and (2) - VADA

Download Report

Transcript and (2) - VADA

Software Defined Radio
System Architecture
성균관대학교
정보통신공학부
조준동 교수
1
© ICU 전파교육센터 2003
4세대 이동통신 시스템
2
© ICU 전파교육센터 2003
Wireless networks standardized
by IEEE 802 standard committee.
OSI Reference Model
Location A
Location B
Application 7
Application
Presentation 6
Presentation
Relay Point
Session 5
Transport 4
Transport
Transfer
Network 3
Network
Network
Network
Link 2
Link
Link
Link
Physical 1
Physical
Physical
Physical
Transport Medium
3
Session
Transport Medium
© ICU 전파교육센터 2003
Reconfigurability in SDR
Mobile station
4
Etc.
Application
layer
Application programs (game, Programming is opened
user encryption, e-commerce, for third parties,
etc.)
downloadable by users
Location Finding Service
Middle
layer
Authentication, encryption,
Radio network,
Bandwidth management,
Adaptive QoS
Programmed only by
manufactures
Approval is necessary
Downloadable by users
with some restriction
Physical
layer
Radio resource management
Multiple access
Modulation scheme
Channel separation
Antenna pattern
License is necessary
© ICU 전파교육센터 2003
Modular SDR Architecture
BB/IF Real/
Complex
Digital/Analog
RF
RF
I
RF
C
AUX
C
Channel
Selector/
Combiner
I/O
I/O
C
Multimedia/WAP
I
I
I
AIR
ANTENNA
AUX
I/O
I/O
I/O
BB
Text Flow
Control Bits
AUX
AUX
AUX
BB
Text Flow
Control bits
Baseband
Processing
DSP
Call/Message
Processing &
I/O
C
ROUTING
Voice/PSTN
Data/IP
Flow Control
Clock/Stobe
Ref, Power
NSS/Network
Remote Control/
Display
MONITOR/CONTROL
Common
System
Equipment
Local Control
Ext. Ref
SDR Forum
5
© ICU 전파교육센터 2003
Software Download
새로운 사용자 애플리케이션이나 그래픽 인터페이스(GUI),
프로토콜 스택과 물리 계층 변경 소프트웨어 등을
다운로드, 소프트웨어 버그 수정.
OTA - Download
APIs
User Terminal
Service provider
with UCCH support
6
© ICU 전파교육센터 2003
The Software
Component Servers
Software Download
– Download at Base Station
• Software download is relatively easy
• Old Software in the flash memory is
replaced by the new one
– Download at Mobile Station
• Software radio can provide the
terminal agent function
• this function depends on user’s favor
(Cost effectiveness, QoS)
7
© ICU 전파교육센터 2003
Component Based Development
• CBD Technology
- Is the foundation of the JTRS SCA
- Portable, reusable waveform applications
- To realize the reusability objectives of
S/W engineering community
- Fundamental premise : “buy, don’t build”
8
© ICU 전파교육센터 2003
For CBD, software component
1. Interface
- Component behavior & protocols
2. Implementation
- Component implementation information
3. Deployment
- Specific operating environment
requirements
9
© ICU 전파교육센터 2003
Middleware:
CORBA (Common Object Requet
Broker Architecture)
10
© ICU 전파교육센터 2003
Software Communications
Architecture (SCA), JTRS
OE
RF API
RF
RF API
Non-Core (Radio) Applications
Core Framework (CF)
Commercial Off-the-Shelf (COTS)
Non-CORBA
Security
Applications
Non-CORBA
Modem
Applications
Non-CORBA
Modem API
Modem
Modem
Applications Adapter
Modem NAPI
Non-CORBA
Host
Applications
Non-CORBA
Security API
Link, Network
Applications
Non-CORBA
Host API
Security Security
Security
Adapter Applications Adapter
Link, Network NAPI
Link, Network
Applications
Host
Host
Adapter Applications
Link, Network NAPI
Core Framework IDL (Logical Software Bus via CORBA)
CORBA ORB &
Services
(Middleware)
CF
Services &
Applications
CORBA ORB &
Services
(Middleware)
POSIX Operating System
POSIX Operating System
Network Stacks & Serial Interface Services
Network Stacks & Serial Interface Services
Board Support Package (Bus Layer)
Board Support Package (Bus Layer)
Black (Secure) Hardware Bus
11
CF
Services &
Applications
Red (Non-Secure) Hardware Bus
© ICU 전파교육센터 2003
JTRS’s SCA v2.2
• Common open architecture: 표준화된 구조 정
의
• Multiple domain: 적용 범위 확대
• Multiple bands, Multiple modes
• Compatibility with legacy system
• Technology insertion
• Security
• Networking: 음성, 데이터, 영상 서비스 제공
• Software reuse/Common waveform software
12
© ICU 전파교육센터 2003
Application Programming
Interface
13
Tier <Architectual>
Tier 1
<Functional>
Tier 2 <Transport and
Communication>
Tier 3 <Physical>
•API 구조의 최상위
계층으로서 Radio
architecture를 정의.
• 양방향성을 가지고,
정보와 제어 기능
•외부 인터페이스가
있다.
•시스템이 수행
해야 할 다양한
기능을 정의
• 각 모듈간에 어
떤 메시지가 교
환되어야 하고
그 안에는 어떤
내용을 담아
야 하는지를 정
의.
•Tier 1에서 정의된 메
시지가 어떻게 전송되고
교환되는가를 정의.
예> S/W 모듈에서는
일반적으로 공유메모리
를 이용한 C function
call로 정의될 수 있으나
다중 프로세서 환경에서
는 serial link 등으로 메
시지가 전달 및 교환될
수 있다.
•Plug connector나
form factor와 같이
물리적인 요소들이
서로 어떻게 결합되
는지를 나타낸다.
•물리적인 대부분의
기능을 하나의 칩으
로 구현시키는 제품
에서는 이 인터페이
스는 의미가 없지만,
각 모듈이 표준화된
plug가 필요한 곳에
서는 필수적이다.
© ICU 전파교육센터 2003
SDR Plug & Play Architecture
OOA/OOD
IAW OMG
Extensive
use of
COTS
SW COTS include:
• POSIX OS
• OMG v2 CORBA
• SNMP AGENT
• WEB SERVER
HW COTS
include:
•ASIC
• DSP
•FPGA
Use Of
Common/Std
Interfaces
SDR Plug & Play
Architecture
• OMG v2 CORBA
• Ethernet, RS-232, RS-422...
• TCP/IP, UDP, SLIP, PPP
• Rooftop Net API
• Rooftop Radio API
• Sockets
Use Of
Common
BUS
Use of
High Order
Languages
•“C++”, JAVA, Ada95 for Control Processors
•“C” for Modems and INFOSEC
14
•UML OOD Notation
•CORBA IDL Interface Definition
© ICU 전파교육센터 2003
•Compact-PCI
•SPCI
•VME
•PCI ...
Plug & Play CapabilityCORBA Based Implementation
“A” OBJECT
“B” OBJECT
“A” SERVER
1
3
“B” SERVER
“B”CLIENT
2
4
“A”CLIENT
ORB
ORB
TRANSPORT LAYER
TRANSPORT LAYER
BUS
1. “A” Server requests resource from “B”
2. Destination ORB invokes “B”
3. Once resource is attained, “A” Server invokes the remote
operation on “B” Server
4. Destination ORB invokes “B” Server operation
15
© ICU 전파교육센터 2003
System Architecture of TRUST
Service
provider
Network
Operator
Software Download
Module (SDM)
Network Bearer
Service Profile
Access
Stratum
Module
QoS Manager
Bandwidth
Management
Module
(BMM)
Proxy
Reconfiguration Manager
(RPM)
Mode
Identification &
Monitoring
Module (MIMM)
Location Update
Module
Mode Negotiation and
Switching Module (MNSM)
Configuration
Management
Module (CMM)
User Interface
Reconfiguration
Management
Module (RMM)
Lookup
Tables
Applications
Authentication
Manager
Terminal
Capability Lookup
Table
Terminal
Reconfiguration
Profile
Resource System Management Module (RSMM)
Profile
Database
16
user
Memory
Management
© ICU 전파교육센터 2003
Power
Management
CPU
Management
Process requirements
1. Available modes lookup
2. Detection of new air interface &
monitoring
3. Authentication
4. Mode negotiation
5. Making decision to change mode
6. Software download Over The Air (OTA)
7. Reconfiguration
8. Location update
17
© ICU 전파교육센터 2003
Mode Identification and
Monitoring Module (MIMM)
• 대체 mode의 발견, 식별, 감시
– 단말기의 자원/능력
– 단말기의 현재 mode
– 사용 가능한 시간의 양
• 식별된 대체 mode들의 감시
– 충분한 service level 과 연결 품질 제공 보증
• 외부 요소에 의한 지원
– Proxy, other terminal, 3rd party
– 발견, 감시 작업에 대한 단말기의 부하 감소
18
© ICU 전파교육센터 2003
Mode Negotiation and Switching
Module (MNSM)
• Mode 협상 작업을 가이드
– 다른 mode의 사용가능성 및 요구되는 성능 수준을 단말기가
제공할 수 있는 지 여부 확인
– 시스템의 부하와 연결 품질 고려
• 사용 가능한 모드에 대한 이전 지식을 기반으로 작업
– 사용자 프로파일, 단말기 상태, event등을 참조 하여 사용 가능
한 mode의 순위 생성
• 새로운 Mode로 변경 여부 결정 시 고려할 정보
– 사용자 선호도 (profile Databases) 및 Link level 품질
– 재설정 복잡도 ; Configuration Management Mobile
– 소프트웨어 다운로드에 소요되는 시간 예상치; SDM
(Software Download Module)
– 협상 결과는 차후 사용 대비 Lookup table에 저장
19
© ICU 전파교육센터 2003
Mode Negotiation
[email protected]
• The terminal check the Network was accessed
previously.If negative, Service Negotiation check
whether the required service is accessible in the
visiting Network.
• QoS Negotiation
1. The first step is to map the service classes.
2. QoS manager will take care of deciding whether the
QoS is likely to be reached.
• Network Capability negotiation
software and hardware module reconfiguration
compatibility are checked.
20
© ICU 전파교육센터 2003
QoS Management
Mapping
QoS
parameter
Subjective
QoS
Perception
the
current status of
service
User
End-Use
QoS
Application
Application
QoS
Monitering
Dynamically
reserving resource
QoS
Manager
Terminal Reconfiguration Terminal
Capabilities
QoS
Network bearer
capabilities
21
© ICU 전파교육센터 2003
Network
QoS
Configuration Management
Module (CMM)
• 단말기 core software와 hardware가 구현의
유연성 제약 없이 통합
• CheckResource, InformationRequest,
Shutdown, Reconfigure, DownloadSoftware
• 현재 mode 와 미래 사용 가능한 mode 정보를
mode switching module에 제공
• Mode 지원에 필요한 설정간의 mapping 정보
제공
22
© ICU 전파교육센터 2003
Proxy Re-configuration Manager
(PRM)
• Mode negotiation, 식별, 감시, 변경, software
download 작업, 설정 작업들에 대한 정보 제공,
• Provide the mechanism for network centric
software download
• 단말기의 작업 부하 (CPU, battery 부하) 감소
• IP 기반 네트워크에 대한 Proxy의 직접 연결을
가능케 함
• 단말기에 대한 Information broker
23
© ICU 전파교육센터 2003
Software Download Module
(SDM)
• BMM (Bandwidth Management Module)
– Calculate the optimum download strategy and
sends it to the SDM
Download Rquest
Cost Function
Download Method
Identification
Download Strategy
Download Planning
24
© ICU 전파교육센터 2003
Download Software
스마트 카드 vs 무선 다운로드
Non-OTA (Server
connection, PC, Kiosk,
smart card)
25
Over The Air
장점
에러가 없고, 빠른 다운로드가 가
능, 네트웍에 무관
값이 싸고, 소프트웨어가
즉시 바뀌며 사용자가 부
가 적인 행동 불 필요
단점
고비용, 사용자의 불편을 초래,
소프트웨어를 저장용 메모리, 별
도 장비필요.
다운로드중에 에러가 발생
가능, 속도가 느리며, 네트
웍에 큰 영향을 준다.
표준화 필요
© ICU 전파교육센터 2003
Download Protocol
•
•
•
•
•
초기화(Initiation)
상호인증(Mutual authentication)
능력교환(Capability exchange)
다운로드 승인교환(Download acceptance)
다운로드/에러 테스트
(Download/integrity test)
• Installation
26
© ICU 전파교육센터 2003
Common algorithm structure and
appropriate parameters
• The Frame Structure with Power Control
– Frame structure concerning power control can be
characterized by a set of parameters
• Modulation
– QPSK : IS-95 CDMA and WCDMA systems


n 0
n 0
SQPSK (t )  Z n g (t  nT )   exp[  (n)] g (t  nT )
– GMSK : GSM and DECT systems

t

n 0

n 0
SGMSK (t ) exp[ j 2h d n  g (  nT )d ]   Z nC0 (t  nT )
27
© ICU 전파교육센터 2003
Software layers on SDR
• Layer A (Application Software)
– End-user application software such as WWW,
user interface, etc
• Layer B (Communication Protocol Software)
– Control call process, handover resource
allocation and so on
• Layer C (Signal Processing Algorithm
Software)
– About physical layer related to Modulation,
CODEC, interleaving.. etc
28
© ICU 전파교육센터 2003
Software download time
• TdD/R = D/W
•
•
•
•
Td
R
D
W
: the software download time
: the channel data rate
: the code download quantity
: bandwidth
D
Td
D
Td
A
5MB
150s
A
5MB
150s
B
500kB
15s
B
500kB
15s
C
50kB
1.5s
C
50kB
1.5s
P
50B
1.5ms
P
50B
1.5ms
W.1Mhz
W.200Khz
The downloading time with the dedicated download channel
29
© ICU 전파교육센터 2003
Download Complexity
Jamadagni, Silicon Automation Systems, India
• A set of components for a radio
functionality
• Right set of components for right time
• Time taken for download
– Push:download is initiated by base station
– Pull: download request by user terminal
• Validation of downloaded components
• Compilation of components
30
© ICU 전파교육센터 2003
Pull and Push
• Pull : SDR terminal locating s/w components
may cause heavy traffic.
• Push: tailor data to user’s profiles in
anticipation of user “when needed”
• Download s/w
– Computing applications
– Protocol entities or changing of the air
interface or service
– Signal processing algorithm for
modification
31
© ICU 전파교육센터 2003
User Download Request
• Pure-Push: periodic push and updating
without request
• Pure-Pull: on a miss, clients send a
pull request to the server
• Hybrid Push and Pull: The client sends
a pull request for a component only if
the periodicity of push by the server
is greater than a threshold.
32
© ICU 전파교육센터 2003
Complete download scenario
Full personality download
Protocol
Comp’s
PUSH
Application
Comp’s
Signal
Processing
PULL
Push vs Pull for complete download scenario
33
© ICU 전파교육센터 2003
Incremental personality download
Involves just in time download of needed components
• Server Load is low -> Clients in steady state, Pull-based
download is better
• Server Load is high -> push approach is better since server
requests are queued leading to latencies in servicing requests
• Server load is moderate -> Hybrid
PUSH
Application
Comp’s
Protocol
Comp’s
Signal
Processing
PULL
A Push vs Pull possibility for the incremental download
34
© ICU 전파교육센터 2003
Centralized Distribution of
Software, TRUST




35
인터넷 또는 작은 규모의 네트워크에서의 클라이언트 서버 구조
- 중앙의 서버로부터 소프트웨어 다운로드후 업그레이드
- 터미널이 업그레이드 되기 위해서 하나의 서버로 충분
큰 규모의 네트워크에서의 클라이언트 서버 구조
- 하나 이상의 서버가 필요
- 라우팅 메커니즘 도입 필요
- 캐시서버(PROXY SERVER)이용
아주 오랜 시간 업데이트 되거나 수많은 server 또는 프록시를
필요로 하게 됨
특정 시간에 준하여 주기적으로 신호를 브로드캐스팅 해서 업그
레이드가 가능한지 요청하도록 할 수 있으나 그것 자체가 터미널
-네트웍간의 추가적 부하 야기
© ICU 전파교육센터 2003
Central software distribution
Software
Server 1
Software
Server 2
Software
Server N
SW request
Load balancing
SW download
SW request
36
© ICU 전파교육센터 2003
Software distribution with proxies.
Software
Server 1
Software
Cache
Server 1
SW download
37
Software
Cache
Server 2
SW request
© ICU 전파교육센터 2003
…
Software
Cache
Server N
Proxy
caching
Decentralized Software
Distribution
SW distribution: Step 1 Software
(Central: Server ->
Server 1
terminal)
( (( )) )
SW distribution: Step 2
(Decentral: Terminal ->
terminal)
..
..
SW distribution: Step 3
(Decentral: Terminal ->
terminal)
38
© ICU 전파교육센터 2003
(1)
( ((
)) )
(2)
( ((
)) )
( ((
(3)
)) )
(4)
이동통신에서 가능한 분산 방식
Blackboard
List of available
services in the cell
Add green service
available
1
1
2
Access point
Mobile terminal
39
Blackboard
List of available
services in the cell
Green service
available
© ICU 전파교육센터 2003
2
ISSUES IN OTA DEVICE SOFTWARE
UPGRADES
2.1. Interoperability
2.2. Variations in ME architectures
2.3. Extensibility
Figure 1. Elements involved in OTA mobile software upgrade
40
© ICU 전파교육센터 2003
PROPOSED ARCHITECTURE
1. Notification and Download Protocol for patch
 SyncML(SYNChronization/device Management
protocoL)
=> J2SE at server side, J2ME and MIDP(Mobile
Information Device Profile) at client side.
2. Storage and Installation of patch on ME
 We have used J2ME at client side for defining
Java API for this functionality.
3. Generation and Storage of patch on download
server
41
© ICU 전파교육센터 2003
Figure 2. OTA Mobile Device Software
Management Architecture
Management Server
Management Client
(J2SE Environment)
(J2ME Environment)
User Interface
Server Application
(Servlet)
Client Application
(Midlet)
Security Library
Data Repository Management
MIB
Server Profile
TM Profile
Device Management Logic
SyncML
Profile
Patch
Generator
42
HTTP
SyncML DM
Protocol
Transport
Protocol
© ICU 전파교육센터 2003
SyncML
Profile
HTTP
Patch Profile
Data
Repository
Management
Persistent
Memory
Software Communications
Architecture (SCA) Security elements
• The SCA security supplement contains several
hundred specific security requirements
- Encryption & Decryption Services
John J. Fitton
- Information Integrity
- Authentication & Non-repudiation
- Access Control
- Auditing and Alarms
- Key and Certificate Management
- Security Policy Enforcement & Management
- Configuration Management
- Memory Management
43
© ICU 전파교육센터 2003
Encryption & Decryption Services
• These services can be used (1)to maintain the
privacy of different types of information; (2)to
protect the information; (3) to protect the
integrity of any class of software for download
purposes
• The encryption algorithm used for download should
be standardized on a global level
• Efforts should focus on minimizing the number of
different standards
• Encryption/Decryption algorithms could be
downloaded and executed as part of the Security
Provider Application
44
© ICU 전파교육센터 2003
Information Integrity
• Information Integrity ensures that information
received or stored at some earlier point has not
been changed either as a result of
transmission/storage media errors or intentional
modification
• One method of providing this service is to encrypt
the information with an algorithm designed to
prevent undetected modification of the information
• Another method might be to perform a form of
mathematical calculation using all of the
information
45
© ICU 전파교육센터 2003
Authentication &
Non-repudiation
• Authentication and non-repudiation methods
are well known by those familiar with public
key cryptography
• These involve the use of digital signatures
and certificates.
• These security functions as one of the
most critical to solving the SDR download
security since they provide the means to
verify the legitimacy of a software package
downloaded onto a SDR terminal
46
© ICU 전파교육센터 2003
Access Control
• Access Control mechanisms in today's
environment generally consist of user
passwords
• Two areas of concern regarding
access controls are (1) how passwords
are protected within the terminal; and
(2) what access control mechanisms
are necessary to access any terminal
security audit log.
47
© ICU 전파교육센터 2003
Auditing and Alarms
• Auditing and alarms security functions
provide a means to capture events
that the terminal records in some
manner when a security process is
violated
• This process might be a receipt of an
improperly signed software download
or a report of numerous failed
attempts for password entry
48
© ICU 전파교육센터 2003
Key and Certificate Management
• Key lengths, formats and key tags
identifying the function of the key,
expiration dates, etc..., are all candidates
for standardization
• Standardization efforts must go beyond
format and content, and address how, when
and where keys and certificates will be
updated and replaced, and what security
mechanisms are required to protect these
items while they are in transit
• Decision must be made to define who may
have the authority and resources to create
keys and certificates
49
© ICU 전파교육센터 2003
Security Policy Enforcement &
Management
• Security policies are simply defined as
rules governing how the security
mechanisms are to be employed
• Specific security policies could be
downloaded and installed in the same
manner as keys or digital certificates
50
© ICU 전파교육센터 2003
Configuration Management
• Configuration management is necessary
within the SDR to ensure that the terminal
has the required hardware capability to
support a new software download
• The terminal should provide a copy of an
installation log listing the hardware
platform type and configuration as well as
an identifier and version number of all
installed software to the centralized
configuration manager
51
© ICU 전파교육센터 2003
Memory Management
52
• Memory management can be an
extremely effective security measure
to guard against surreptitious
attempts to modify installed software
• In this role the Radio Security
Module would have output control
signals to allow the memory writeaccess control lines to activate and
support writing of programs and data
into memory
© ICU 전파교육센터 2003
Wireless & Wired IW Attacks on SDR
위성
SATCOM
Links
UAV
Links
HF/LOS
Links
SINCGARS
NET 1
SDR
NET C
SDR
NET A
SDR 1
SDR 1
53
IW Threat
Monitoring
Jamming
Deception
Chaos
SDR
NET E
SDR
NET D
SINCGARS
NET 2
SDR 1
SDR 1
Wired
Infrastructure
© ICU 전파교육센터 2003
Wireless Attacks
LOS, HF, SATCOM, UAV
Wired Attacks
Ethernet
SDR Subsystem IW Detection
Careful subsystem design, bus access control,
message authentication, and physical LAN
security
Ethernet
Interface
Security
Physical
Message
Layer
Layer
Detection Authentication
RF
Modem
Security
Subsystem Subsystem Subsystem
Red
Host
PCI Bus
54
© ICU 전파교육센터 2003
Black
Host
Physical Layer Detection
Specifying waveforms with processing gain options for
frequency hopping, spreading, and interference
suppression
Command changes in operating band and modulation to
avoid or mitigate the attacking threat.
SDR networks must be designed with the flexibility
to minimize the opportunities for successful enemy
action or disruption.
flexibility  multiple modulation formats, frequency
bands
Steer antenna nulls in the direction of the attacker
Information-style attacks that attempt to subvert
operation and data in the radios
55
© ICU 전파교육센터 2003
SDR Security
• SDR S/W 다운로드할 때, 프로그램의
보호(Protection), 인증(Authentication),
암호(Encryption) 기능 필요
• 공개키 암호시스템과 SDR
– SDR 환경에서는 전력(Power) 소모와 구현문
제로 적용이 용이하지 않음
– DSP/FPGA로 구현된 SDR로 암호화에 필요
한 기능 지원 가능
56
© ICU 전파교육센터 2003
Security of Existing Wireless
System
Item
Algorithm
User Authentication
Hash function, Block
cipher
Authentication of N/W
Same above
Operator/Service Provider
Stream
Encryption of User Data
cipher(scrambling)
Encryption of Control
Stream cipher
Channel
Hiding User ID
57
Temporary ID
© ICU 전파교육센터 2003
Cryptographic Scheme
Object
Privacy or
Confidentiality
Explanation
Keeping information secret
Authentication or
Identification
Ensuring data has not been
altered
Confirm the identity of an
entity
Message
Authentication
Authentication the original
message
Signature
Binding information to an
entity
Certification
Endorsement of information
Data Integrity
58
© ICU 전파교육센터 2003
Symmetric and public key
cryptosystem
– Symmetric key cryptosystem
• Encryption key = Decryption key
• Sender/Receiver must share the same
key
– Public key cryptosystem
• Use two different key
– Encryption : Public Key
– Decryption : Secret(or Private) Key
59
© ICU 전파교육센터 2003
Encryption Algorithm of SDR in
Flexible Security Systems
Encryption
algorithm
Key
Deliberation
Algorithm
Scrambling
Scrambling
Public Key
cryptosystem
60
SDR
Custom chip
Block Cipher
Block Cipher
Block Cipher
Existing
implementation
Software+
Custom chip
Custom chip
Public Key
cryptosystem
Software+
Custom chip
Software+
Custom chip
© ICU 전파교육센터 2003
Security
Weak
DSP
or
FPGA
Strong
Security of Program
Download of SDR
Item
61
Countermeasure
Illegal copying of
download program
Encryption of
download channel,
hardware key,
terminal ID
Alteration of
download program
Certification
© ICU 전파교육센터 2003
Algorithms of EC into SDR
62
Name
AVANT
DANMONT
Main agent
Automatia
DANMONT
Algorithm
DES
SAM
GeldKarte
MONDEX
NTT Electric
Cash
KA
Mondex Int
NTT
VisaCash
DES > RSA
RSA/FEAL/DES
PROTON
VisaCash
Banksys
Visa Int
DES/RSA
DES/RSA
© ICU 전파교육센터 2003
RSA 암/복호화 연산 속도
및 전력량 비교
Platform
Speed
(msec/operation)
Encryption
PentiumIII 800Mhz
i486 33.4Mhz
DSP TMS320C6201
FPGA XC4085XL3PG559C
63
Energy
Consumption
(mWs)
Decrypti Encrypti
on
on
Decrypti
on
0.2
14.3
6.0
429
4.79
342
23.9
1710
1.2
11.7
3.65
35.6
0.013
0.126
0.00281
0.0274
© ICU 전파교육센터 2003
Conclusion
Smart Reconfigurable Radio Architecture
Analog Baseband
and RF Circuits
Communication
Algorithms
Protocols
phone
Accelerators
(bit level)
Logic
RTOS
book
Keypad,
Display
Control
ARQ
A
D
FSM
uC core
FFT
Dedicated
Logic
analog
Filters
Coders
digital
DSP cores
64
(ARM)
© ICU 전파교육센터 2003
Jan Rabaey