Enhanced Modes of Operation for the Encryption in High-Speed Networks and Their Impact on QoS
The internet revolution and modern applications require more bandwidth capacity as a result of the increasing amount of people using e.g. web-based applications with their enhanced quality and performance. Today, modern networks like ATM and SDH/SONET do not only have to fulfill the demand of higher transmission rates but also have to provide and to guarantee data security and especially data confidentiality. Therefore, new or modified cryptographic modes of operation are required. These modes provoke an error propagation which has an impact on the Quality of Service (QoS) parameters of the network. The influences on an ATM network are examined for the CBC, Statistical Counter Mode, a new mode of operation and the ATM Counter Mode, which needs additional bandwidth for synchronization purposes. For SDH/SONET networks we suggest another mode of operation, called the Statistical Self-Synchronization, combining the advantages of the CFB and OFB mode. In synchronous networks it is the only mode that does not require additional bandwidth and is self-synchronizing with acceptable augmentation of error rates. The impact on the error performance is discussed and guidelines for adjusting selected cryptographic parameters are presented.
KeywordsBlock Cipher Linear Feedback Shift Register Synchronous Digital Hierarchy Additional Bandwidth Cell Loss Ratio
Unable to display preview. Download preview PDF.
- ATM Forum. ATM Security Specification Version 1.1 (Final Ballot), October 2000.Google Scholar
- ISO/IEC. 10116-Modes of Operation for an n-bit block cipher algorithm, 1997.Google Scholar
- ISO/IEC. JTC 1/SC 27 N 2531, Summary of NB contributions to the periodical review of International Standards IS 8372, IS 10116, IS 9798-1, ISs 13888-1/3, and TR 13335-2 (SC 27 N 2489), April 2000.Google Scholar
- ISO/IEC. JTC 1/SC 27 N 2711, Text for 1st Working Draft 10116, Information technology-Security techniques-Modes of operation for an n-bit block cipher algorithm (revision), December 2000.Google Scholar
- ITU-T. Recommendation I.321-B-ISDN protocol reference model and its application, April 1991.Google Scholar
- ITU-T. Recommendation G. 707-Network node interface for the synchronous digital hierarchy (SDH), March 1996.Google Scholar
- ITU-T. Recommendation I.432-B-ISDN user-network interface-Physical layer specification: General characteristics, August 1996.Google Scholar
- ITU-T. Recommendation G.826-Error performance parameters and objectives for international, constant bit rate digital paths at or above the primary rate, February 1999.Google Scholar
- ITU-T. Recommendation G. 783-Characteristics of synchronous digital hierarchy (SDH) equipment functional blocks, October 2000.Google Scholar
- ITU-T. Recommendation G.829-Error performance events for SDH multiplex and regenerator sections, March 2000.Google Scholar
- ITU-T. Recommendation I.356-B-ISDN ATM Layer Cell Transfer Performance, February 2000.Google Scholar
- Sven Kuhn, Christoph Ruland, and Kai Wollenweber. ATM Encryption with 155 Mbit/s. In IEEE ATM Workshop’ 99, Proceedings. IEEE, 1999.Google Scholar