SID block is not equal to the original one: a collision happened. This case has a negligible probability if the length of the cryptographic check values is chosen under security aspects.

IV.XTR-NYBERG-RUEPPEL (XTR – NR) message recovery SIGNATURE scheme

XTR is an algorithm for public-key encryption. XTR stands for ‘ECSTR’. It stands for Efficient and Compact Subgroup Trace Representation. From a security point of view, XTR is a traditional discrete logarithm system: For its security it relies on the difficulty of solving discrete logarithm related problems in the multiplicative group of a finite field. Some advantages of XTR are its fast key generation (much faster than RSA), small key sizes (much smaller than RSA, comparable with ECC for current security settings), and speed (overall comparable with ECC for current security settings) [5]. In 1996, the Nyberg-Rueppel signature scheme was improved as ElGamal version. In 2000, the XTR-Nyberg-Rueppel version was presented. Then, the XTR – Blind – Nyberg – Rueppel version and the verifiable encryption of XTR-Nyberg-Rueppel version were presented in 2003 and 2007, respectively. It is XTR version of the Nyberg-Rueppel (NR) message recovery signature scheme. XTR can in a similar way be used in other ‘ElGamal-like’ signature schemes.

A.XTR-NR signature generation [6]

It is stated in [6] that to sign a message M containing an agreed upon type of redundancy using the XTR version of the NR protocol, Alice does the following:

Let P, q & Tr(g) be shared XTR public key data.

1. Alice selects a random integer u ∈ [2, q − 3], and n = u and c = Tr(g) in

Sn(c) = (cn-1, cn, cn+1) ∈ GF (P2)3 so

Su(Tr(g)) = (Tr(gu−1), Tr(gu), Tr(gu+1)) ∈ GF(p2)3 where q

isprime number,

1. Alice determines a symmetric encryption key K based on Tr(gu) ∈ GF(p2).
2. Alice uses an agreed upon symmetric encryption method with key K to encrypt M, resulting in the encryption E.
3. Alice computes the (integer valued) hash h of E.
4. Alice computes s = (k·h + u) mod q ∈ {0, 1… q − 1}.
5. Alice’s resulting signature on M is (E, s).

B.XTR-NR signature verification [6]

It is assumed that Alice’s XTR public key data for digital signatures consist of p, q, Tr(g), and Tr(gk) for a secret integer k that is known only to Alice. However, in addition it is assumed that not only Tr(gk) but also Tr(gk−1) and Tr(gk+1) (and thus Sk(Tr(g))) are available to the verifier. These additional GF(p2) elements are either part of the public key or they are reconstructed by the verifier. Tr(gk−1) (or Tr(gk+1)) can be reconstructed from p, q, Tr(g), Tr(gk), and Tr(gk+1) (or Tr(gk−1)) using an explicit and easily computed formula. Reconstruction of Tr(gk+1) (or Tr(gk−1)) given just (p, q, Tr(g), Tr(gk)) requires additional assumptions and a slightly more involved computation. To verify Alice’s signature (E, s) and to recover the signed message M, verifier Bob does the following.

1. Bob checks that 0 ≤ s < q; if not failure.
2. Bob computes the hash h of E.
3. Bob replaces h by −h mod q ∈ {0, 1 . . . q − 1}.
4. Bob applies Algorithm 5.27 stated in [6]to Tr(g), Sk(Tr(g)) (with k unknown to Bob), a = s, and b = h to compute Tr(gs · ghk) (which equals Tr(gu)).
5. Bob determines a symmetric encryption key K based on Tr(gs · ghk) ∈ GF(p2).
6. Bob uses the agreed upon symmetric encryption method with key K to decrypt E resulting in M.
7. The signature is accepted if and only if M contains the agreed upon redundancy.

V.Anticipated result

There are so many cryptosystems are available in market to implement. Here we have considered more popular ECC and RSA algorithms with XTR algorithm. We have shown the comparison among them in Table 1. W. r. t. key length, key selection, encryption time, decryption time, signature time, verification time and operation speed. Out of these, XTR is the best among all others (stated in [8], [9]).

XTR – NR Signature generation and verification are both considerably faster than traditional implementations of the NR scheme that are based on subgroups of multiplicative groups of finite fields of the same security level: XTR-NR Signature generation is about three times faster than traditional NR signature generation, and XTR-NR signature verification is about 1.75 faster than the traditional method [6]. The length of the signature is identical to other variants of the hybrid version of the NR scheme: an overhead part of length depending on the desired security (i.e., the subgroup size) and a message part of length depending on the message itself and the agreed upon redundancy and symmetric encryption.The XTR signatures scheme with Message Recovery is secure enough against attacks, especially forgery attacks [7].

Table: 1 Comparison among XTR, ECC RSA [8], [9]

XTR / ECC / RSA
Key Length / Short 170-bit / Short 170-bit / Long 1020-bit
Key Selection / Simplest / Hard / Simple
Encrypt / 23 ms / 28 ms / 05msfor 32 – bit
Decrypt / 11 ms / 16 ms / 40ms CRT
Sign / 11 ms / 14ms / 123ms
Verify / 23 ms / ≤ 21ms / 05ms for 32 – bit
Operation Speed / Fastest / Fast / slow

Implementation on Pentium III 450 MHz and 96 MB of Ram

VI.Conclusion and future work

Now-a-days SMS is more popular for different applications in our daily real life. Errorless data transmission with secured is important in wireless environment. In this paper we have discussed about joint channel coding and cryptography, SID algorithm and XTR – NRmessage recovery signature scheme. From the above, we have concluded that XTR – NR message recovery signature algorithm is best among other popular and traditional algorithms. As a result, secured data will transfer from sender to receiver end(s) with errorless. It will efficient scheme and provide better result. It is our future work to implement, prove and compare. We ensure that it will improve the current security level, fastest speed and provide reliable message recovery at receiver end with respect to key generation, encryption, decryption, signing and verification with small key length for SMS in any kind of mobile devices.

References

[1]Nataša ŽIVIĆ: “Iterative Method for Improvement Of Coding And Decryption”, International Journal of Network Security & Its Applications (IJNSA), Vol 1, No 2, July 2009, PP. 1 – 15.

[2]Nataša ŽIVIĆ and Obaid Ur REHMAN: “On using the message digest for error correction in wireless communication networks”, in 21st International Symposium on Personal, Indoor and Mobile Radio Communications Workshops 2010, Page(s): 491 – 495.

[3]NATASA ZIVIC: “Strategies and Performances of Soft Input Decryption”, International Journal of Computer Science and Information Security, Issue 1, Volume 1, May 2009, PP 1 – 12.

[4]Nataša ŽIVIĆ, Christoph RULAND and Obaid Ur REHMAN: “Error Correction over wireless Channels using Symmetric Cryptography”, in 1st International Conference Wireless Communication, Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology, 2009. Wireless VITAE 2009, Page(s): 752 – 756.

[5]

[6]Arjen K Lenstra, Eric R Veheul: “An Overview of the XTR Public Key System”,

[7]Li Yong; Zhang Xiang-li; He Long; XieZhi-heng; Zhu Chong: “Research of Trace Equivalence Relation on XTR”, in WRI CMC '09, International Conference Communications and Mobile Computing, 2009.. Volume: 3, Page(s): 380 – 384

[8]

[9]

Acknowledgment

This research work is supported by Ministry of Human Resource Development (MHRD), Government of India.

Ashok Kumar Nanda is a full time research scholar in Computer Science and Engineering Department, National Institute of Technology, Hamirpur, Himachal Pradesh India – 177005. His office Phone: 091 – 1972 – 254413, Mobile: 091 – 9418143520, e-mail: and .

Prof. Lalit Kumar Awasthi is professor & Head of Computer Centre, National Institute of Technology, Hamirpur, Himachal Pradesh India – 177005. His office Phone: 091 – 1972 – 254404, e-mail: .