In the ongoing discourse surrounding integrating QKD networks as a service for critical infrastructures, key storage design often receives insufficient attention. Nonetheless, it bears crucial significance as it profoundly impacts the efficiency of QKD network services, thereby shaping its suitability for diverse applications. In this article, we analyze the effectiveness of key storage designs developed through practical testbeds and propose a novel key storage design to increase the effectiveness of key creation and supply. All key storage designs underwent analysis using network simulation tools, and the findings demonstrate that the novel key storage design surpasses existing approaches in terms of performance.

Next-generation mobile networks, such as 5G/6G, have envisioned the possibility of direct communication between user devices, known as Device-to-Device (D2D) communication. Given that in D2D networks, traffic is transmitted ad-hoc from device to device, the range and quality of service are directly dependent on the number of nodes forming the D2D network. Therefore, we need to incentivize users to participate in the network operation through appropriate compensation for the provided resources and work done. A D2D network formed this way is inherently decentralized, making blockchain the primary choice as a technology. In this paper, we propose a new blockchain-based protocol for active tracing of IP traffic via in-band network telemetry. The experiment demonstrates that the proposed protocol can record all nodes participating in traffic forwarding in the D2D network through active traffic monitoring. Blockchain-based microtransactions can use participation records provided by our protocol to incentivize users to expand and strengthen the D2D network.

With the development of new technologies, next-generation mobile networks have brought new services with strict performance and security requirements. One promising solution that can ensure the highest possible level of security is quantum key distribution (QKD). This technology provides information-theoretical security using the principles of quantum physics. This paper presents an extended analysis of one implementation of the QKD key delivery protocol defined in the ETSI GS QKD 014 standard, considering a multi-user environment. We propose an empirically derived model of key delivery latency in such an environment based on regression analysis of experimental results. Using the proposed model, we estimate the limitations of the implemented solution in terms of maximum number of simultaneous users connected to one key management server, considering several applications in 5G/6G networks.

Every attempt to access to the Internet through a Web browser, email sent, VPN connection, VoIP call, instant message or other use of telecommunications systems involves cryptographic techniques. The most commonly applied technique is asymmetric cryptography, which is generally executed in the background without the user even being aware. It establishes a cryptographic code based on the computational complexity of mathematical problems. However, this type of cryptography, which is widely used in today’s telecommunications systems, is under threat as electronics and computing rapidly develop. The development of fifth-generation cellular networks (5G) is gaining momentum, and given its wide field of application, security requires special attention. This is especially true faced with the development of quantum computers. One solution to this security challenge is to use more advanced techniques to establish cryptographic keys that are not susceptible to attack. An essential part of quantum cryptography, Quantum Key Distribution (QKD) uses the principles of quantum physics to establish and distribute symmetric cryptographic keys between two geographically distant users. QKD establishes information-theoretically secure cryptographic keys that are resistant to eavesdropping when they are created. In this paper, we survey the security challenges and approaches in 5G networks concerning network protocols, interfaces and management organizations. We begin by examining the fundamentals of QKD and discuss the creation of QKD networks and their applications. We then outline QKD network architecture and its components and standards, following with a summary of QKD and post-quantum key distribution techniques and approaches for its integration into existing security frameworks such as VPNs (IPsec and MACsec). We also discuss the requirements, architecture and methods for implementing the FPGA-based encryptors needed to execute cryptographic algorithms with security keys. We discuss the performance and technologies of post-quantum cryptography, and finally, examine reported 5G demonstrations which have used quantum technologies, highlighting future research directions.

: QKD integration into traditional telecommunication networks is anticipated in the upcoming decades in order to maintain adequate levels of communication security. QKD establishes ITS (Information-Theoretic secure) symmetric keys between the two parties, which they may use to sustain secure flow of data even in the post-quantum era. Since QKD-keys are a valuable and scarce resource, they must be carefully maintained. This paper investigates DoS attacks on actual QKD equipment, in which an adversary with access to QKD services depletes the reserves of QKD-keys maintained at the KMS system. As a result, safety precautions are proposed in order to prevent this scenario and maintain operational QKD service.

In this paper, the error performance of coherent systems in presence of imperfect carrier phase estimation is investigated for signals propagating over the two-ray with diffuse power (TWDP) fading channels, in case when synchronization is performed using pilot carrier located out of the signal’s band-width. In that sense, closed-form approximate average binary error probability (ABEP) expressions are derived for binary and quadrature phase shift keying (BPSK and QPSK) modulated signals, with the carrier extracted using phase-locked loop (PLL) and phase noise approximated by Tikhonov probability density function (PDF). Derived expressions are calculated for various combinations of channel and phase loop parameters, enabling us to observe their effects on overall system performance. The accu-racy of derived expressions is verified through their comparison with the exact ABEPs obtained by numerical integration of the appropriate expressions.

Flow table lookup is a well-known bottleneck in software-defined network switches. Associative lookup is the fastest but most costly method. On the other hand, an approximate flow classification based on Bloom filters has an outstanding cost-benefit ratio but comes with a downside of false-positive results. Therefore, we propose a new flow table lookup scheme based on Bloom filters and RAM, which offers a good compromise between cost and performance. We solve the problem of false positives of primary Bloom filters by verifying the results and, if necessary, by linearly searching the contents of secondary RAM. Also, we provide a practical implementation in the FPGA-based SDN switch and experimentally show that the proposed solution can achieve better performance than the classic linear search at the low cost typical of Bloom filters.

New generation networks are facing ever greater demands. When testing new network devices that must process packets at extremely high rates, it is essential to test their functionality and desired performance under maximum traffic load. As a result, in order to test the hardware, a traffic generator is required. This paper proposes an affordable and extensible high-speed FPGA-based Ethernet traffic generator. The proposed solution is able of fully utilizing a 40GbE link, with the possibility of manipulating traffic characteristics at the level of an individual packet. Although intended to run on the DE10-Pro system, the proposed design is portable to other FPGA boards with minimal development effort and changes.

Two-wave with diffuse power (TWDP) is one of the most promising models for description of a small-scale fading effects in the emerging wireless networks. However, its conventional parameterization based on parameters K and Δ is not in line with model’s underlying physical mechanisms. Accordingly, in this paper, we first identified anomalies related to usage of conventional TWDP parameterization in moment-based estimation, showing that the existing Δ-based estimators are unable to provide meaningful estimates in some channel conditions. Then, we derived moment-based estimators of recently introduced physically justified TWDP parameters K and Γ and analyzed their performance through asymptotic variance (AsV) and Cramer–Rao bound (CRB) metrics. Performed analysis has shown that Γ-based estimators managed to overcome all anomalies observed for Δ-based estimators, simultaneously improving the overall moment-based estimation accuracy.

Two-wave with diffuse power (TWDP) is one of the most promising models for the description of small-scale fading effects in 5G networks, which employs mmWave band, and in wireless sensor networks deployed in different cavity environments. However, its current statistical characterization has several fundamental issues. Primarily, conventional TWDP parameterization is not in accordance with the model’s underlying physical mechanisms. In addition, available TWDP expressions for PDF, CDF, and MGF are given either in integral or approximate forms, or as mathematically untractable closed-form expressions. Consequently, the existing TWDP statistical characterization does not allow accurate evaluation of system performance in all fading conditions for most modulation and diversity techniques. In this regard, physically justified TWDP parameterization is proposed and used for further calculations. Additionally, exact infinite-series PDF and CDF are introduced. Based on these expressions, the exact MGF of the SNR is derived in a form suitable for mathematical manipulations. The applicability of the proposed MGF for derivation of the exact average symbol error probability (ASEP) is demonstrated with the example of M-ary PSK modulation. The derived M-ary PSK ASEP expression is further simplified for large SNR values in order to obtain a closed-form asymptotic ASEP, which is shown to be applicable for SNR > 20 dB. All proposed expressions are verified by Monte Carlo simulation in a variety of TWDP fading conditions.

This article proposes geometrically-based stochastic channel model with scatterers homogeneously distributed within <inline-formula> <tex-math notation="LaTeX">$N$ </tex-math></inline-formula>-dimensional (<inline-formula> <tex-math notation="LaTeX">$N$ </tex-math></inline-formula>-D) hyperspherical-shaped scattering region for single-bounce propagation scenario, with arbitrary positions of base station (BS) and mobile station (MS). For such defined geometrically-based stochastic channel model, the angular and temporal statistics are determined by introducing the projective approach. Accordingly, azimuthal angle and time of arrival marginal PDFs are derived in closed form, while the elevation angle PDF can be delivered numerically in general, and in closed-form for specific environmental parameters. The fidelity of the analytically obtained results is evaluated by their comparison to the corresponding normalized histograms. Also, it is shown that the proposed <inline-formula> <tex-math notation="LaTeX">$N$ </tex-math></inline-formula>-D model can be used to analyze some of the existing channel models like 2-D uniform disk and 3-D uniform (hemi)sphere models. Additionally, by introducing the mentioned projective approach, it is shown that the angular statistics of the proposed <inline-formula> <tex-math notation="LaTeX">$N$ </tex-math></inline-formula>-D model are the same as the angular statistics of some nonuniform 2-D and 3-D models, which is an important property of the proposed model. Such observation enabled us, for the first time in the literature, to determinate angular statistics for geometrically-based stochastic channel models such as inverted parabolic scattering model, 2-D Gaussian model and 3-D Gaussian hemisphere model, for arbitrary positions of BS and MS. Such angular characteristics of proposed channel model are validated through several empirical datasets.

Nakagami-m probability density function (pdf) is one of the frequently used distributions for describing fast received signal variations in radio channels, obtained as a result of multipath phenomenon. It is foremost derived by assuming the most general multipath channel model but applying mathematical approximations. Afterward, it is derived without approximations, but based on dedicated physical models with many constraints. Consequently, neither approach can be considered both, universally applicable and exact. Accordingly, in this paper, a novel approach in deriving Nakagami-m pdf is provided, being based on fewer constraints on propagation phenomena than others. Herein, it is shown that Nakagami-m pdf can be obtained as a distribution of a Euclidean distance of a point orthogonally projected from homogeneous distributed n-dimensional hypersphere on N-dimensional space, where received signal envelope is interpreted as mentioned Euclidean distance, with $n$ being a total number of orthogonal multipath components which can reach the receiver in idealized condition and $N$ being a number of these components which reach the receiver in reality (with N < n).

The application of the concept of software-defined networks (SDN) has, on the one hand, led to the simplification and reduction of switches price, and on the other hand, has created a significant number of problems related to the security of the SDN network. In several studies was noted that these problems are related to the lack of flexibility and programmability of the data plane, which is likely first to suffer potential denial-of-service (DoS) attacks. One possible way to overcome this problem is to increase the flexibility of the data plane by increasing the depth of programmability of the packet-switching nodes below the level of flow table management. Therefore, this paper investigates the opportunity of using the architecture of deeply programmable packet-switching nodes (DPPSN) in the implementation of a firewall. Then, an architectural model of the firewall based on a hybrid FPGA/CPU data plane architecture has been proposed and implemented. Realized firewall supports three models of DoS attacks mitigation: DoS traffic filtering on the output interface, DoS traffic filtering on the input interface, and DoS attack redirection to the honeypot. Experimental evaluation of the implemented firewall has shown that DoS traffic filtering at the input interface is the best strategy for DoS attack mitigation, which justified the application of the concept of deep network programmability.

The software-defined networking (SDN) is an articulation of the idea of increasing the network programmability with the aim of solving the problems identified in earlier research, regarding the complex and the time-consuming process of the protocol and interface standardization. An analysis of research in the field of SDN, presented through various review and survey papers, has shown that previous research was not sufficiently focused on flexibility and programmability of the data plane in SDN. Therefore, the goal of this paper is to improve the flexibility of the data plane in SDN by increasing the programmability level of the packet-switching node. To achieve the set goal, it was necessary to choose an appropriate metric for evaluation of flexibility and programmability of the data plane. Since there is no common position on the choice of metrics, a novel metric based on qualitative criteria is proposed in this paper. An existing data plane architectures in SDN are observed through the proposed metric. In the end, a novel data plane architecture, with improved flexibility from the aspect of the qualitative metric, is proposed.

Channel coding is a common technique used to reduce bit-error rate (BER) in a communication channel. In cases where a certain block code is used, there is a known procedure for determining a residual BER (bit-error rate after encoding and decoding). Analysis in opposite direction should determine a block code parameters for optimising system performance in terms of reliability and throughput. This paper proposes an iterative method for addressed problem by introducing some auxiliary function, whose inverse can be written in closed form. We demonstrate the usage of proposed method in determining parameters of suitable binary BCH code to improve error probability during the transmission of BPSK signal over Rayleigh fading channel. The correctness of analytically obtained results are validated by simulation results.