ebook img

BSTJ 60: 7. September 1981: Digital Signal Processor: Private Communications. (McGonegal, C.A.; Berkley, D.A.; Jayant, N.S.) PDF

4 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview BSTJ 60: 7. September 1981: Digital Signal Processor: Private Communications. (McGonegal, C.A.; Berkley, D.A.; Jayant, N.S.)

tonnes ee gt ay er SHES pen Digital Signa! Processor: Private Communications By © A. McGONEGAL, D. A. BERKLEY, and N. S. JAYANT ‘Manuecrintracives Aut 2, 1980) Where nurmul safeguords for message privouy are nel adequate, some form of encryption is required Voice messoves, encoded using ‘an adaptive differential pulse code modulation eneoder such as that deserted in « companion paper, may be enerpted for precaey fre tection against casual eavesdropping) through slay digital signal _prncensar programa with litle addtional computation. Ta methods of implementation are described: ‘The uae of Upermutations for temporal seramBling ofthe transite bit ston and the use of bt tanking by stored random mumbers, The refacve merite of each ‘ystem are discussed, illustrating both the flexibility and Liitations ofthe digital signal pracensor for such applications 1. wetmopueTion Situavions occur in everyday telephone communication eysteme ‘where the normal atfaguards for mecetge privacy may not be adequate ‘This could happen, for example, in « ridiotlephono system vehere remo canlenirould be ely intercepts ana thurioe Hees, "hn this paper, we discum Lo simple inethod for ensuring shoe: vex privacy for such celephone stems. These methods are aged on the Avtaptive Diftrential Pulse Code Mldulacon (ancat) i dex suribel in & companion paper” Bol moikods modify Use aDrext lewromivied code word in sh wy a8 ty andocte Une bil pacer, Decoding tbe resulting randomized code words sequizes advance Iunowledge of she randomization key. "Thu techniques discussed here are non-tine-vurying and has sr ited numbers of encryption kaya Thus, the message is onlv protected from onsual listeners, Lietoner who possess the necessary equipment tan dutermine Diu rained dvoding key. Lowever, the aystens 13 designed ea Uist devoting cannot be sccomplished io the duration of an average vonversilion ‘Both these methuds have been inplesneed wing he Pell Lalo tacries Digital Sigal Processing integer (D9) wich nly a flight inertuse in proceming Toa eoative to that vequieed by non freryyue gnc emroling and eecoding. The vesting stern shoul beable us support no oF tive aitultaneove coder or decoders pet integented cient Tsues af key distribution and cryptanalysis are outside the scope of {his puper." Our purpose, rather, into demanstrate what can be realized i lores of alapting an evsting aDrene ox progam. fora potential priva'y anplicaton, With nove and nat capabilities greater than mac tin ave inthe poseene nap, lnvele of paivsey can be etraightfon. \wardly enhanced—for example, by Inyering several peomulalivn and ‘asking operations as in the Distal Encryption Standard 1 the following section, we dieeuss privacy elgorithms, Then, we consider the implementation of ech wring the Dap, Fry, we sess the voleive merits of cach systom. This discussion Mustrales buck [he ‘ribs and limitations of the nse for sch wn application, I. PRIVACY CODING FOR ADPCM TRANSMISSION ‘There are these sijor quirements for 4 simple digital privacy 12! Hemsust be possible ta gonerate a “large” mamber af eneryplion bays bic eurrangement or ausking yatta) aulomadiealy aud easily. Taf) The enerypled speech raust be uninlelligiie i slaroded by other than the proper ke Git) The spe ma In ffeil teacalle so a9 0 e ipl acne sina inal ine reel "The nen encryption methods we will concer are a3 fll: G)Ucermaarions where the bits in agian block of auvem ende eon se peste fo ee nonmalowder,prodacing 8 temporal evambling athe bit stream, id) Adtition of scored paeade-randor numbers co the nore cade worl w ori enndorly Saeked” encrypted code words. (Other methods, sch ae use of linen® eongruential random mumber eneration™ to fem maska, are posible, hut methods () and U8 Abeveare hull pmctiesl wn luattate the principio aneryptinn for ieee: 27 Upamntions The case of uniform (or U-permutations on JV bits defined by* Bo Ayrlmed N): 8 = 12 +, w 1904 THE SELL SYSTTM TTCHNICAL JOURNAL, SEPTENBEN 1981 ‘where rs the intial bil position and sis che serambled bit pion in the Block of 1 bits, The encryption hey fs, ona must be prune (0 ‘Uneerambline ofthe bit Block is accowplinhed ly another Cpe = Aeelmod 8). ei vith Aukyimed N) ~ 1. Figure te illustrates & permutation vf bits ‘within a block of N hth echile Fig. tb shows wn exumple of uniform Derimacation for N'= 16, fy = 8 al Bs = 1 Tthae been found thal to sain the roquitomene for unincligibility equites at eart N'= 16 for kl apow (He wumpling, Bite pet ample) We have fnpletented an N= 18 xysvet acing 92K ADI (9-H oampling and 4 bits/cample Lo prove (elephone quality pooch), The serambled epesch i of very low ineligiily wit xual Tstening. However, individanl moeda fom a Tiled vocabulary. sch 45 spoken murubets, may be distinguishable, eepecially with expert fenced Tistening. An implementation wth higher faces sme difcul ties bucane of address space limitations. Wie the eurent asp version 1N > 82 is impossible, us wl be discussed lace. ‘The numer nf kess in U-posmutatins piven by N-CAN), where (GIN) is the number of numbers that are prime lo NC "There are 112 Kye available for N'— 16, For N= 82 this inereses fo 480 kev: The adequacy of a given numberof keys depend on the aplication 22 Random number masking ‘The random mack method we have considered it basically very smmple. Tn escence a different random nurmher sadder tn wach AnH nde word before trnemiesion and char sate nusaler i wubtrac el by LJ owe i PRIVATE COMMUNICATIONS 1565 the receiver Finca table of random numbers stl and synchroni- zation is required hetween transmitter and receiver, ‘The encryption key for any given transmission i the stating point fn the random nuraber table relative ly the Hock synchronization. “Additional keys may’be produced by gencruting the random number mask using mullivie lable pointars and adding together the random ‘umber to form the ende word mask Lng to poinlers, The masking fof apvens code worl © with an F-mumber rondom lable ( bils per entry 0 Z = N/8) ran hw writen a8 Ba C+RU+0) +RU+ 02, o ‘wher RUD) denotes the J-th word of the random table, E is the tneryptod rede ond, Oy; are the table ufits relative othe beginning ‘tthe table and T~ 0 a¢ Boxinniny of tanamission block (synchro ization time), Decryption is accomplished by suberecting the sue fet of random numbers rom "The key words are Oy, leading toa ‘maximum of Z? possible ke of which E47. ~ 11/2 are unique. Bvon for Zo If the enerypted speech is essentially uninceligble and for Tanger Z, che prance of spores ie very hard to detec. (The output sounds like continuous while noise a ll mes) Tho table sizo is limited by Dsr nou sizeof 1024 words, bot L = 612 wort ix certs practical, Two lube pointers Then give about 130,00 keys. UL IMPLEMENTATION USING THE DS "The asi for hoch i privacy implementations ia the anpen codec Aincussed in the companion paper’ Tu hock encryption systems the fender or decoder ie recs lyhlly in “eubratine™ fore which allows Inore canventone handling ofthe Ulockaganehouiaationetctare, Ako, to avoid the problem of (wo's-complemen: sign excension, che ADPCM fda word ie converted (y wigned form: that i, the 4b: code word, represented at ~7to8 inthe orignal coder, ia fet by 7 and coded ns Dwi, 37 Upemutations ‘the U-permtatin for N= 16's iplemenced by splitting Uucks of four onde won's bits each! int bloska of 16 obe-bt words, retrain ing the owe bil wurds according to the proper permatation nnd reat sting the permuted bloc of four worde fr tmamersion, One block Of four words is heing pemiited, while second Block ix bein sent allowing u very siale program organization, ‘The requized modula NV arithmetic is accomplished without any computation being reauirel hy overowring che address relate being toed aa che storage pointer. Thur, for 4’ 16, the disassembled ene bil wards aze stored at every fourth wean eatin. ‘The proper permu 41800 THE BELL SYSTEM TECHNIGAL JOURNAL, SCPTEMGER +901 tation increments scored inthe upper bits ofthe nrvenent mgiier and the address sequonce generated by ovartow. ‘Assuring Ut Une B¥A register is pointed ta the unsigned form of the aproa ode word, the following ber inserucsion® dikassem le the ede word and store the reulting one-it seo in RAM, The eode ‘word i disassembled by Loading the bit vo be aaved ia bit 14 of the P register and zeroing all cher vregieter hits. Thee reser iv sol wo 2 {Notation for the one assembly language is given in companion, paper’) = van permutation in ‘remet” rd=6; meat storage ‘re “yet bit of ende won other bit” “aera other bits; ot bit 2 “act up to zero cher bit ‘ave hit 1 et bit 95 up to 210 her bite" “nave bit 2 et hic a et ta ze her ie ri-w = pia: “save bic $ 2er0 fuer bit nisw rdi—w * seve bit ‘The single bibs are romsambled into 4 oode word by abifing and aig he ite he illingisretioni k= a1; “permucation ineremen” Bes 1s iat snag ar peek tRerbie polege "gets" anpt te eo lergk: Tai ad ad got bie 2 naptie pe Leryk; —“ahifeand ade bie 1 career code worl reno PIIVATE COMMUNICATIONS 1567 Tn this echeme, the mast valuso axe refreshed wt a 100.8 peviod (for an SEL sunpling race) which is the maxima wpevifed refresh tise forthe dynamic RAM’ To extend the method vo 4 — 32. itis eceseary to epare program cycles (of which a efficient number appears 10 be available) to auyplennent the “natural” uaa retresh cycles Permucation blocks larger than N= bits are mes owing, this approneh since 21 words of am ore requted. "Thus, °— 64 ould Fl the L2cont Rawr on the neP allowing no scratch seage a8 requived by tho basie anra coler "The decoder implemontation ie very similar and han dencical ii tations. A single DSP ylaor Co ycli vue, sing N= 16, was ingle stenced successfully and the resulting syceth wes ce wel ened ‘Although, as wencioned before, some rnmbene could be distinguished vith practive ‘The Limited aumber af keys in an N= 18 U-permutation syatem could presenta problem inome application. "To ncrewse toe number ‘ot hess the teat route appesté to he vendom number masking, which i diene ne 3.2 fandom number masking Random {-bic number wz stored, 4 Tits per ord, in a wos table “The table size ia imitod only hy wvalale rene. We arbitrarily ured & 2bt-mord table for our implementation, but considerably moze space ‘a wena ve use If more ep are desired. Ti sinzle oinver sssking a peinter inco the table ia arbrawily chosen, The nab autorsacie hie) loop councer is get to @& sx for 80h ALPOM oode worl yoneraied, a onder number ie fetched, added forthe code word, ane! the poiniee incremented. Whon the loop count te sataiod the pointer ia restored co ics orginal value raulkiple pointers are used offer valves axe initialized and each andor nuruber in flchd and atded to the cede ward, To avoid ‘addtional programa step for desertion ofthe table ed, cho pales fax Jited irs Tater chad €3 locations from the eno the fable: Th: iwi-oiter vennon haa the following requirement . 6 3p offset from 8, and Nis dhe oer whens tthe seating point, 8 thank table size, ‘Ail aidiions are made withoucatcenton Wo uverflaw out of the dit cule wnt and the Ieaacsigniicane four bits are (rupsmilted, The received word then hae identical masks eubleucied. widhoul regard to rsigved underflow, andthe four lees significant bits ure kurt a re input to ube Abpew coder. In exc'-complomont orchmecie the final resus oorgeet,siehol gard Lo oveetow ur ues, at eesu 1668 TIT FLL SYSTEM TECHWICAL JOURNAL, SEPTEMBER 1981 isin the required range. (The decrypted code word rust satis this condition since the original unsgaed word was in he 4-bil range.) Ant ‘example of masking by this proces ie shown in Pig. 2 ‘Assuming the 4 repister contains the mu pointer, the I register contains the offset value andthe RA resister contains x pointer to che unsigned form of the anpent code word, Ube fllowing 68h ieiructions tmnerypt the cade wore p rake; pet mas word 1” P pertkec, “get mask word 2" pte ‘ad masks; get code wort” spre ei Shwe na for cee wor” a= phe; “decrypted bic code word” "The cade word is decrypted by the following instructions The RX and ax regacers contain the lable pointer al offset val, respectively, The ‘y roster contains the encrypted code ward wep et mae word =p et ase wad aapta anpoa = pls: “encrypted 4bit code word!” ‘The two-pointer encryplelcadee sea implemented on w single nar vith claw input ond output. Table snes a sal 1B word, wil Sql pointer, veld unintelligible scrambled epeoch, "To examine che synchronization properties of the system, the some sl Belo making no ie rn maner mtn en PRIVATE COMMUNICATIONS 1559 ‘odee was alo implementod in a trae version, A simplified block ‘iagram is shown for this aystom in Fig. 3. Digital signal processor 1 provides (he encryption wal (ranamits the enurypled biter bsp 2 performs the decryption. Inthe absence of propriate synchronization ‘mentioned blow, the output ofthe reclverdaitalto-analog converter ‘sora. This is the sane eanfiguracon asl fe the ces," excep hal prosision in ade or Block sytchgon ‘tus and contol bits, Cb nd 50, pravide a “sync” bit for this purpoee land, atuning synchronization isvecoverelexterally from the ane rimion format, ae connected separately in parallel with the min terial data-bit stream. Sopchronization formatting and recovery is ‘probably aloo poasible within the ose, hut itis beyond the sonpe of this paper. Programming the synchronisation is very simple. Hach time the lable pointer is reinkilized the transmitter sends the contro signal (80) using the orm restr, and the reeciver waits for tho consol cgnal (C0) waing the 8¥e regisor, Digital signal proceswr instuelions for the traramiter and roeiver ure gives belo. cranenicer ices setup lop counter” me send earn signa” ine = 0305 wet e= 3 vero” mao; ‘um of ecto signal” too " ken 6x ‘ip loop counter” se = Ox set c= 2 overfine” wend “yt or eon sgl” loop fat Ree i eS ak dirt ae nde wh Ne chm, ‘Table t~Momory utilization Err cada N= 36 a Aa expected, synchronization time is imperceptible and the system sounds exactly the same as does the sinle bet cadee Wy, DISCUSSION oth encrypted oneet provide adequate acrambling in terms of reduced intelligible, although random number masking is capable of ‘entirely destroying the impression of speech. rogram efficincy, in terms of instructions executed per 125316 sannple it algo sitsilar ae shown in Table T. Cision of the ar, felatve to ita maximim execution rate of 155 ineactions per 125-8 Sample, ranges from 2 pervent for thw ADPCM Header To 44 percent {ir the random mask encoder. ‘Tube T also hows memory uization for the different implemen Lions Those ahould be compared to 128 words of available Ram and 4 words of available to.) Ihe abecM ele iin subroutine form and savings of shont eight instructions can be made by vemoving this Sinuchire athe expense ofa considerably mare opaque program. "The number uf keys waited for thin type of privacy avetern has aot hoon studied and other iasues, uch as transmission of keys rv outils, Ue area ofthis paper. Clas, cis implementation random numb ticking provides for more keys than U-permutations. Also if greater levels of secrecy ate required on 8 particular transmission link, one ‘can erwision a special tranamitter/receiver paix with aunigae Pio ot ‘Rox ranvlom namer table used external hereby achieving a2" key “System, (This ie because cere are 2" binary sequences of length MF) For any angle transmission Lc. «single sl of pointer positions — fi, However if one considers othur pointer positions this neenber is frescer and is, im general, w fined of the random manor ble length L: ‘Although the programming was not diseused, the acting of the parczular key to be wed in » given tvansmision would require, for example, reading an external switch reginer daring program iia ation, Thus, one ould ced some simple extemal eieuitry to divert The rode input seam at initialization (reset) time and appropriate Luar prograraming to Iarlle Uhe input format end store the result én V. CONCLUSION ‘Two privacy encryption systems, Based on AnPeA coding of speech, rave boon sss, Using the nae we have implemented both with thors inreanen i proves lad, The Ucpermutation method makes heavy use of was snd aa limited numbers of encryption key. Random, ‘number masking mules heavy use of wow and can provide large ‘umbers of keys. Both sytem veduoe speech ineligibility and enulel form the buaia of an effective privacy epatem. VL. ACKNOWLEDGMENTS. ‘The authors ould like to acknowledge the support af their ase stesin the Bel Laboratories Acouate Research Deparamnent, expel that of J. Johnston, in the development of the modulo arithmetic ‘eoncept J. Upton in modification of the ose hardware Tor black synchronization; and J, L. Flanagan for hie support, encouragement, 1nd discussion ofthe use of specially prepared wont for secrecy REFERENCES 1 Di tt Mair Di Me lapel a us, ptt SPN Ren ogg ant i Pt ambi 3 wopuemaumee Blom Vl 2. Momus Aion ties ke 00 Digi Seal Prenat: Spec Bye

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.