Comprehensive Exam Ph'D' in Electrical Engineering

1
Comprehensive ExamPh.D. in Electrical Engineering
The Theory of Concurrent Codes with Application
to Omnidirectional Jam-Resistant Communications
without Shared Secrets

• William L. Bahn
• 14 May 2007

2
The future of warfareNet-centric, Joint, and
Coalition
3
Whats the point of this work?
Concurrent codes address one component of secure
communications The availability of the
communications link in situations where high
directionality and/or shared secrets are not
feasible.
4
This problem involves several disciplines and
needs more overlap than usually exists.
5
Secure communications involve four distinct
security goals.
Each goal is achievable when the good guys share
secrets that the bad guys dont know.
Secure communications occur only when all four
goals are achieved.
Can the bad guys change my message?
Hash functions, message digests, MACs
Can the bad guys read my message?
Encryption using symmetric cryptography
Integrity
Confidentiality
Security
Authenticity
Availability
Can the bad guys jam my message?
Spread spectrum
Can the bad guys forge my message?
Passwords
6
Narrowband communications work fine in an nice,
friendly, ideal world.
NB
7
But they are easily jammed by any competing
signal of similar power.
NB
8
Spread spectrum provides protection against a
competing signal.
SS
9
In Frequency Hop Spread Spectrum (FH/SS), Sender
and Receiver change frequencies according to a
schedule.

• Time Freq
• 14
• 45
• 23
• 12
• 19
• 31
• 42

• Time Freq
• 14
• 45
• 23
• 12
• 19
• 31
• 42

FH/SS
10
Jammer doesnt know schedule, so they jam random
frequencies.

• Time Freq
• 14
• 45
• 23
• 12
• 19
• 31
• 42

• Time Freq
• 14
• 45
• 23
• 12
• 19
• 31
• 42

• Time Freq
• 38, 27, 24
• 19, 26, 45
• 18, 33, 37
• 15, 25, 29
• 13, 28, 44
• 29, 31, 49
• 22, 30, 42

FH/SS
Problem Jammer increases bit error rate (BER)
Solution Error correcting codes
11
Frequency sequence exchanged using a secure
alternate channel.

• Time Freq
• 14
• 45
• 23
• 12
• 19
• 31
• 42

• Time Freq
• 14
• 45
• 23
• 12
• 19
• 31
• 42

The symmetric key is any and all information that
must be kept from the jammer but that both the
sender and the receiver must have access to.
12
What if the alternate channel isnt so secure?

• Time Freq
• 14
• 45
• 23
• 12
• 19
• 31
• 42

• Time Freq
• 14
• 45
• 23
• 12
• 19
• 31
• 42

An informed jammer knows (or somehow obtains) the
symmetric key. They do not know any private keys
- information that only the sender knows or that
only the receiver knows.
13
An informed jammer DOES know schedule, so they
jam the right frequencies.

• Time Freq
• 14
• 45
• 23
• 12
• 19
• 31
• 42

• Time Freq
• 14
• 45
• 23
• 12
• 19
• 31
• 42

• Time Freq
• 14
• 45
• 23
• 12
• 19
• 31
• 42

FH/SS
Problem An informed jammer can reduce
processing gain to unity. Solution ????
14
Traditional Spread Spectrum relies on shared
secrets staying secret.
Private Secrets
Shared Secrets
Private Secrets
Sender
Receiver
Public Information
Jammer
15
The management of symmetric keys is not scaleable
and cannot meet the requirements of the GIG.

• Very small unit level (10 people)
• Key Pairs 45
• Medium unit level (1,000 people)
• Key Pairs 500,000
• Small theater-scale (100,000 people)
• Pair Keys 5 billion
• Coalition-scale (1,000,000 people)
• Pair Keys 500 billion

16
An informed jammer can exploit all of the
shared secrets.
Private Secrets
Shared Secrets
Private Secrets
Sender
Receiver
Public Information
Jammer
17
But how can we communicate securely without
shared secrets?First, how do we do it with
shared secrets?
Symmetric Cryptography
Attack at dawn!
Attack at dawn!
K
K
U3ro0wn_at_EJn
SENDER
RECEIVER
A single key both encrypts and decrypts a
message. Both sender and receiver must possess
it. Attacker must NOT possess it. An attacker
can compromise the distribution process.
18
Asymmetric Cryptography simply uses two keys!
Asymmetric Cryptography
Attack at dawn!
Attack at dawn!
A
B
kO7jfMsi_at_4ifnnY
SENDER
RECEIVER
Anything encrypted with one key can only be
decrypted with the other key P T(T(P,A),B) P
T(T(P,B),A) Receiver generates A and B. Key A
is distributed to everyone (Public Key). Key B
is kept secret from everyone (Private Key).
19
Three of the four security goals can be achieved
using PKI.
NOTE This is a highly simplified description of
how PKI works in the real world.
20
Each goal is achievable when the good guys share
secrets that the bad guys dont know.
If a shared secret is not available, a hole
emerges for omnidirectional links.
Can the bad guys change my message?
Hash functions, message digests, MACs
Digital Signatures
Can the bad guys read my message?
Encryption using symmetric cryptography
Encryption using asymmetric cryptography
Integrity
Confidentiality
Security
Authenticity
Availability
Can the bad guys jam my message?
Highly directional links or spread spectrum
Omnidirectional SS links jammed as easily as NB
Can the bad guys forge my message?
Passwords
Digital Signatures
21
Whats the point of this work?
Concurrent codes address one component of secure
communications The availability of the
communications link in situations where high
directionality and/or shared secrets are not
feasible.
22
Error detecting and correcting codes are great
for dealing with random noise concurrent codes
are designed to deal with malicious non-random
noise.
23
(No Transcript)
24
(No Transcript)
25
So how is it done?BBC Algorithm 101

• Encode by placing indelible marks at locations
  dictated by progressively longer prefixes of the
  message.
• Decode by looking for indelible marks at
  locations dictated by progressively longer
  prefixes of the message.

26
An indelible mark is a transmission that is
very difficult for an attacker to suppress.

• UWB
• Short of noise at a specific time.
• FH
• Noise at a specific carrier frequency.
• DS
• Random data at a given code/offset.

The mark is not data modulated it is data
placed. No data is present in the mark the
presence of the mark is the data. The attacker
can distort the mark as long as we can still
detect it. The attacker can add additional marks
we can deal with that.
27
Checksum bits appended to message eliminate
terminal hallucinations.

• Appended 0-bits act as checksum bits.
• Terminal hallucinations survive each checksum bit
  at a rate equal to the packet mark density.
• Overall rate for k checksum bits
• k 19 gt 1ppb at 33 density.

28
Impulse-based UWB Implementation.
29
Simple receiver leaves little for attacker to
attack.
30
BBC Sequential decoding performs depth first
search in linear time.
31
Exponential Receiver Blow-up does not occur below
50 mark density.

• Steady-state hallucination level
• Receiver effort doubled at 33 density.
• Receiver effort 10x at 47 density.
• If attacker can afford to broadcast 33, they can
  likely afford to broadcast 100.

32
Actual and predicted receiver workload in very
close agreement.
33
Audio BBC recordings of 1 through 4 concurrent
messages.
1
3
2
4
34
Actual workload at 99 packet density oscillates
in close agreement with predicted bounds.
35
Concurrent codes have potential applications
beyond hostile jam-resistance.

• RFID
• Jamming an issue for item-level tagging.
• MAC-less networks
• Wired or wireless.
• No collision detection/avoidance just transmit!
• To prevent self-jamming, devices monitor mark
  density and adjust data rate accordingly.
• Information Retrieval
• Can perform more powerful searches than present
  techniques.

36
Concurrent codes are NOT Nirvana!

• The system can still be jammed.
• As can all the others.
• There is a penalty to be paid.
• As there is with the others.
• The goal is to not to be more jam-resistant than
  uncompromised spread spectrum.
• It isnt.
• The goal is to retain a comparable level of
  jam-resistance without a shared secret.
• It retains roughly half of the data rate.

37
Demo Programs

• JAVA Image Demo
• BBC Image Demo
• JAVA Audio Demo
• BBC Audio Demo