Tips For Secure Access Service Edge. Access services are the backbone of modern communication networks. They provide connections between devices and allow them to communicate with each other over long distances. The Internet itself would not exist without access services.
Ensure the safety of these communications and network infrastructure. Access services are often a must to implement encryption technologies. This enables their clients (such as mobile phones) to securely connect to them.
Protection of the networks against misuse
“The security of these services is a critical concern for the industry and society at large,” says Prof. “The protection of the networks against misuse, unauthorized access and data theft is a major concern.”
However, network operators face significant challenges when implementing encryption in their access services.
The encryption algorithms
The encryption algorithms are computationally intensive, which may impact the performance of access services. They also require considerable computational power for handling large amounts of data in real time. In addition, providers need to guarantee that communication between end devices. And their access services can be decrypted in a secure manner at any time.
Advanced Encryption Standard (AES)
The researchers developed an optimized version of a cryptographic algorithm called the Advanced Encryption Standard (AES), which will enable network operators to deploy encryption technologies in their access services at significantly lower costs than before. The results of their work have recently been out in the scientific journal “IEEE Transactions on Communications”.
To encrypt and decrypt data
The AES algorithm is to encrypt and decrypts data via a key. The security of the AES algorithm validated the system through extensive research worldwide. It has become a standard for encrypting digital communication channels and high-value data stored on hard drives. For example, it is commonly for mobile devices such as smart phones or tablet PCs to encrypt stored data, emails and text messages sent via SMS or MMS.
Implement AES in communications networks
In order to implement AES in communications networks, it must first be transformed into a form suitable for running on hardware. Such as routers or switches that are in these networks. This process is what we call “implementation” or “optimization”. However, this process requires extensive expertise from cryptographers and software engineers alike.
Further complicating matters is the fact that there must be optimizations. Thus, to ensure that the encrypted data can be safely decrypted at any time by authorized parties who must be able to verify the original contents of the transmitted data with 100 % certainty.
This implementation problem has already been solved for symmetric encryption algorithms. However, until now no solution has been available for asymmetric encryption algorithms such as RSA and ECC (Elliptic Curve Cryptography).
These algorithms play an important role in modern encrypted communication channels. Because they digitally sign and verify the identity of parties involved in secure communications (e.g. when a user logs in to an online banking portal).
Deploy asymmetric encryption
Network operators deploy asymmetric encryption to ensure that their access services can verify their clients’ digital identities.
“For the first time, we developed and implemented symmetric and asymmetric encryption algorithms. Further, in such a manner that they can be on standard hardware,” says the researcher. “This allows us to use standard network devices to implement AES encryption in access services.”
Special optimization approach
The researchers developed an optimized version of the AES algorithm that runs on standard hardware. To do this, they significantly reduced the number of computations required per byte of data. The researchers also developed a special optimization approach for real-time encryption and decryption processes.
Currently, the entire telecommunications industry is converging on this type of hardware for communications network infrastructures, which is why the new optimized algorithm is particularly suitable for use in access services.
Symmetric and asymmetric algorithms
In addition to encryption, symmetric and asymmetric algorithms generate session keys, which are then to encrypt data in real-time communications networks. To do this, the previous key must be first exchanged (e.g. by using RSA or Elliptic Curve Cryptography). This process is what we call “key exchange” or “key agreement”.
It was previously assumed that implementing key exchange algorithms on standard hardware equipment was not possible due to performance limitations.