**Abstract**

This chapter presents a new cross-layer security scheme which deploys efficient coding techniques in the physical layer in an upper layer classical cryptographic protocol system. The rationale in designing the new scheme is to enhance securitythroughput trade-off in wireless networks which is in contrast to existing schemes which either enhances security at the detriment of data throughput or vice versa. The new scheme is implemented using the residue number system (RNS), nonlinear convolutional coding and subband coding at the physical layer and RSA cryptography at the upper layers. The RNS reduces the huge data obtained from RSA cryptography into small parallel data. To increase the security level, iterated wavelet-based subband coding splits the ciphertext into different levels of decomposition. At subsequent levels of decomposition, the ciphertext from the preceding level serves as data for encryption using convolutional codes. In addition, throughput is enhanced by transmitting small parallel data and the bit error correction capability of non-linear convolutional code. It is shown that, various passive and active attacks common to wireless networks could be circumvented. An FPGA implementation applied to CDMA could fit into a single Virtex-4 FPGA due to small parallel data sizes employed.

**Keywords:** residue number system (RNS), RSA cryptography, field programmable gate array (FPGA), subband coding, convolutional coding, CDMA

### **1. Introduction**

Generally, wireless networks consist of low capacity links with nodes that rely on batteries. An efficient communication scheme for such networks should minimize both congestion in the links and control information in the nodes. Security is a critical parameter in wireless applications and any efficient communication scheme has to integrate security vulnerabilities of the system in its implementation. Unfortunately, existing schemes have network security implemented at the upper layer such as the application layer; meanwhile parameters such as congestion, which affect data throughput, are the physical layer. Hence, any attempt to increase the security level in a communication system greatly compromises data throughput. In [1], the authors developed a metric to estimate a timeframe for cyberattacks using the RSA public key cryptography. In the analysis, the authors estimated the attacker's human time in carrying out a successful attack based on the key length.

Such an implementation at the upper layer will curb any security attack at the prescribed time but will greatly compromise data throughput at the physical layer due to the huge modular exponentiation involved in its implementation. In [2], the authors developed a secure and efficient method for mutual authentication and key agreement protocol with smart cards. The implementation, which is based on the constant updating of the password, will involve a considerable amount of control information, which is detrimental to the optimum functioning of the nodes. Research work using different information-theoretic models to develop physical layer security based on the characteristics of the wireless links has been carried out [3, 4]. However, the existing methods for implementing physical layer security under the different information-theoretic security models is expensive and requires assumptions about the communication channels that may not be accurate in practice [5]. Hence any deployment of the physical-layer security protocol to supplement a well-established upper layer security scheme will be a pragmatic approach for robust data transmission and confidentiality [6]. It is in this light that, a new cross-layer approach is presented in this research. Major research efforts have targeted cross-layer implementation of security schemes in wireless networks [7–9]. In this research, the proposed cross-layer security scheme uses signal processing techniques as well as efficient coding and well-established cryptographic algorithm to implement a security scheme, which greatly enhances security-throughput tradeoff, and curb many security threats common to wireless networks.

*2.1.1 Subband coding*

integer transforms, is given as follows [12]:

*DOI: http://dx.doi.org/10.5772/intechopen.82390*

3 p

3 p �1 ffiffi 2

sequences could be computed as follows [12, 15]:

2 4

*P z*ð Þ¼ *P z* <sup>~</sup>ð Þ¼ <sup>1</sup> � ffiffiffi

3 <sup>p</sup> �<sup>2</sup>

**Figure 1.**

**13**

<sup>4</sup> , *<sup>h</sup>*<sup>4</sup> <sup>¼</sup> ffiffi

3 p þ1 ffiffi 2 <sup>p</sup> , *<sup>h</sup>*<sup>5</sup> <sup>¼</sup> ffiffi <sup>P</sup>newð Þ¼ <sup>z</sup>

*A New Cross-Layer FPGA-Based Security Scheme for Wireless Networks*

0 1 " # 1 0 ffiffiffi 3 p 4 þ

is progressive transmission. The factored coefficients *<sup>h</sup>*<sup>1</sup> ¼ � ffiffiffi

j j an mj <sup>¼</sup> j j x2l h1 mj <sup>þ</sup> x2l‐<sup>1</sup> � � �

j j dn mj <sup>¼</sup> j j x2l h1 mj <sup>þ</sup> x2l‐<sup>1</sup> � � �

*Synopsis for the computation of the kth coefficients for the 1st and 2nd levels of decomposition.*

� � � �

� � � � �

> � � � �

The integers from the RNS block are split into different levels of decomposition based on subband coding. Subband coding is implemented using integer wavelet lifting scheme [10, 11]. It is shown in [12] that, a judicious choice of filter banks could result into an integer transform despite the fact that, wavelet transform is an approximation process. A four-tap Daubechies polyphase matrix, which results into

heð Þ<sup>z</sup> gnew

hoð Þ<sup>z</sup> gnew

<sup>4</sup> *<sup>z</sup>*�<sup>1</sup> <sup>1</sup>

(Eq. (2)) forms the basis of integer to integer wavelet transform which in effect

<sup>p</sup> are used to compute the approximate and detail

� � � mj *:* h2

� � � mj <sup>þ</sup> an‐<sup>1</sup>

where an and dn are the approximation and detail sequences of wavelet coefficients of the nth sample. The subsequent transmissions are fed into the non-linear convolutional coding block as depicted in **Figure 1** for the first level kth detail and

� � � � mj

> � � � � mj

<sup>þ</sup> x2l‐<sup>1</sup>

� � � � � mj

<sup>4</sup> , *<sup>h</sup>*<sup>3</sup> <sup>¼</sup> ffiffi

the final data point. Using (Eq. (2)), the approximate, an and the detail, dn

sequences. In such transmission, the original data is split into two portions, namely approximate and detail sequences. The detail sequence is transmitted while the approximate sequence is further split into two halves. The process is repeated until

where h and g are filter coefficients with suffix e and o denoting even and odd

coefficients. The factorization of the polyphase matrix is as follows [12–14].

ffiffiffi <sup>3</sup> <sup>p</sup> � <sup>2</sup> <sup>e</sup> ð Þz

� � (1)

ffiffiffi <sup>3</sup> <sup>p</sup> <sup>þ</sup> <sup>1</sup> ffiffi 2 p 0

0

<sup>3</sup> <sup>p</sup> , *<sup>h</sup>*<sup>2</sup> <sup>¼</sup> ffiffi

ffiffiffi <sup>3</sup> <sup>p</sup> � <sup>1</sup> ffiffi 2 p

3 p

(2)

(3)

<sup>o</sup> ð Þz

3 5

1 *z* 0 1 � �

The rest of the chapter is organized in eight subsequent sections. In Section 2, we present the background knowledge required for the design and implementation of the new cross layer security scheme. This will involve a review of the different techniques used in the development of the new security scheme. The first subsection presents the implementation of the multi-level convolutional cryptosystem. This implementation involves the combination of subband coding and a new nonlinear convolutional coding. Next, a review of the residue number system (RNS) with brief description of the Chinese remainder theorem (CRT) is presented. We conclude the section with an overview of RSA public-key cryptography. Section 3 presents the protocol for the implementation of the new cross layer security scheme. The FPGA-based implementation applied to CDMA using the new layered security scheme will be presented in Section 4. In Section 5, cryptanalysis of the cross-layer security scheme will be carried out in order to quantify the security. Quantification of data throughput is performed in section 6 while different security threats which could be circumvented by the cross-layer security scheme are presented in Section 7. We end the chapter in Section 8 with conclusions of our work.

## **2. Background**

This section presents the background knowledge required for the design and implementation of the new cross layer security scheme. It involves a review of the different techniques used in the development of the new security scheme.

#### **2.1 Multi-level convolutional cryptosystem**

The multi-level convolutional cryptosystem constitutes the second stage of implementation at the physical layer. It receives integers from the RNS implemented at the first stage. The multi-level cryptosystem is implemented using subband coding and non-linear convolutional cryptosystem.

*A New Cross-Layer FPGA-Based Security Scheme for Wireless Networks DOI: http://dx.doi.org/10.5772/intechopen.82390*

#### *2.1.1 Subband coding*

Such an implementation at the upper layer will curb any security attack at the prescribed time but will greatly compromise data throughput at the physical layer due to the huge modular exponentiation involved in its implementation. In [2], the authors developed a secure and efficient method for mutual authentication and key agreement protocol with smart cards. The implementation, which is based on the constant updating of the password, will involve a considerable amount of control information, which is detrimental to the optimum functioning of the nodes. Research work using different information-theoretic models to develop physical layer security based on the characteristics of the wireless links has been carried out [3, 4]. However, the existing methods for implementing physical layer security under the different information-theoretic security models is expensive and requires assumptions about the communication channels that may not be accurate in practice [5]. Hence any deployment of the physical-layer security protocol to supplement a well-established upper layer security scheme will be a pragmatic approach for robust data transmission and confidentiality [6]. It is in this light that, a new cross-layer approach is presented in this research. Major research efforts have targeted cross-layer implementation of security schemes in wireless networks [7–9]. In this research, the proposed cross-layer security scheme uses signal processing techniques as well as efficient coding and well-established cryptographic algorithm to implement a security scheme, which greatly enhances security-throughput trade-

*Computer and Network Security*

off, and curb many security threats common to wireless networks.

threats which could be circumvented by the cross-layer security scheme are presented in Section 7. We end the chapter in Section 8 with conclusions of our

This section presents the background knowledge required for the design and implementation of the new cross layer security scheme. It involves a review of the

The multi-level convolutional cryptosystem constitutes the second stage of

implemented at the first stage. The multi-level cryptosystem is implemented using

different techniques used in the development of the new security scheme.

implementation at the physical layer. It receives integers from the RNS

subband coding and non-linear convolutional cryptosystem.

**2.1 Multi-level convolutional cryptosystem**

work.

**12**

**2. Background**

The rest of the chapter is organized in eight subsequent sections. In Section 2, we present the background knowledge required for the design and implementation of the new cross layer security scheme. This will involve a review of the different techniques used in the development of the new security scheme. The first subsection presents the implementation of the multi-level convolutional cryptosystem. This implementation involves the combination of subband coding and a new nonlinear convolutional coding. Next, a review of the residue number system (RNS) with brief description of the Chinese remainder theorem (CRT) is presented. We conclude the section with an overview of RSA public-key cryptography. Section 3 presents the protocol for the implementation of the new cross layer security scheme. The FPGA-based implementation applied to CDMA using the new layered security scheme will be presented in Section 4. In Section 5, cryptanalysis of the cross-layer security scheme will be carried out in order to quantify the security. Quantification of data throughput is performed in section 6 while different security

The integers from the RNS block are split into different levels of decomposition based on subband coding. Subband coding is implemented using integer wavelet lifting scheme [10, 11]. It is shown in [12] that, a judicious choice of filter banks could result into an integer transform despite the fact that, wavelet transform is an approximation process. A four-tap Daubechies polyphase matrix, which results into integer transforms, is given as follows [12]:

$$\mathbf{P}^{\text{new}}(\mathbf{z}) = \begin{bmatrix} \mathbf{h}\_{\text{e}}(\mathbf{z}) & \mathbf{g}\_{\text{e}}^{\text{new}}(\mathbf{z})\\ \mathbf{h}\_{\text{o}}(\mathbf{z}) & \mathbf{g}\_{\text{o}}^{\text{new}}(\mathbf{z}) \end{bmatrix} \tag{1}$$

where h and g are filter coefficients with suffix e and o denoting even and odd coefficients. The factorization of the polyphase matrix is as follows [12–14].

$$P(\mathbf{z}) = \bar{P}(\mathbf{z}) = \begin{bmatrix} 1 & -\sqrt{3} \\ 0 & 1 \end{bmatrix} \left[ \frac{\sqrt{3}}{4} + \frac{\sqrt{3} - 2}{4} \mathbf{z}^{-1} \cdot \mathbf{1} \right] \begin{bmatrix} 1 & z \\ 0 & 1 \end{bmatrix} \begin{bmatrix} \frac{\sqrt{3} + 1}{\sqrt{2}} & 0 \\ 0 & \frac{\sqrt{3} - 1}{\sqrt{2}} \end{bmatrix} \tag{2}$$

(Eq. (2)) forms the basis of integer to integer wavelet transform which in effect is progressive transmission. The factored coefficients *<sup>h</sup>*<sup>1</sup> ¼ � ffiffiffi <sup>3</sup> <sup>p</sup> , *<sup>h</sup>*<sup>2</sup> <sup>¼</sup> ffiffi 3 p <sup>4</sup> , *<sup>h</sup>*<sup>3</sup> <sup>¼</sup> ffiffi 3 <sup>p</sup> �<sup>2</sup> <sup>4</sup> , *<sup>h</sup>*<sup>4</sup> <sup>¼</sup> ffiffi 3 p þ1 ffiffi 2 <sup>p</sup> , *<sup>h</sup>*<sup>5</sup> <sup>¼</sup> ffiffi 3 p �1 ffiffi 2 <sup>p</sup> are used to compute the approximate and detail sequences. In such transmission, the original data is split into two portions, namely approximate and detail sequences. The detail sequence is transmitted while the approximate sequence is further split into two halves. The process is repeated until the final data point. Using (Eq. (2)), the approximate, an and the detail, dn sequences could be computed as follows [12, 15]:

$$\begin{array}{rcl} \left| \mathbf{a\_{n}} \right|\_{\mathbf{m}\_{j}} &=& \left| \left| \left| \mathbf{x\_{2l}} \mathbf{h\_{1}} \right|\_{\mathbf{m}\_{j}} + \mathbf{x\_{2l-1}} \right|\_{\mathbf{m}\_{j}} \cdot \mathbf{h\_{2}} \right|\_{\mathbf{m}\_{j}} + \mathbf{x\_{2l-1}} \right|\_{\mathbf{m}\_{j}} \\\\ \left| \mathbf{d\_{n}} \right|\_{\mathbf{m}\_{j}} &=& \left| \left| \left| \mathbf{x\_{2l}} \mathbf{h\_{1}} \right|\_{\mathbf{m}\_{j}} + \mathbf{x\_{2l-1}} \right|\_{\mathbf{m}\_{j}} + \mathbf{a\_{n-1}} \right|\_{\mathbf{m}\_{j}} \end{array} \tag{3}$$

where an and dn are the approximation and detail sequences of wavelet coefficients of the nth sample. The subsequent transmissions are fed into the non-linear convolutional coding block as depicted in **Figure 1** for the first level kth detail and

**Figure 1.** *Synopsis for the computation of the kth coefficients for the 1st and 2nd levels of decomposition.*

*2.1.2.1 States of convolutional code block or transducer*

*DOI: http://dx.doi.org/10.5772/intechopen.82390*

*A New Cross-Layer FPGA-Based Security Scheme for Wireless Networks*

contents of the 8 � 8 matrix are shown in (Eq. (4))

adder.

**Figure 3.**

**15**

A2, A3 representing the registers *M*<sup>1</sup>

remains in state 1 is given as follows:

*Structure of an (8, 8, 2) convolutional encoder.*

*2.1.2.2 The transition functions*

For an 8 � 8 matrix, there are at least 2<sup>16</sup> ways or keys in which the connections of a register to the modulo-2 adder could be made. A possible key which gives the

The generator matrix is used to specify the following set of 8 vectors. X(7) := A1(7) ⊕ A3(7); X(6) := A1(7) ⊕ A1(6) ⊕ A3(6). X(5) := A1(5) ⊕ A3(5) ⊕ A3(6); X(4) := A1(4) ⊕ A3(4) ⊕ A3(5). X(3) := A1(3) ⊕ A3(3) ⊕ A3(4); X(2) := A1(2) ⊕ A3(2) ⊕ A3(3).

It should be recalled that, for an (n,k,L) convolutional encoder, each vector has Lk dimensions and contains the connections of the encoder to the modulo-2

The structure of the (8, 8, 2) convolutional encoder is shown in **Figure 3** with

For an (8,8,2) convolutional code, there are 28 = 256 mappings or keys. There are

For example, a transition function that compares input data to state 1 and

f <sup>1</sup>ð1*;* f½ � 00000000 *;* ½ � 00000001 *;* ½ � 00000010 *;* ½ � 00000011 *;* ½ � 00000100 *;*

½ � 00000101 *;* ½ � 00000110 *;* ½ �gÞ ¼ 00000111 f g1 (5)

<sup>2</sup> while A1 represents the input data.

1*, M*<sup>1</sup>

two sets of transition functions denoted as f1 for the two possible states.

In (Eq. (5)), if the input data is any of the sequences {[00000000], [00000001], [00000010], [00000011], [00000100], [00000101], [00000110], [00000111]}, the present state of the transducer which is state 1 is retained.

X(1) := A1(1) ⊕ A3(1); X(0) := A1(0) ⊕ A3(0).

ð4Þ

#### **Figure 2.**

*The first stage of the inverse transform.*

approximation sequences [12, 15]. The processing blocks (PEs) shown in the figure depicts the computations of (Eq. (3)).

The final decomposition level which comprises one data point will give one approximation coefficient and one detail coefficient.

At the destination, the inverse wavelet transform is performed to obtain the successive approximation sequences. (Eq. (3)) is used to perform the inverse transform by reversing the operations for the forward transform and flipping signs [12, 15]. The process starts with the approximation and detail coefficients a0 and d0 respectively obtained at the final decomposition level of the forward transform. The first stage of the inverse transform is shown in **Figure 2** [12, 15].

The (↑2) symbol represents upsampling by 2, which means that zeros are inserted between samples while H2 and H3 are the filter coefficients used in (Eq. (3)).

#### *2.1.2 Nonlinear convolutional cryptosystem*

A major advantage of symmetric cryptography is the ability of composing primitives to produce stronger ciphers although on their own the primitives will be weak. Hence, the vulnerable convolutional code block will be cascaded into different stages using the product ciphers obtained from the S-box and P-box to form a non-linear convolutional cryptosystem.

	- a. States of each transducer or convolutional code block in the cascade given by the contents of the sub-matrices in the generator matrix;
	- b.The transition functions. These are mappings used to compare the input bits and present state and switches to the appropriate next state;
	- c. n-bit S-boxes. They are used to shuffle the output bits.
	- d.n-bit P-boxes. They are used for the different permutations per level of decomposition.

For illustrative purposes, an (8, 8, 2) convolutional encoder will be considered to demonstrate the keys generation process.

*A New Cross-Layer FPGA-Based Security Scheme for Wireless Networks DOI: http://dx.doi.org/10.5772/intechopen.82390*

#### *2.1.2.1 States of convolutional code block or transducer*

For an 8 � 8 matrix, there are at least 2<sup>16</sup> ways or keys in which the connections of a register to the modulo-2 adder could be made. A possible key which gives the contents of the 8 � 8 matrix are shown in (Eq. (4))

ð4Þ

The generator matrix is used to specify the following set of 8 vectors.


It should be recalled that, for an (n,k,L) convolutional encoder, each vector has Lk dimensions and contains the connections of the encoder to the modulo-2 adder.

The structure of the (8, 8, 2) convolutional encoder is shown in **Figure 3** with A2, A3 representing the registers *M*<sup>1</sup> 1*, M*<sup>1</sup> <sup>2</sup> while A1 represents the input data.

## *2.1.2.2 The transition functions*

approximation sequences [12, 15]. The processing blocks (PEs) shown in the figure

The final decomposition level which comprises one data point will give one

At the destination, the inverse wavelet transform is performed to obtain the successive approximation sequences. (Eq. (3)) is used to perform the inverse transform by reversing the operations for the forward transform and flipping signs [12, 15]. The process starts with the approximation and detail coefficients a0 and d0 respectively obtained at the final decomposition level of the forward transform. The

The (↑2) symbol represents upsampling by 2, which means that zeros are inserted between samples while H2 and H3 are the filter coefficients used in (Eq. (3)).

itives to produce stronger ciphers although on their own the primitives will be weak. Hence, the vulnerable convolutional code block will be cascaded into different stages using the product ciphers obtained from the S-box and P-box to form a

• **Key generation:** The specifications of the private keys used in the

c. n-bit S-boxes. They are used to shuffle the output bits.

A major advantage of symmetric cryptography is the ability of composing prim-

implementation of the cascaded convolutional cryptosystem are as follows

by the contents of the sub-matrices in the generator matrix;

a. States of each transducer or convolutional code block in the cascade given

b.The transition functions. These are mappings used to compare the input bits and present state and switches to the appropriate next state;

d.n-bit P-boxes. They are used for the different permutations per level of

For illustrative purposes, an (8, 8, 2) convolutional encoder will be considered to

depicts the computations of (Eq. (3)).

*The first stage of the inverse transform.*

*Computer and Network Security*

**Figure 2.**

*2.1.2 Nonlinear convolutional cryptosystem*

non-linear convolutional cryptosystem.

decomposition.

demonstrate the keys generation process.

[12, 15, 16]:

**14**

approximation coefficient and one detail coefficient.

first stage of the inverse transform is shown in **Figure 2** [12, 15].

For an (8,8,2) convolutional code, there are 28 = 256 mappings or keys. There are two sets of transition functions denoted as f1 for the two possible states.

For example, a transition function that compares input data to state 1 and remains in state 1 is given as follows:

$$f\_1(1, \{ [000000000], [00000001], [00000010], [00000011], [00000100] \},$$
 
$$[00000101], [000000110], [00000011])) = \{1\} \tag{5}$$

In (Eq. (5)), if the input data is any of the sequences {[00000000], [00000001], [00000010], [00000011], [00000100], [00000101], [00000110], [00000111]}, the present state of the transducer which is state 1 is retained.

**Figure 3.** *Structure of an (8, 8, 2) convolutional encoder.*

A transition function that compares input data to state 1 and switches to state 2 is given as follows:

$$\mathbf{f}\_1(\mathbf{1}, \{ [00001000], [00001001], [00001010], [00001011], [00001100],}$$

$$[00001101], [00001110], [000001111]) \rangle = \{ \mathbf{2} \},\tag{6}$$

In (Eq. (6)), if the input data is any of the sequences {[00001000], [00001001], [00001010], [00001011], [00001100], [00001101], [00001110], [00001111]}, the present state of the transducer which is state 1 is changed to state 2.

At the destination, the transition functions are similar to those for the encoder at the source but change roles. The transition functions are very critical in the implementation of convolutional cryptosystem since it accounts for its dynamic nature, hence an increase in security level.

#### *2.1.2.3 S-box entries*

For an (8,8,2) convolutional code, using 2-bit shuffling boxes, there are 16 Sboxes or keys. For higher n-bit shuffling boxes, the number of keys increases, for example 8-bit shuffling boxes will give 2<sup>8</sup> keys. The four 2-bit S-boxes used to illustrate the scheme are shown in **Table 1**. Given an 8-bit data sequence as [A7, A6, A5, A4, A3, A2, A1, A0], the look-up S-box, Sub1,1 is used to shuffle the first pair of bits, [A7, A6], Sub1,2 is used to shuffle the second pair [A5, A4], Sub1,3 is used to shuffle the third pair [A3, A2], and Sub1,4 is used to shuffle the last pair [A1, A0].

#### *2.1.2.4 P-box entries*

The interconnections between inputs and outputs are implemented using a permutation set look-up table. For an (8,8,2) code, the eight (08) inputs and outputs could be permuted or interconnected in at least 77 = 823,543 ways. A permissible permutation is shown in **Table 2** [12, 15].

> After the specification of the keys, the vulnerable convolutional code block will be cascaded into different stages using the product ciphers obtained from the S-box and P-box. Using two (02) stages, a non-linear (8, 8, 2) 2-cascaded is as shown in

> In **Figure 4**, Sub1,1, Sub1,2, Sub1,3 and Sub1,4 are S-boxes used for pairwise bit shuffling and the input vector to the first transducer, {X7, X6, X5, X4, X3, X2, X1, X0} is the output set from the subband encoding block while the output vector {Y7, Y6,

It is worth noting that the security level could be greatly increased by increasing

The residue number system uses the Chinese remainder theorem (CRT) to compute unknown values from the remainders left or residues when unknown

Assume m1, m2, …, mN are positive integers, relatively prime pairs: (mi, mk)=1 if i # k. Let {b1, b2, …, bN} be arbitrary integers, then the system of simultaneous

x1 ¼ b1 ð Þ��� mod m1 xN ¼ bN ð Þ mod mN (7)

Y5, Y4, Y3, Y2, Y1, Y0} is the ciphertext from the second transducer stage.

*A New Cross-Layer FPGA-Based Security Scheme for Wireless Networks*

*DOI: http://dx.doi.org/10.5772/intechopen.82390*

The modular Chinese remainder theorem states that [17, 18]:

**Figure 4**.

**Figure 4.**

the number of stages to be cascaded.

*Initial structure of the cascade before encoding.*

**2.2 Residue number system (RNS)**

values are divided by known numbers.

linear congruence

**17**


**Table 1.** *2-bit shuffle look-up-table.*


**Table 2.**

*Input–output interconnect look-up-table for encoder.*

*A New Cross-Layer FPGA-Based Security Scheme for Wireless Networks DOI: http://dx.doi.org/10.5772/intechopen.82390*

**Figure 4.** *Initial structure of the cascade before encoding.*

After the specification of the keys, the vulnerable convolutional code block will be cascaded into different stages using the product ciphers obtained from the S-box and P-box. Using two (02) stages, a non-linear (8, 8, 2) 2-cascaded is as shown in **Figure 4**.

In **Figure 4**, Sub1,1, Sub1,2, Sub1,3 and Sub1,4 are S-boxes used for pairwise bit shuffling and the input vector to the first transducer, {X7, X6, X5, X4, X3, X2, X1, X0} is the output set from the subband encoding block while the output vector {Y7, Y6, Y5, Y4, Y3, Y2, Y1, Y0} is the ciphertext from the second transducer stage.

It is worth noting that the security level could be greatly increased by increasing the number of stages to be cascaded.

#### **2.2 Residue number system (RNS)**

The residue number system uses the Chinese remainder theorem (CRT) to compute unknown values from the remainders left or residues when unknown values are divided by known numbers.

The modular Chinese remainder theorem states that [17, 18]:

Assume m1, m2, …, mN are positive integers, relatively prime pairs: (mi, mk)=1 if i # k. Let {b1, b2, …, bN} be arbitrary integers, then the system of simultaneous linear congruence

$$\mathbf{a}\_1 \mathbf{x}\_1 = \mathbf{b}\_1 \pmod{\mathbf{m}\_1} \\ - - - \mathbf{x}\_{\mathcal{N}} = \mathbf{b}\_{\mathcal{N}} \pmod{\mathbf{m}\_{\mathcal{N}}} \\ \tag{7}$$

A transition function that compares input data to state 1 and switches to state 2 is

f <sup>1</sup>ð1*;* f½ � 00001000 *;* ½ � 00001001 *;* ½ � 00001010 *;* ½ � 00001011 *;* ½ � 00001100 *;*

present state of the transducer which is state 1 is changed to state 2.

In (Eq. (6)), if the input data is any of the sequences {[00001000], [00001001], [00001010], [00001011], [00001100], [00001101], [00001110], [00001111]}, the

At the destination, the transition functions are similar to those for the encoder at the source but change roles. The transition functions are very critical in the implementation of convolutional cryptosystem since it accounts for its dynamic nature,

For an (8,8,2) convolutional code, using 2-bit shuffling boxes, there are 16 Sboxes or keys. For higher n-bit shuffling boxes, the number of keys increases, for example 8-bit shuffling boxes will give 2<sup>8</sup> keys. The four 2-bit S-boxes used to illustrate the scheme are shown in **Table 1**. Given an 8-bit data sequence as [A7, A6, A5, A4, A3, A2, A1, A0], the look-up S-box, Sub1,1 is used to shuffle the first pair of bits, [A7, A6], Sub1,2 is used to shuffle the second pair [A5, A4], Sub1,3 is used to shuffle the third pair [A3, A2], and Sub1,4 is used to shuffle the last pair [A1, A0].

The interconnections between inputs and outputs are implemented using a permutation set look-up table. For an (8,8,2) code, the eight (08) inputs and outputs could be permuted or interconnected in at least 77 = 823,543 ways. A permissi-

½ � 00001101 *;* ½ � 00001110 *;* ½ �gÞ ¼ 00001111 f g2 *,* (6)

given as follows:

*Computer and Network Security*

*2.1.2.3 S-box entries*

*2.1.2.4 P-box entries*

**Table 1.**

**Table 2.**

**16**

*2-bit shuffle look-up-table.*

hence an increase in security level.

ble permutation is shown in **Table 2** [12, 15].

*Input–output interconnect look-up-table for encoder.*


#### **Table 3.**

*Summary of security services of RSA public-key cryptography.*

has exactly one solution modulo the product m1, m2, …, mN. The solution to the simultaneous linear congruence is formally given as [15, 17, 18].

$$\left| \mathbf{x} \right|\_{\mathbf{M}} = \left| \sum\_{j=1}^{L} \hat{\mathbf{m}}\_{j} \left| \frac{\mathbf{x}\_{j}}{\hat{\mathbf{m}}\_{j}} \right|\_{\mathbf{m}\_{j}} \cdot \mathbf{x}\_{j} \right|\_{\mathbf{M}} \tag{8}$$

b.Step 2: RNS-based RSA ciphertext is converted into different levels of decomposition using subband coding; c. Step 3: Symmetric encryption using Convolutional cryptosystem;

At the destination, the entire process is reversed starting with convolutional decoding at the physical layer and ending with RSA decryption at the application layer.

Consider an arbitrary array of integers for plaintext as follows {398, 453, 876,

Array due to RSA encryption is given as {151, 293, 252, 135, 304, 315, 265, 182}

a. Step 1: Moduli set of {107, 109, 113} is used to convert the RSA

ciphertext into 8-bit data point arrays. The residue set, r1 for m1 = 107 is

b.Step 2: Subband coding is performed to split residues obtained using moduli set into three levels of decomposition since m = 8 = 2<sup>3</sup> data points are used. Subband coding is basically down sampling by 2 using (Eq. (3)). The corresponding arrays for the first level of decomposition

r11 = {�9, �48, �79, �27}; � r12 = {�9, �42, �75, �21}; � r13 = {�9, �30,

Note that r11 refers to first level of decomposition array for modulus, m1 = 107 and the first element is obtained using (Eq. (3)) with integer lifting

The same procedure is performed for the second and third levels of

c. Step 3: **Table 4** summarizes the manual computation of the encryption and decryption process of the convolutional cryptosystem for the data r11(0) = �9 from the subband encoding stage based on the entries of the product cipher and combinational logic of the non-linear (8,8,2)

filter coefficients set, h = {2, 0, 0} as follows: r1(1) – 2 � r1(0) = 79–

2-cascaded convolutional transducer in **Figure 4**.

◦ Application layer: Traditional RSA encryption

b.Encryption key, e = 5

a. Primes, p = 13; q = 37 ) n = p. q = 481

*A New Cross-Layer FPGA-Based Security Scheme for Wireless Networks*

*DOI: http://dx.doi.org/10.5772/intechopen.82390*

c. Decryption key: e. d � 1 mod (432) ) d = 173

**3.1 Illustrative example**

200, 356, 165, 265, 897}.

◦ Physical layer:

�67, �9}

2 � 44 = �9.

decomposition.

**19**

as follows:

are as follows:

r1 = {44, 79, 38, 28, 90, 101, 51, 75}

• Source

where <sup>m</sup>^ <sup>j</sup> <sup>¼</sup> <sup>M</sup> mj and M <sup>¼</sup> <sup>Q</sup> N j¼1 mj.

(Eq. (8)) establishes the uniqueness of the solution. In this research, the integers Tj <sup>¼</sup> <sup>∣</sup> xj m^ <sup>j</sup> ∣ often referred to as the multiplicative inverses of m^ <sup>j</sup> are computed a priori by solving the linear congruence in (Eq. (7)). In other words, if Mj = M/mj, then the multiplicative inverses, Tj are computed by solving the congruence TjMj = 1 (mod mj ).

### **2.3 RSA public-key cryptography**

	- Choose secrete primes p and q and compute m = p.q
	- Choose encryption exponent, e
	- Compute d satisfying e.d � 1 mod ((p 1). (q 1)).
	- Public key: (m, e) and Private key: d
