Abstract
This paper presents a data compaction/randomization based approach as a mode of block encryption for ATM (Asynchronous Transfer Mode) cells. The presented approach converts a plaintext into pseudo‐random plaintext before ciphering to conceal patterns in the plaintext. The underlying idea behind this scheme is the Shannon's principles of “confusion” and “diffusion” which involve breaking dependencies and introducing as much randomness as possible into the ciphertext. In this scheme, confusion and diffusion are introduced into the system by first compressing the ATM cell payload and then spreading a continuously changing random data over the entire content of the cell. As a mode of operation for block ciphering, this scheme offers the following attractive features:(i) plaintext patterns are pseudo‐randomized and chained with ciphertext (thereby, preventing against “dictionary”, “known plaintext”, and “statistical analysis” attacks), (ii) it is self‐synchronizing, (iii) cell loss has no additional negative effect, (iv) no IV (Initialization Vector) storage is required, (v) it is encryption‐algorithm independent, (vi) there is no cell‐to‐cell dependency (no feedback from previous cells), and (vii) it is highly scalable (i.e., cells from the same stream can be ciphered and deciphered in parallel). This paper also presents a secure mechanism for in‐band synchronization of encryption/decryption key updates using a “marker‐cell” that is carried within the data channel. An important aspect of both the above mechanisms is that they do not require any changes to the ATM cell header or ATM infrastructure.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
R. Ballart and C. Ching, SONET: now it's the standard optical network, IEEE Communications 27(3) (March 1989) 8–15.
D. Bertsekas and R. Gallager, Data Networks (Prentice-Hall, Englewood Cliffs, NJ, 1987).
S. Chuang, Securing ATM networks, Technical Report, University of Cambridge Computer Laboratory (October 1995). Available from http://www.cl.cam.ac.uk/Research/SRG/greenbook.html.
Data Encryption Standard, Ferderal Information Processing Standards, U.S. National Bureau of Standards (FIPS PUB) 46 (January 1977).
R. Deng, L. Gong and A. Lazar, Securing data transfer in asynchronous transfer mode networks, in: '95 (November 1995) pp. 1198–1202. Full paper appears as TR95–189, Institut of Systems Science, National University of Singapore (1995).
D. Denning, Cryptography and Data Security (Addison-Wesley, Reading, MA, 1982).
D. Denning and P. Denning, Data security, ACM Computing Surveys 11(3) (September 1979) 227–249.
DES Modes of Operation, Ferderal Information Processing Standards, U.S. National Bureau of Standards, (FIPS PUB) 81 (December 1980).
W. Diffie and M. Hellman, Exhaustive cryptoanalysis of the NBS data encryption standards, IEEE Computer 10(6) (June 1977) 74–84.
M.R. Garey and D.S. Johnson, Computers and Interactability (Freeman, San Francisco, CA, 1979).
S. Goldwasser and S. Micali, Probabilistic encryption, Journal of Computer and System Sciences 28(2) (April 1984) 270–299.
ITU TSS Study Groups 13, Contribution Number T1S1.5/93–181 (1993).
B. Lyles, Authenticated signaling for ATM, T1S1.5/94–118, Xerox Parc (1994).
D.E. McDysan and D.L. Spohn, ATM: Theory and Application (McGraw-Hill, New York, 1994).
M. Nelson, The Data Compression Book, 2nd. edition (1995).
Phase I ATM security specification (draft), ATM Forum/95–1473R5 (August 1996).
PNNI draft specification, ATM Forum 95–0471R14 (December 1995).
G. Popek and C. Kline, Encryption and secure computer networks, ACM Computing Surveys 11(4) (December 1979) 331–356.
R. Rivest, A. Shamir and L. Adleman, A method for obtaining digital signatures and public key cryptosystems, Communications of the ACM 21(2) (February 1978) 120–126.
B. Schneier, Applied Cryptography (Wiley, New York, 1994).
J. Seberry and J. Pieprzyk, Cryptography: An Introduction to Computer Security (Prentice-Hall, Englewood Cliffs, NJ, 1989).
C. Shannon, Communication theory of secrecy systems, Bell Systems Journal 28(4) (October 1949) 656–715.
J. Steiner, C. Neuman and J. Schiller, Kerberos: An authentication service for open network system, in: Proc. of the Winter USENIX Conf. (February 1988).
D. Stevenson, N. Hillery and G. Byrd, Secure communication in ATM networks, Communications of the ACM 38(2) 45–52 (February 1995).
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Gray, J.P., Kshemkalyani, A.D., Matyas, S.M. et al. ATM cell encryption and key update synchronization. Telecommunication Systems 7, 391–408 (1997). https://doi.org/10.1023/A:1019192916871
Issue Date:
DOI: https://doi.org/10.1023/A:1019192916871