Signaling Protocol Research Articles

Balancing privacy protecting and auditability: A signal protocol based E2EE communication scheme for group chatting

With the development of the Internet, instant messaging applications have ascended to a crucial position in our daily lives. As users increasingly attach importance to privacy issues, end-to-end encryption(E2EE) has become an indispensable requirement for messaging services. However, E2EE communication software face two major challenges. One is that completely being unregulated is rather perilous, as criminals may take advantage of it to cover up crimes and endanger society. Secondly, ordinary E2EE software only works between two parties, and there has been relatively little research on group chatting scenarios. Against these backdrops, this paper devises practical solutions to the problem of allowing audit access by authorized parties while safeguarding privacy in the context of group chatting. By leveraging the Signal protocol based on the open Noise protocol framework [1], we ingeniously transform the problem into multiple two-way chatting channels, thereby ensuring E2EE security and facilitating efficient group communication. Additionally, to address the auditing challenge, we delicately design the model with multiple cryptological techniques and safeguard the security of ordinary users while expediting the auditing process. This solution strikes a balance between privacy concerns and regulatory demands, and offers practical and innovative model design to secure group chatting, enhancing the usability and security of instant messaging applications.

Study of Multi-Service Networks and Communication Systems Using Distributed Network Technology in Mountain Areas

It should be noted that the development of the digital economy directly depends on the introduction of advanced technologies: nanotechnology, biotechnology, complex energy systems technologies, quantum technologies, etc. At the same time, it is difficult to imagine the further development of corporate multiservice networks and communication systems without the widespread introduction of innovative technologies in a single information telecommunication infrastructure. The interaction of corporate multiservice networks and innovative technologies allows you to create a virtual transport network, with the help of which you manage transmitted useful and service packages and provide services. The FN concept involves the introduction of virtualization technologies, artificial intelligence methods and tools on a corporate network. The article analyzes the characteristics of corporate multiservice networks and communication systems using the technology of building distributed communication networks. The characteristics of corporate multiservice networks and communication systems using the technology of building distributed communication networks are analyzed and investigated, and a mathematical model of quality of service is proposed taking into account the management of information and network resources. It was found that the integrated performance indicators of multiservice corporate networks are largely determined by the reliability, information security and quality of service of IP / MPLS switching nodes and the IMS-Internet Protocol Multimedia Subsystem multimedia communication system using the signaling system and protocols for providing multimedia services and establishing session sessions. Thus, the results of QoS & QoE quality of service research and an analysis of numerical calculations of the probability and time characteristics of corporate multiservice networks based on the architectural concept of NGN and FN using the concept of SDN, NFV and IMS, requires the study of complex performance indicators of multiservice enterprise networks.

An Adaptive RF Front-End Architecture for Multi-Band SDR in Avionics.

This study introduces a reconfigurable and agile RF front-end (RFFE) architecture that significantly enhances the performance of software-defined radios (SDRs) by seamlessly adjusting to varying signal requirements, frequencies, and protocols. This flexibility greatly enhances spectrum utilization, signal integrity, and overall system efficiency-critical factors in aviation, where reliable communication, navigation, and surveillance systems are vital for safety. A versatile RF front-end is thus indispensable, enhancing connectivity and safety standards. We explore the integration of this flexible RF front-end in SDRs, focusing on the detailed design of essential components, such as receivers, transmitters, RF switches, combiners, and splitters, and their corresponding RF pathways. Comprehensive performance evaluations confirm the architecture's reliability and functionality, including an extensive analysis of receiver gain, linearity, and two-tone test results. These assessments validate the architecture's suitability for aviation radios and address considerations of size, weight, and power-cost (SWaP-C), demonstrating significant gains in operational efficiency and cost-effectiveness. The introduction of the new RF front-end on a single SDR board not only substantially reduces size and weight but also adds up to 18 dB gain to the received signal. It also allows for a high level of design flexibility, enabling seamless software transitions between different radios and the capacity to manage three times more radios with the same hardware, thereby significantly boosting the system's ability to handle multiple radio channels efficiently.

Formal analysis of signal protocol based on logic of events theory

The Signal is an end-to-end encrypted communication protocol composed of a double ratchet (DR) protocol and an extended triple Diffie-Hellman (X3DH) protocol. Its complex ratchet structure and the characteristics of protocol composition make it challenging to realize formal analysis. A formal analysis method based on logic of events theory (LoET) is proposed to conduct a security analysis of the Signal protocol. The method includes inference rules with key relation and key chain as the core to realize the formal analysis of ratchet structure, and the inference relation between sub-protocols is established by putting forward the composition theorem. The proposed method achieves a formal analysis of Signal, revealing that it does not satisfy a strong authentication property during the X3DH phase. The results show that the LoET-based method can be effectively applied in the formal analysis of Signal protocols, thus promoting the application and development of these protocols with ratchet structure and composition properties.

Hard‐state Protocol Independent Multicast—Source‐Specific Multicast (HPIM‐SSM)

AbstractSource‐specific multicast is a key technology for multicast services such as IPTV broadcasting, which relies on IGMPv3/MLDv2 for source‐group membership signalling and multicast routing protocols such as PIM‐SSM for building and maintaining receiver‐initiated source‐based distribution trees across the network. The authors propose the Hard‐state Protocol Independent Multicast—Source‐Specific Multicast (HPIM‐SSM), a novel multicast routing protocol that keeps the design principles of PIM‐SSM but overcomes its limitations, such as slow convergence and the possibility of creating suboptimal trees. The state machines of HPIM‐SSM were designed to react promptly to all network events susceptible to reconfiguring the multicast trees, avoiding the need for soft‐state maintenance through the periodic transmission of control messages. Moreover, the authors eliminated the need for designated routers, which led to suboptimal trees, and introduced a control‐driven assert protocol that operates per source, allowing for considerable memory savings. Finally, the protocol enables the coexistence of multiple unicast routing protocols. HPIM‐SSM was implemented in Python, and its correctness was extensively validated through model‐checking techniques. Furthermore, a comparison between HPIM‐SSM and PIM‐SSM was conducted, encompassing both theoretical analysis and experimental evaluation of convergence times. The results demonstrate clearly that HPIM‐SSM outperforms PIM‐SSM, exhibiting significantly faster convergence times and completely avoiding suboptimal trees.

Protecting Instant Messaging Notifications against Physical Attacks: A Novel Instant Messaging Notification Protocol Based on Signal Protocol

Over the years, there has been a significant surge in the popularity of instant messaging applications (IMAs). However, the message notification functionality in IMAs exhibits certain limitations. Some IMAs fail to alert users about new messages after their phone restarts unless they unlock the phone. This is a consequence of end-to-end encryption (E2EE) and the app not knowing the message is in the queue until the app decrypts it. This approach using E2EE is used to prevent offline attacks, as the key is unavailable to decrypt the notification messages. In this paper, we introduce a novel design and implementation of a message notification protocol for IMAs based on the Signal protocol. The proposed protocol aims to securely display notifications on a locked device and ensures that cryptographic keys are stored in a location that is isolated from the user’s device to prevent offline attacks. This approach enhances the security of private key storage, safeguarding private keys against various external threats. The innovative design strengthens the off-site key management system, rendering it resilient against offline attacks and mitigating the risk of key compromise. Additionally, the proposed protocol is highly efficient, requiring no specialized hardware for implementation. It offers confidentiality of cryptographic keys and protection against offline attacks, further enhancing the overall security of the system. We evaluate the protocol’s effectiveness by analyzing multiple independent implementations that pass a suite of formal tests via ProVerif.

On the security of AEAD scheme is recommended for use in Signal protocol

On the security of AEAD scheme is recommended for use in Signal protocol

NOTRY: Deniable messaging with retroactive avowal

Modern secure messaging protocols typically aim to provide deniability. Achieving this requires that convincing cryptographic transcripts can be forged without the involvement of genuine users. In this work, we observe that parties may wish to revoke deniability and avow a conversation after it has taken place. We propose a new protocol called Not-on-the-Record-Yet (NOTRY) which enables users to prove a prior conversation transcript is genuine. As a key building block we propose avowable designated verifier proofs which may be of independent interest. Our implementation in- curs roughly 8× communication and computation overhead over the standard Signal protocol during regular operation. We find it is nonetheless deployable in a realistic setting as key exchanges (the source of the overhead) still complete in just over 1ms on a modern computer. The avowal protocol induces only constant computation and communication performance for the communicating parties and scales linearly in the number of messages avowed for the verifier—in the tens of milliseconds per avowal.

Armed with Faster Crypto: Optimizing Elliptic Curve Cryptography for ARM Processors

Elliptic curve cryptography is a widely deployed technology for securing digital communication. It is the basis of many cryptographic primitives such as key agreement protocols, digital signatures, and zero-knowledge proofs. Fast elliptic curve cryptography relies on heavily optimised modular arithmetic operations, which are often tailored to specific micro-architectures. In this article, we study and evaluate optimisations of the popular elliptic curve Curve25519 for ARM processors. We specifically target the ARM NEON single instruction, multiple data (SIMD) architecture, which is a popular architecture for modern smartphones. We introduce a novel representation for 128-bit NEON SIMD vectors, optimised for SIMD parallelisation, to accelerate elliptic curve operations significantly. Leveraging this representation, we implement an extended twisted Edwards curve Curve25519 back-end within the popular Rust library “curve25519-dalek”. We extensively evaluate our implementation across multiple ARM devices using both cryptographic benchmarks and the benchmark suite available for the Signal protocol. Our findings demonstrate a substantial back-end speed-up of at least 20% for ARM NEON, along with a noteworthy speed improvement of at least 15% for benchmarked Signal functions.

Applying Software Engineering Based on Peer to Peer ‎‎Communication

The JavaScript programming language was selected to create software creation that facilitates the creation of a video connection between users because it enables the creation of cross-platform apps relatively quickly. For example, “Web Real-Time Communication (WebRTC)” standards do not specify exactly how two browsers initiate and manage communication with one another. The reason for this is that WebRTC does not specify the signaling technique or protocol. This paper's main goal is to design and construct a WebRTC simultaneous video conference between peers utilizing Google Chrome and the Socket.io signaling technology. A Local Area Network was used in this experiment (LAN). Furthermore, an assessment was conducted on the quality of experience (QoE), the Socket.io signaling method, and resources, including bandwidth consumption. This paper describes the simultaneous execution of peer-to-peer video calls with user identification (user-id).

A hybrid deep learning model for detecting DDoS flooding attacks in SIP-based systems

The Session Initiation Protocol (SIP) is widely used for multimedia communication as a signaling protocol to manage, establish, maintain, and terminate multimedia sessions among participants. However, SIP is vulnerable to attacks due to its text-based nature and the lack of adequate security measures. One of the most damaging attacks is the Distributed Denial of Service (DDoS) attack, which consumes resources and blocks legitimate users from accessing the available services. Although various machine learning-based schemes have been proposed to detect DDoS flooding attacks in SIP-based systems, most of them only address INVITE flooding attacks. REGISTER and ACK flooding attacks were not addressed. On the other hand, schemes based on statistical analysis are not sufficiently accurate. In this article, we propose a novel approach classifying DDoS flooding attacks in SIP-based systems using a combination of deep learning and entropy techniques. The proposed approach consists of two components: a hybrid deep learning model and an entropy-based model. The hybrid deep learning model combines convolutional neural networks and a stacked bidirectional long short-term memory network to extract features and classify traffic patterns. The entropy-based model measures the randomness and diversity of traffic flows using Shannon and Rényi entropies. To validate the proposed scheme, we built a balanced dataset of different types and intensities of DDoS flooding attacks. The results showed that the proposed scheme can effectively detect DDoS flooding attacks with high accuracy and low detection time for various attack intensities. Moreover, it surpasses other related schemes in terms of accuracy and detection time.

OTOP: Optimized Transmission Power Controlled OBSS PD-Based Spatial Reuse for High Throughput in IEEE 802.11be WLANs

As wireless local area network (WLAN) devices become more prevalent in various environments, the IEEE 802.11ax standard (Wi-Fi 6), released in 2021, aims to improve the spectral efficiency. The overlapping basic service set (OBSS) packet detection (PD) based spatial reuse (SR) scheme is a main technology for this purpose which can increase channel access opportunities by adjusting parameters. However, the standard only provides boundary values for parameter adjustment and does not provide details on how to optimize the performance, which can lead to a performance degradation. The IEEE 802.11be standard (Wi-Fi 7), established to satisfy extremely high throughput (EHT) demands of next-generation applications, includes the OBSS PD based SR scheme and the coordinated spatial reuse (CSR) scheme to maximize area throughput in dense networks. The CSR scheme optimizes the transmission performance through coordination between access points (APs), which results in additional signaling overhead and protocol complexity. In this paper, an enhanced SR scheme named optimized transmission power based OBSS PD (OTOP) SR is proposed to achieve high throughput in dense networks. The OTOP scheme enhances the parameter control operation of OBSS PD based SR to take advantage of its distributed nature which keeps the signaling overhead and protocol complexity low. The OTOP scheme derives the optimal transmission power that can maximize the transmission success probability of WLAN devices based on stochastic geometry analysis. The simulation results show that the proposed OTOP scheme performs better than the existing SRGM and OBSS PD based SR schemes in terms of throughput, frame error rate, and fairness.

Differential bleaching of quartz and feldspar luminescence signals under high-turbidity conditions

Abstract. Sediment burial dating using optically stimulated luminescence (OSL) is a well-established tool in geochronology. An important but often inapplicable requirement for its successful use is that the OSL signal is sufficiently reset prior to deposition. However, subaqueous bleaching conditions during fluvial transport are vastly understudied; for example the effect of turbidity and sediment mixing on luminescence bleaching rates is only poorly established. The possibility that slow bleaching rates may dominate under certain transport conditions led to the concept that OSL could be used to derive sediment transport histories. The feasibility of this concept is still to be demonstrated, and experimental set-ups are still to be tested. Our contribution to this scientific challenge involves subaquatic bleaching experiments, in which we suspend saturated coastal sand of Miocene age in a circular flume and illuminate it for discrete time intervals with natural light. We record the in situ energy flux density received by the suspended grains in the UV-NIR frequency range by using a broadband spectrometer with a submersible probe. Our analysis includes pre-profiling of each sample following a polymineral multiple signal (PMS) protocol. Using the PMS, the quartz-dominated, blue-stimulated luminescence signal at 125 ∘C (BSL-125) decays slower than the K-feldspar-dominated, infrared-stimulated luminescence signal at 25 ∘C (IR-25) even under subaerial conditions. The BSL-125 from purified quartz shows the opposite behaviour, which renders the PMS unreliable in our case. We find a negative correlation between suspended-sediment concentration and bleaching rate for all the measured signals. For outdoor bleaching experiments we propose to relate the measured luminescence dose to the cumulative received irradiance rather than to the bleaching time. Increases in the sediment concentration lead to a stronger attenuation of the UV–blue compared to the red–NIR wavelength. This attenuation thereby follows an exponential decay that is controlled by the sediment concentration and a wavelength-dependent decay constant, λ. As such λ could potentially be used in numerical models of luminescence signal resetting in turbid suspensions.

An Empirical Study of Deep Learning-Based SS7 Attack Detection

Signalling protocols are responsible for fundamental tasks such as initiating and terminating communication and identifying the state of the communication in telecommunication core networks. Signalling System No. 7 (SS7), Diameter, and GPRS Tunneling Protocol (GTP) are the main protocols used in 2G to 4G, while 5G uses standard Internet protocols for its signalling. Despite their distinct features, and especially their security guarantees, they are most vulnerable to attacks in roaming scenarios: the attacks that target the location update function call for subscribers who are located in a visiting network. The literature tells us that rule-based detection mechanisms are ineffective against such attacks, while the hope lies in deep learning (DL)-based solutions. In this paper, we provide a large-scale empirical study of state-of-the-art DL models, including eight supervised and five semi-supervised, to detect attacks in the roaming scenario. Our experiments use a real-world dataset and a simulated dataset for SS7, and they can be straightforwardly carried out for other signalling protocols upon the availability of corresponding datasets. The results show that semi-supervised DL models generally outperform supervised ones since they leverage both labeled and unlabeled data for training. Nevertheless, the ensemble-based supervised model NODE outperforms others in its category and some in the semi-supervised category. Among all, the semi-supervised model PReNet performs the best regarding the Recall and F1 metrics when all unlabeled data are used for training, and it is also the most stable one. Our experiment also shows that the performances of different semi-supervised models could differ a lot regarding the size of used unlabeled data in training.

Video Relay Service Recording System Using Packet-Capture Multiple Buckets Architecture

This paper presents a research and development work for the automatic service recording system using network-based monitoring approach. The project is under the cooperation of National Science and Technology Development Agency (NSTDA) and Thai Telecommunication Relay Service (TTRS). The goal is to archive and record video relay services offered to the deaf and hard of hearing community. Using the network-based monitoring approach, we can develop a video recording system that is fully automated and intelligent to analyze different kinds of video relay services. In brief, the system functions to capture network traffic and analyze network packets, signaling, and related protocols such as TCP, UDP, SIP, SDP, RTP, as well as H.264, G.711 encoding. Then, it records the relevant media streams, creates a video file containing the whole video relay service conversation, and send the file to archive in the cloud storage. The benefits include verification in case of appeal, service evaluation, and service improvement. A technical challenge in this system development is how to process real-time interactive multi flows because it must detect and process a large number of call signaling and media streams that occur as interactive real time. The optimization is vital so that the system can swiftly do the processing in time, without causing the buffer overflow problem that can degrade the recording quality. In this regard, we developed a novel methodology for processing PCAP (Packet Capture) called Multiple Buckets Architecture. Our test results showed that it can significantly reduce the probability of buffer overflow, making the processing more efficient when compared to the traditional processing of single bucket.

ОПТИМІЗАЦІЯ КОМП’ЮТЕРНОЇ ТЕХНІКИ ПРИ МОДЕРНІЗАЦІЇ ЄДИНОЇ СИСТЕМИ ЦЕНТРАЛІЗОВАНОГО КОНТРОЛЮ І ВИМІРІВ МЕРЕЖІ СКС-7 З ВИКОРИСТАННЯМ РЕСУРСІВ ЦЕНТРУ ОБРОБКИ ДАНИХ

The architecture of the unified system of centralized control and measurements of the SKS-7 network is outdated, the technologies used to organize its work and implement data storage need to be updated and optimized, because the current state of the system causes a decrease in speed and performance, as well as a critical drop in reliability. Considering the factors, there is also a need to modernize the software and hardware of the IP protocol analysis and monitoring system. The system does not provide the full range of functions necessary for a full-fledged analysis of the VoIP network, at the moment. Updating the system architecture became a necessity to improve efficiency and reliability. The work describes the process of modernization of the SKS-7 network control and measurement system using data center resources by optimizing computer equipment and expanding the capabilities of the systems used to monitor the OKS-7 network. The system of analysis and control and measurements of the SKS-7 network is presented and its main functionalities are defined. The main signaling protocols were analyzed and a system of analysis and monitoring of IP protocols was developed. The modernized control and measurement system of the SKS-7 network allows to identify deficiencies when testing elements of telecommunication networks and analyzing their impact on operation, analyzing the information and signal load of SKS-7 and VoIP networks in real time and in previous periods.

Accurate Modeling of CCS Combo Type 1 Cable and Its Communication Performance Analysis for High-Speed EV-EVSE Charging System

This paper addresses the issue of electromagnetic interference (EMI) in electric vehicle supply equipment (EVSE) charging cables, which can disrupt the communication signal for the real-time monitoring of the charging status, leading to the termination of charging. We propose a dedicated measurement jig for the Combined Charging System Combo Type 1 (CCS-CT1) cable structure and models its electrical characteristics of the jig using the impedance peeling technique for de-embedding. The obtained pure S-parameters of CCS-CT1 are then used to conduct a simulation of the signal integrity problem caused by Gaussian noise, which is the worst-case scenario that can occur in a typical charging system. This paper suggests that the root cause of this problem may be related to the high-power AC/DC conversion device included in the EVSE, which uses a switch-mode power conversion (SMPC) method that involves nonlinear operation and can result in increased harmonic noise and a more complex signal protocol for precise control. Finally, this study provides insights into the challenges of implementing high-speed charging systems and offers a solution for obtaining the accurate electromagnetic characteristics of charging cables.

Photonic Gateway and Protocol-Independent End-to-End Optical-Connection Provisioning in All-Photonic Metro-Access Converged Network

The All-Photonics Metro-Access Converged Network (APN) aims to achieve a flat and simple architecture that even covers access areas and represents the evolution of optical transport. Electrical processing functions such as exchange, multiplexing, and switching are uniformly placed at the border of the network segments, <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">i.e.,</i> access, metro, and core networks, in current optical networks. These functions are placed in Data Centric Infrastructure (DCI) and accessed only when needed in the APN. By flexibly providing direct optical connections between user premises and/or DCI according to requests from users and services, the APN creates new types of use cases requiring end-to-end guaranteed wide-bandwidth and/or extremely low latency and jitter along with an information-computing platform. To provide optical paths originating from user terminals that launch client signals using protocols preferable to their applications, we propose a configuration for a novel optical edge node, the Photonic Gateway (GW), and a procedure based on remote control of user terminals to establish end-to-end optical paths that are independent of the client signal protocol. To verify these, we present results of a proof-of-concept experimental demonstration of establishing end-to-end optical paths. An auxiliary management control channel is employed in the protocol-independent access control method. We also describe future challenges facing the Photonic GW that must be addressed.

Peer-to-peer media streaming with HTML5

&lt;p class="Affiliation"&gt;&lt;span lang="EN-US"&gt;The knowledge of web real-time communication (WebRTC) and how its customers and server operations are defined in this study. However, the world wide web consortium (W3C) and the internet engineering task force (IETF) have not yet approved an absolute signaling protocol or a complete application programming interface (API) protocol to implement WebRTC and control communication planning. WebRTC requires some type of signaling mechanism. With Chrome, Firefox, and Opera, the primary objective is to create and implement a WebRTC video call across two clients (peers) in the real world while employing local area network (LAN) and wide area network (WAN). This study also demonstrated the design of the server (as an intermediary) and graphical user interface (GUI). Additionally, a signaling method for the peer-to-peer browser connection on the Node.js platform has been developed and successfully put into use. This paper will provide an understanding of web development and an ability to understand WebRTC technology. It will also discuss how to create WebRTC signaling mechanisms and build video conferencing, as well as how to increase design quality using quality of experience (QoE) techniques.&lt;/span&gt;&lt;/p&gt;

Review of End-to-End Encryption for Social Media

People have valid concerns about their privacy and the use of their personal information by corporations. People do not necessarily trust social media companies to protect their right to privacy. Social media companies are under pressure to provide greater levels of security and privacy to their users. The current gold standard of security protocols for messaging system is the Signal Protocol. The Signal protocol is an open-source end-to-end encryption model. It uses AES-256, HMAC-SHA256 and Curve25519 as its cryptographic primitives. This protocol is currently considered cryptographically sound and provides excellent information security. However, many social media companies are still using less secure protocols often underpinned by less secure primitives. This paper discusses in detail the various cryptographic primitives used in social media apps like WhatsApp, Twitter, Facebook, Snapchat and Instagram.