This paper describes a method to evaluate the modulated waveforms output by a high-speed external phase modulator over a wide wavelength range by using linear optical sampling (LOS) and a wavelength-swept light source. The phase-modulated waveform is sampled by LOS together with the reference signal before modulation, and the modulation waveform is observed by removing the phase noise of the light source extracted from the reference signal. In this process, the frequency offset caused by the optical-path length difference between the measurement and reference interferometers is removed by digital signal processing. A pseudo-random binary-sequence modulated signal is observed with a temporal resolution of 10ps. We obtained a dynamic range of ∼40dB for the measurement bandwidth of 10 nm. When the measurement bandwidth is expanded to entire C-Band (∼35nm), the dynamic ranges of 37∼46dB were observed, depending on the wavelengths. The measurement time was sub-seconds throughout the experiment.

Thanks to the achievements in wireless technology, maximum data rate of wireless LAN systems was rapidly increased recently. As a key part of the WEP and the WPA security for the wireless LAN system, throughput of RC4 must be significantly improved also. This paper proposes two high throughput RC4 architectures. The first one is a RAM-based RC4 using a single of 256-byte tri-port RAM to store the S-box. The core generates 4bits of ciphering key per clock cycle. This paper also proves that 4bits/cycle is the maximum throughput can be achieved by a RAM-based RC4 circuit. The second architecture is a Register-based M-byte RC4 that uses a set of registers to store the S-box. It is able to generate multiple bytes of ciphering key per clock cycle, and is proposed as a novel solution for designing extremely high throughput RC4 core for future WLAN systems. Base on this proposal, a 4-byte RC4 core is developed (M=4). The synthesis results in 90nm ASIC show that: As the same throughput's requirement, the proposed RAM-based and Register-based RC4 can respectively save 60% and 50% of power consumption as compare to that of the most recently works. Moreover, the proposed Register-based design is the best candidate for achieving high throughput at low frequency.

In recent years, wireless LAN systems are widely used in campuses, offices, homes and so on. It is important to discuss the security aspect of wireless LAN networks in order to protect data confidentiality and integrity. The IEEE Standards Association formulated some security protocols, for example, Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access Temporal Key Integrity Protocol (WPA-TKIP). However, these protocols have vulnerability for secure communication. In 2008, we proposed an efffective key recovery attack against WEP and it is called the TeAM-OK attack. In this paper, first, we present a different interpretation and the relation between other attacks and the TeAM-OK attack against WEP. Second, we present some existing attacks against WPA-TKIP and these attacks are not executable in a realistic environment. Then we propose an attack that is executable in a realistic environment against WPA-TKIP. This attack exploits the vulnerability implementation in the QoS packet processing feature of IEEE 802.11e. The receiver receives a falsification packet constructed as part of attack regardless of the setting of IEEE 802.11e. This vulnerability removes the attacker's condition that access points support IEEE 802.11e. We confirm that almost all wireless LAN implementations have this vulnerability. Therefore, almost all WPA-TKIP implementations cannot protect a system against the falsification attack in a realistic environment.

Conventional efficient key recovery attacks against Wired Equivalent Privacy (WEP) require specific initialization vectors or specific packets. Since it takes much time to collect the packets sufficiently, any active attack should be performed. An Intrusion Detection System (IDS), however, will be able to prevent the attack. Since the attack logs are stored at the servers, it is possible to prevent such an attack. This paper proposes an algorithm for recovering a 104-bit WEP key from any IP packets in a realistic environment. This attack needs about 36,500 packets with a success probability 0.5, and the complexity of our attack is equivalent to about 220 computations of the RC4 key setups. Since our attack is passive, it is difficult for both WEP users and administrators to detect our attack.

The WEP (Wired Equivalent Privacy) is a part of IEEE 802.11 standard designed for protecting over-the-air communication. While almost all of the WLAN (Wireless LAN) cards and the APs (Access Points) support WEP, a serious key recovery attack (aka FMS attack) was identified by Fluhrer et al. The FMS attack can basically be prevented by skipping IVs (Initial Values) used in the attack, but naive skip methods reveal information on the WEP key since most of them depend on the WEP key and the patterns of the skipped IV reveal it. In order to skip IVs safely, the skip patterns must be chosen carefully. In this paper, we review the attack conditions (6) and (7), whose success probability is the highest, 0.05, amongst all known conditions to guess one key-byte from one packet. Then we identify their safe skip patterns.

The WEP (Wired Equivalent Privacy) is a part of IEEE 802.11 standard designed for protecting over the air communication. While almost all of the WLAN (Wireless LAN) cards and the APs (Access Points) support WEP, a serious key recovery attack (aka FMS attack) was identified by Fluhrer et al. The attack was then extended and implemented as WEP cracking tools. The key recovery attacks can basically be prevented by skipping certain IVs (Initial Values) called weak IVs, but the problem is that there exist huge amount of key-dependent weak IVs and the patterns of them have not been fully identified yet. The difficult part is that a naive approach to identify the key-dependent weak IVs requires the exhaustive search of IVs and WEP keys, and hence is infeasible. On the other hand, it might be feasible to skip the key-dependent weak IVs for the currently set WEP key but this reveals information on the WEP key from the skipped patterns. To skip them safely, the patterns of the key-dependent weak IVs must be identified in the first place. In this paper, we analyze the famous condition for IVs and WEP keys to be weak in the FMS attack, i.e. 0≤S[1]≤t'

VLSI architecture of IEEE802.11i cipher algorithms is devised dedicatedly for embedded implementation of IEEE802.11a/g wireless communication systems. The proposed architecture consists mainly of RC4 unit for WEP/TKIP and AES unit. The RC4 unit successfully adopts packed memory accessing architecture. As for the AES unit, overlapped pipeline scheme of CBC-MAC and Counter-Mode is exploited in order to conceal processing latency. The cipher core has been implemented with 18 Kgates in 0.18 µm CMOS technology, which achieves the maximum transmission rate of IEEE802.11a/g at 60 MHz clock frequency while consuming 14.5 mW of power.

Motivated by intention to evaluate asymptotically multiple-burst-error-correcting codes on channels with memory, we will derive the following fact. Let {Zi } be a hidden Markov process, i. e. , a functional of a Markov chain with a finite state space, and Wb(Z1Z2Zn) denote the number of burst errors that appear in Z1Z2Zn, where the number of burst errors is counted using Gabidulin's burst metric , 1971. As the main result, we will prove the almost sure convergence of relative burst weight Wb(Z1Z2Zn)/n, i. e. , the relative frequency of occurrence of burst errors, for a broad class of functionals { Zi } of finite Markov chains. Functionals of Markov chains are often adopted as models of the noises on channels, especially on burst-noise channels, the most famous model of which is probably the Gilbert channel proposed in 1960. Those channel models described with Markov chains are called channels with memory (including channels with zero-memory, i. e. , memoryless ones). This work's achievement enables us to extend Gilbert's code performance evaluation in 1952, a landmark that offered the well-known Gilbert bound, discussed its relationship to the (memoryless) binary symmetric channel, and has been serving as a guide for the-Hamming-metric-based design of error-correcting codes, to the case of the-burst-metric-based codes (burst-error-correcting codes) and discrete channels with or without memory.