CROSS REFERENCE TO RELATED APPLICATIONS

[0001] This application claims the benefit of U.S. Provisional Patent Application Serial No. 62/501,153 filed May 4, 2017 the contents of which are hereby incorporated by reference in its entirety.

BACKGROUND

[0002] Fountain codes are a class of channel codes appropriate for erasure channels. A fountain code is rate-less, in that an encoder produces an arbitrarily long sequence of output in response to even a finite input, so that the codes do not exhibit a specific coding rate compared to the input source. The erasure channel has several practical implementations. Distribution of packets over the internet, for instance, present a channel in which packets are either delivered correctly or completely lost. Traditional TCP/IP achieves reliable communication in the presence of such losses via acknowledgement and retransmission. A broadcast scenario, in which a client may enter or exit the broadcast at arbitrary times, similarly has a loss characteristic in that data broadcast prior to a client entering the broadcast (e.g., tuning in) is lost from the perspective of the receiver. In a typical broadcast/multicast application, the use of

acknowledgement and retransmission might not scale. In some cases, fountain codes provide a solution for reliable communication in erasure channels without the need for acknowledgement or retransmissions.

[0003] Given an example message, an encoder using a fountain code can produce a continuous output with the property that, if a given amount of data is received from the set of transmissions, the message can be reconstructed reliably despite how the given amount of data was collected (e.g., despite if some transmitted data is lost due to erasure). This property is achieved without the need for acknowledgement. An attempt to achieve this by simply repeatedly looping the transmission of message packets in a message carousel, for instance, suffers from the coupon collector's problem where a client must collect a vast amount of data to ensure a representative of each message packet is received so that the message may be reconstructed. With a fountain code, reconstruction is possible, with high probability, with any set of transmitted data that is sufficiently large. SUMMARY

[0004] It is recognized herein that a fountain code may require side information for decoding. In an example, the use of an encoding symbol ID (ESI) is modified, so as to implicitly encrypt message data by preventing the correct reconstruction of data by an eavesdropper.

[0005] In an example, an apparatus encodes source packets in accordance with a fountain code. During communication of the encoded source packets, the apparatus modifies side information associated with the source packets, such that reconstruction of the source packets by an eavesdropper is prevented or made more difficult. In another example, the apparatus modifies how side information associated with the source packets is used by an intended receiver, such that reconstruction of the source packets by an eavesdropper is prevented or made more difficult when the source packets are transmitted. A key may be shared between the apparatus and an intended receiver. The shared key may be used to modify the side information or to modify how the side information is used.

[0006] This Summary is provided to introduce a selection of concepts in a simplified form that are further described below in the Detailed Description. This Summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter. Furthermore, the claimed subject matter is not limited to limitations that solve any or all disadvantages noted in any part of this disclosure.

BRIEF DESCRIPTION OF THE DRAWINGS

[0007] In order to facilitate a more robust understanding of the application, reference is now made to the accompanying drawings, in which like elements are referenced with like numerals. These drawings should not be construed to limit the application and are intended only to be illustrative.

[0008] Fig. 1 is a block diagram that shows an example of fountain code

communications.

[0009] Fig. 2 is a system diagram of an example internet of things (IoT)

communication system.

[0010] Fig. 3 illustrates an example for encrypting dependency information.

[0011] Fig. 4 is a graph that shows two examples of probability distributions of degree in an LT code.

[0012] Fig. 5 shows an example of modifying an encoding symbol ID (ESI) in constructing a sequence, in accordance with an example embodiment. [0013] Fig. 6 shows an example for producing transmitted packets and side information.

[0014] Fig. 7 is shows an example decoder structure.

[0015] Fig. 8 shows an example of an encoder modification of dependency information in accordance with an example embodiment.

[0016] Fig. 9 shows an example of a decoder modification of dependency information in accordance with an example embodiment.

[0017] Fig. 10 illustrates an example eavesdropper on an example fountain code.

[0018] Fig. 11 is an example plot of an example index difference between a source packet index and a transmitted packet contributor index.

[0019] Fig. 12 depicts an example key derivation.

[0020] Fig. 13 depicts an example embodiment for generating a dynamic encryption key on a per-packet basis.

[0021] Fig. 14 depicts another example embodiment for generating a dynamic encryption key on a per-packet basis.

[0022] Fig. 15 is shows an example system that includes a legitimate receiver, a legitimate transmitter, and an eavesdropper.

[0023] Fig. 16A is a system diagram of an example communications system in which one or more disclosed embodiments may be implemented.

[0024] Fig. 16B is a system diagram illustrating an example wireless transmit/receive unit (WTRU) that may be used within the communications system illustrated in Fig. 16A according to an embodiment.

[0025] Fig. 16C is a system diagram illustrating an example radio access network (RAN) and an example core network (CN) that may be used within the communications system illustrated in Fig. 16A according to an embodiment.

[0026] Fig. 16D is a system diagram illustrating a further example RAN and a further example CN that may be used within the communications system illustrated in Fig. 16A according to an embodiment.

DETAILED DESCRIPTION OF ILLUSTRATIVE EMBODIMENTS

[0027] A detailed description of illustrative embodiments will now be described with reference to the various Figures. Although this description provides a detailed example of possible implementations, it should be noted that the details are intended to be exemplary and in no way limit the scope of the application. [0028] Referring initially to Fig. 1 , a general operation of a fountain code

communication system is shown. As shown, an input or sequence 202 consisting of K S ₂ , ^■■■ , S _K ], is supplied to a fountain encoder 204. The fountain encoder 204 produces an endless stream of output packets 7} together with a description of the set of packets used to form the transmitted packet as dependency or side information ESIj . The transmitted data, which consists of the output packets T and the dependency or side information ESI, are indexed by j, as shown. A decoder 206 may receive a subset of the transmitted packets 7} and the corresponding dependency information ESIj . In the illustrated example, the subscript s (e.g., Ts and ESL) indicates that a subset of the transmitted data 7) and ESIj might arrive at and be received by the decoder 206. In some cases, data transmitted from the encoder 204 might not be received at the decoder 206 because of loss in the channel, or the like. Thus, the subscript 'j ' denotes the set of data that is transmitted, and the subscript 's' denotes a subset of the transmitted data. In one example, the subset of transmitted data includes all of the tranmitted data. In other cases, the subset of transmitted data includes a portion of the data that is transmitted by the encoder 204. A key aspect of the fountain code structure is that the original input sequence {S- , S ₂ , ^■■■ , S _K ] can be constructed from a set of received packets that has slightly more than K elements and may be any subset (T _s and ESL) of the transmitted packets 7). Thus, any packets that are lost due to erasure are irrelevant as long as a sufficient amount of data is collected at the decoder 206. In some cases, selection of appropriate dependency information ESI _S is essential to reconstructing the original sequence 202.

[0029] An early example of a fountain code is the random fountain. Consider by way of example an encoder with a file consisting of K individual equal size packets. The fountain coder may operate to produce a continuous stream of transmitted packets as follows, for example. In the random fountain, at each transmitted time n the encoder randomly selects K bits [G _{l n} , G _{2 n} , ^■■■ , G _{K n} }. The nth transmitted packet is set equal to the bitwise sum, mod 2, of the source packets which are indicated by having corresponding bit of the matrix G _{i n} one.

Explicitly, T _n =∑t ₌₁ Si ^■ G _{i n} . This relation can be written in terms of matrices as T = G ^■ S, where: S denotes the vector of length K consisting of source packets; the vector T (potentially infinitely long) of length D describes the transmitted packets; and the matrix G (of size DxK) describes the dependency of packets for this particular random fountain. For each value of n, the encoder transmits the packet Tn and the corresponding dependency information

[G _{n l} , G _{n 2} , ^■■■ , G _{n K} In the presence of erasures, the receiver will get a subset of these packets. This corresponds to getting a subset of the rows of the matrix G and corresponding transmitted packets. The decoder may use the relation T = G ^■ S defined only for the received packets and structure information. As long as the matrix G has rank exceeding K, this may be inverted to reconstruct the source packets from the received packets. For a random G, this rank may be achieved once sufficient data is received regardless of the specific packets that are used. In some cases, the operation of the fountain code depends on sharing the dependency information used at the encoder. This may be done, for example, assuming the encoder and decoder are

synchronized and used a shared seed for random number generators. Alternatively, the dependency information may be transmitted explicitly as is shown by the encoding symbol ID (ESI) 208 in Fig. 1.

[0030] Turning now to fountain code improvements (e.g., LT and Raptor Codes), the random fountain code may achieve the goals of reliable communication over an erasure channel without the need for retransmissions. In practice, implementation of the decoder can be complex due to the unstructured random nature of G. In some cases, the LT codes address the complexity through intelligent design of the structure matrix. Rather than just uniformly randomly assigning source packets to a transmitted packet, the structure of the decoding process is considered and the number of source packets contributing to a transmitted packet (which is referred to as the transmitted packet degree) is designed to facilitate a system with reduced decoding complexity. Each transmitted packet may have a degree associated therewith. As used herein, unless otherwise specified, the degree of a specific transmitted packet refers to the number of source packets that contribute data to specific transmitted packet 7}. The degree of each transmitted packet 7} may be signaled through the encoded side information ESIj . Rather than needing to invert a general matrix, the code is designed so that incremental reconstruction is possible. Thus, LT codes have been described as a complexity reduction of the random fountain codes. "The LT code retains the good performance of the random linear fountain code, while drastically reducing the encoding and decoding complexities. You can think of the LT code as a sparse random linear fountain code, with a super-cheap approximate decoding algorithm." (Mackay, D.J., 2005. Fountain Codes. IEEE Proceedings-Communications, 152(6), pp. 1062-1068.) Raptor codes can give a further complexity reduction over LT codes while maintaining coding performance.

[0031] Turning now to Falcon Codes, a detailed design (referred to as Falcon codes) incorporating encryption and authentication within LT codes is described in "Falcon Codes: Fast, Authenticated LT Codes" by Juels, Kelly, et al. (IACR Cryptology ePrint Archive 2014 (2014): 903). A goal is to provide a provably secure design while maintaining the advantages of low complexity and erasure channel performance of Raptor codes. It is recognized herein that in this context, there is a variant of Falcon codes that may work well with small messages, which may be defined as messages having a size of 100s of KB to 10s of MB. It is further recognized herein, however, that this message size may greatly exceed the message sizes of a typical IoT application. The aforementioned design modifies the Raptor code described in IETF RFC 5053,

"Raptor Forward Error Correction Scheme for Object Delivery," by using a cryptographically strong pseudo random generator in place of the specific tables of numbers included in the past design. Additionally, the output packets of the Raptor code are passed through a Message

Authentication Code layer prior to transmission. The general structure of the Raptor code that forms each output packet (by selecting the number of source packets to combine, the degree, and specific source packets to combine, and then forming an exclusive or of the source packets to produce an output packet) is reused in the Falcon code. The probability distribution used for selecting the degree and specific source packets is reused, but differs by using a Pseudo-Random

Number Generator (PRNG) rather than the fixed tables used in the Raptor code. It is recognized herein that this design may provide strong encryption at the expense of several modifications to the Raptor code operation.

[0032] Referring to Fig. 2, it is recognized herein that fountain codes, in particular

Raptor codes, may efficiently provide reliable content delivery to a large number of receivers

210 over erasure channels 212. It is further recognized herein that these codes may be ideal, in some cases, for applications in supporting large networks of IoT devices 214 where complexity is limited and data loss is inevitable, such as in the example system 200 shown in Fig 2. By way of another example, low latency applications may similarly benefit from reliable

communications that do not require acknowledgments. In some cases, the value of the data for a particular IoT device 214a is typically small, while the value coming from a large aggregation of

IoT devices 214 is large as compared to the particular IoT device 214a. Due to the low value of any one particular device 214, a low complexity security means may be appropriate. For example, in some cases, a given system is secure as long as the cost in resources to break the security exceeds the value of the contents. Once aggregated, traditional security means may be employed on server devices to protect the aggregated data (e.g., SHA-2). The challenge, as recognized herein, is to provide a low complexity security mechanism for the physical layer communication of IoT devices. Given that Raptor codes may be used to distribute IoT data, a low complexity security means is built on Raptor codes, in accordance with an example embodiment. It is recognized herein that, in some cases, the low transmission rate of typical IoT data (e.g., few bytes per day or week) may imply a significant amount of time needed to collect data for a statistical encryption attack. Low data rates, combined with the timeliness of typical sensor data, which may diminish rapidly in value, may frustrate decryption of even low complexity encryption where the data becomes worthless before sufficient data is collected to break the encryption. A relatively frequent key change may additionally prevent use of previously determined key to be useful for current data.

[0033] In an example embodiment, a Raptor encoding structure for distributing content is exploited to reduce complexity. In an example, the core Raptor encoder and decoder might not be modified. A device 214 may encrypt a key parameter used by a Raptor encoder. Luby, in "Efficient erasure correcting codes" (IEEE Transactions on Information Theory) notes the need to communicate this dependency information per encoded symbol to a decoder: "When using the encoding symbols to recover the original input symbols of the data, the decoder needs to know the degree and set of neighbors of each encoding symbol. There are many different ways of communicating this information to the decoder, depending on the application. For example, the degree and a list of neighbor indices may be given explicitly to the decoder for each encoding symbol. As another example, the degree and neighboring indices of each encoding symbol may be computed by the decoder implicitly based for example on the timing of the reception of the encoding symbol or the position of the encoding symbol relative to the positions of other encoding symbols. As another example, a key may be associated with each encoding symbol and then both the encoder and decoder apply the same function to the key to produce the degree and set of neighbors of the encoding symbol. In this case, the encoder may randomly choose each key it uses to generate an encoding symbol and keys may be passed to the decoder along with the encoding symbols. Each key may instead be produced for example by a deterministic process, e.g., each key may be one larger than the previous key. The encoder and decoder may have access to the same set of random bits, and the key may be used as the seed to a pseudo-random generator that uses these random bits to produce the degree and the neighbors of the encoding symbol. There are a variety of ways to associate a degree and a set of neighbors with an encoding symbol depending on the application, and these implementation details are beyond the scope of this paper."

[0034] In an example, encryption is applied to the above-mentioned dependency information communication, which provides a low complexity physical layer encryption of the data. Since the signaling of dependency information is typically small, the processing power needed may be small. In some cases, this encryption is not inherently strong. For instance, the dependency information length of 24 bits, which is common with Raptor code implementations, may permit a brute force attack exhaustively testing all possible dependency information. It is recognized herein, however, that the value of typical data exchanged in an IoT environment, such as the system 200, is not large, making the value proposition of devoting resources to break this physical layer code unpromising. In an example, use of a cyclic structure can make the data unrecognizable at the physical layer, thereby requiring higher level analysis to break the encryption.

[0035] Referring now to Fig. 3, in one example, dependency or side information 308 is encrypted during communication. In accordance with the illustrated example, a transmitter or IoT device 214 includes a fountain encoder 304, and a receiver 210 includes a fountain decoder 306. A typical fountain code provides output code words as well as side information describing the coding selection parameters. In the example, these coding selection parameters are modified before transmission to the decoder 306. The receiver 210 inverts this modification before the standard fountain decoder 306 can operate. In this illustrated embodiment, individual key negotiation is performed. Once a key is selected, the fountain code transmitter dependency information 308 may be encrypted (shown as an XOR with the key in Fig. 3 for purposes of example), prior to transmission to the channel 212. The receiver 210 may undo this encryption before passing this dependency information to the fountain decoder 306. The fountain code encoder 304 and decoder 306 can operate without modification. Thus, in various embodiments, additional complexity refers to the key determination and modification of the dependency information.

[0036] With continuing reference to Fig. 3, in accordance with the illustrated example, at 311, an initial key negotiation and distribution is performed, so that a secret key is shared between the transmitter 214 and the receiver 210. A collection of source packets 202 for transmission is provided to the encoder 304. The number of source packets, which is referred to as K, is provided to the encoder 304, at 305. At 305, the encoder 304 determines a subset of the source packets 202 to include in each transmitted packet 7}. For each transmitted packet, the number and identity of contributing packets of the source packets 202 is provided to encoder modules 307 and 309. Module 307 produces a description of the contributing packet identifiers via the Encoder Symbol ID (ESI) or side information 308. Module 309 uses the description of contributing packets (ESI) and the original source packets 202 to produce each packet for transmission as an exclusive or of the contributing packets. Module 313 of the transmitter 214 modifies the ESI (side information 308) produced by module 307 based on the negotiated key, thereby producing the encrypted ESI value. The encrypted ESI value and the transmission packet (7}) are sent to the channel 212 for communication. Thus, the data that is sent from the transmitter 214 consists of encrypted ESI values and the transmission packets.

[0037] At the receiver 210, a subset of modified ESI values and a subset of transmitted packets (7V) may be received. A module 315 of the receiver 210 may use the shared key and the encrypted ESI values to reproduce a subset of the original ESI values (ES ). The module 317 uses the original ESI value to determine the same dependency list produced by the encoder module 305. At the receiver 210, a subset of packets (7V) may be received and placed in a packet buffer 321. Each received packet corresponds to a received and decrypted ESI value. Standard fountain coding techniques are used by module 319 to reconstruct the original source packets 202 from the decrypted ESI values ESL and the received packets Ts.

[0038] In an example, security is determined by the ability of an eavesdropper to determine the correct key. The structure of Raptor codes may impose structure on the dependency information. In an example case where the encoding symbol ID (ESI) consists of a bit-mask as in the description of the random fountain code, the structure of the probability distribution used to drive the LT or raptor code exposes a weakness of this design. When an LT or raptor code is used, the probability distribution of the number of contributors to each transmitted packet is not uniform, but is biased as shown by the two example probability distributions shown in Fig. 4. As shown, the degree is biased toward a small number indicating that the number of source packets contributing to a transmitted packet is typically low (e.g., 3) for the parameter value pho. An alternate parameter setting, tau, has a spike at high degree but also exhibits a bias toward a small number. Thus, the probability of a given source packet being included in a transmitted packet may be low, for instance less than 10%. In some cases, the degree depends only upon the structure information and not on the data itself. For example, if the eavesdropper sees the series G _n consisting of key XORed with the dependency information mask G _n , e.g. G _n = G _n v key, the probability of individual bits of (^indicates the bits of K. If a bit has low probability (e.g., less than 50%), that bit of the key is zero. If the bit has a high probability (e.g., greater than 50%), that bit of the key is 1.

[0039] In some use cases of raptor codes, a bit-mask is not used to carry the dependency information. For instance, RFC 5053 uses a 16-bit integer to drive a random number generator used in producing the dependency description ESI. Each transmitted packet includes a 16-bit integer, which drives the ESI. The direct XOR strategy may harshly modify the ESI, thereby altering the number of packets included and the dependency structure in general. One consequence of this is the resulting stream of transmitted packets might no longer be consistently decodable if the ESI is altered. Various effects can be seen. For example, the rank of the dependency information based on the modified ESI might no longer be sufficient to decode. Further, the iterative decoding structure of Raptor codes which ensure, with high probability, that a single source packet contributes to one transmitted packet following removal of previously decoded source packets, may break due to the modification of dependency information. By way of another example, the received data may be decodable, but similar decoding of additional receive data may give an inconsistent result. In this last example, the fountain code structure has been broken indicating an incorrect decoding key was used. The possible decoder failures provide a means for an eavesdropper to give a brute force attack. In some cases, since the ESI is limited to 16-bits, for example, an eavesdropper need only test 2 ¹⁶ possible keys to see which one gives a correct fountain code decodable stream. Increasing the key length naturally increases the number of brute force decode attempts needed, but increases the complexity of supporting raptor codes with such large number of possible ESI values (e.g., table sizes increase greatly).

[0040] In another embodiment, with reference to Fig. 5, the use of the side information 308 is modified based on a secret key 502 (or key value a) rather than modifying the side information 308 itself. An example of this alternate embodiment is shown in Fig. 5 and is an example alternate implementation of securing the communication using the side information 308 associated with a fountain code. To implement encryption based on the side information 308 of a Raptor code, for example, the use of the ESI parameter 308 may be modified using a key 502 shared between the transmitter 214 and the receiver 210. The modification may maintain the degree aspect of the ESI, but may modify the interpretation of the specific packets indicated by an ESI value, as shown in Fig. 5. In particular, as further described below, at 522, a construct sequence operation uses both the ESI or side information 308 and the shared key 502 to produce the sequence description. Thus, the key 502 may modify how the ESI or side information 308 is used to construct the sequence of packets, at 524. The sequences generated from a given ESI value at the Raptor encoder 304 and Raptor decoder 306 may be identically modified based on the input of a shared key 502 having value a. An effect is that the fountain code structure indicated by a sequence of ESI values 308 is altered depending upon the value of the shared key 502.

[0041] With continuing reference to Fig. 5, in accordance with the example, the ESI

308 is not encrypted as it is in the example depicted by Fig. 3. Rather, a process by which the sequence packets is constructed from the ESI is altered. At 311 , the shared key 502 may be negotiated and distributed to the transmitter 214 and the receiver 210, as described with reference to Fig. 3. In accordance with the illustrated example of Fig. 5, the key 502 is provided to sequence construction operations at 522 and 524, and does not modify the ESI values.

Further, as shown, a collection of source packets 202 for transmission is provided to the encoder 304. The number of source packets (K) is also provided to the encoder 304, at 520. At 520, the encoder 304 determines a subset of packets to include in each transmitted packet. For each transmitted packet, the number and identity of contributing source packets may be provided to both a selection descriptor module 521 and a construct sequence module 522. At 521, similar to 307 in Fig. 3, a description of the contributing packet identifiers is produced via the Encoder Symbol ID (ESI) or side information 308. At 522, the description of contributing packets and the key 502 is used to produce a dependency relation. A module 523, which may perform an XOR operation, uses the dependency relation and the original source packets 202 to produce each packet for transmission as an exclusive or of the contributing packets. The ESI value or side information 308 and the transmission packet 7 are sent to the channel for communication. In accordance with the example, the ESI value that is sent to the decoder 306 is unencrypted.

[0042] Continuing with the example, at the receiver, the subset of the transmitted ESI values may be received. At 524, the unencrypted ESI values and the key 502 are used to reproduce the dependency data used at the encoder 304 as output by 523. At the receiver, a subset of packets may be received and placed in the packet buffer 321. Each received packet corresponds to a received ESI value. In some cases, standard fountain coding techniques are used at 525, similar to 319 in Fig. 3, to reconstruct the original source packets 202 from the reproduced dependency values and the received packets.

[0043] Thus, as described with reference to Fig. 5, an apparatus that includes an encoder may encode source packets in accordance with a fountain code, and modify how side information associated with the source packets is used by an intended receiver, such that a reconstruction probability of the source packets by an eavesdropper is reduced. The apparatus may then transmit the source packets to the intended receiver. Further, the apparatus may use a key that is shared with the intended receiver to modify how the side information is used by the intended receiver, without modifying the side information.

[0044] The core of the RFC 5053 method of producing the nth transmitted packet is illustrated in Fig. 6. This uses a 16-bit seed ESI _n to construct a triple [d _n , a _n , b _n ], and then to construct a transmitted packed T _n from the set of K source packets using this triple. In particular, in accordance with an example, the ESI is used to construct three parameters that are organized as a triple [d,a,b] In the triple, the first value d is the degree, which denotes the number of original source packets contributing to the transmitted packet with a given ESI value. The second two parameters a and b are used to produce a list of packet identifiers, and the first d elements define the dependency information used for reconstruction. The value b determines the index of the first packet and the value a is the change in indices.

[0045] Referring to Fig. 6, a Triple Generator takes as input K, the number of packets, and a 16-bit Encoding Symbol ID (ESI 308 above). These inputs are used by the triple generator 602 to determine a triple of outputs [d _n , a _n , b _n ], which are used in a loop to construct the raptor code dependency data.

[0046] An example LT Encoding Symbol Generator defines how to use a triple

[d _n , a _n , b _n ] to produce dependency information. The loop for determining the specific packet indices used in a transmitted packet from RFC 5053 is repeated below:

While (b >= L) do b = (b + a) % L'

Let result = C[b].

For j = l,...,min(d-l,L-l) do b = (b + a) % L'

While (b >= L) do b = (b + a) % L' result = result ^Λ C[b] Return result

[0047] In some cases, the index of the d packets associated with a transmitted packet are determined by ESI through the calculated values a and b of the form of Equation 1 below. The values of d,a,b are derived from the ESI through the triple generator, while L is derived from the code parameters. For example, the value b determines the index of the first packet and the value a is the change in indices.

Equation 1 : Example Index of ith contribution to a transmitted packet

index(i) = (b + i ^■ a) _{mod L} 0 < i < d

[0048] Referring now to Fig. 7, the core of an example decoder is illustrated. The decoder may receive a sequence of transmitted packets and associated encoder symbol information. The sequence of ESI values may be processed by the same triple generator 602 used in the encoder, along with the parameter K defining the number of packets, to produce a sequence of side information descriptor values{[d _n , a _n , b _n ]}. This sequence of descriptor values may be used along with a sequence of received packets by the block decoder to produce the decoded packets. For correct construction, for example, the output of the triple generator at the decoder matches that of the triple generator at the encoder.

[0049] Referring to Fig. 8, in accordance with an example, this construction of dependency information can be modified assuming a 16-bit key a and an initialization vector V has been established. The initialization vector can be exchanged similarly to the key. The initialization vector may enable the ability to change the encryption operation with the same key, thereby preventing replay crypto attacks. As an example, a shared time value can be used as an initialization vector. For example, the triple of values [d _n , a _n , b _n ] can be modified as illustrated in Fig. 8 to produce the modified triple [d _n , a _n , b _n ] . By way of further example, the

modification can be performed in accordance with Equations (2) and (3) depicted below. It is recognized herein that the dynamic generation of keys per transmitted packet, which includes packet information (e.g., TCP sequence number, RTP packet sequence number, or RTP packet timestamp) may function as an alternative to including the Initialization Vector in these calculations. In some cases, an identical modification is needed at the decoder so that, given an ESI value and the same values of key a and Initialization Vector are used at the encoder, the same modified triple is produced. When the triple used at the encoder matches that used at the decoder, the source data may be recovered. In various embodiments, an authorized receiver with the correct key will exactly reproduce the dependency information used by the encoder and operate as without encryption. An eavesdropper attempting a brute force attack with a candidate key β≠ a or Initialization Vector V≠V, might be able to correctly decode the data, although the packets may be reproduced in an unknown order.

[0050] Unlike the simple bitmask, in some cases, the statistics of the set of ESI values, {ESI _n } are not modified. In particular, the degree d may be unchanged. An example brute force attack by an eavesdropper who has access to the sequences of ESI values and transmitted packets, {ESI _n } and {T _n }, is now considered. In a brute force attack, the eavesdropper may try a candidate key /?and Initialization Vector value l^and evaluate the decoding. The eavesdropper may produce a different sequence of triples {[d _n , a _n , b _n , ]} from those corresponding to the correct key. For the key and Initialization Vector values, the values of d _n are unchanged. For a fixed key and Initialization Vector, the modification of a _n and b _n follow a fixed rule. This corresponds to a permutation of the packet indices by a permutation that depends upon the chosen key and Initialization Vector. For example, these modifications may permute the interpretation of source packet indices. In the particular case of a unit multiplier, for example, this permutation may be the same for the a and b values, for instance all the a and b values, with the result that the eavesdropper will not detect any difficulty decoding incorrect data with the wrong key and Initialization Vector. An example impact may be that the sequence of

reconstructed packets will be in a permuted order denoted by permutation π(χ) in the subscripts of the reconstructed packets in Fig. 10, which is described in further detail below.

[0051] Turning now to modifying the ESI, for a given ESI, the set of packets to include in a particular transmitted packet may be determined by Equation 1. An example modification of the a and b values used by the coder is now considered in Equation 2 below. In accordance with the example, given a key a and Initialization Vector V, the key is used as an index into a first look-up-table to determine a first offset m _a . The value of a is modified by addition with the value m _a and the Initialization Vector V. The key a is used as an index into a second look-up- table to determine a second offset o _a . The value of b is modified by addition with o _a .

Equation 2: example modification relations

m _a = LUT _m (a)

o _ay = LUT ₀ (a) + V

ά = ( + TMa)mod L

b = {b + o _ay ) _{mod L}

An example relation expressing the indices from the modified values is described in Equation 3:

Equation 3: example modified index relation

index _{a v} (i) = ( (b + o _{a v} + i ^■ ( + m _a ) ) 0 < i < d

^ ' mod i

[0052] An example relation between the index derived from a key a and Initialization Vector V, index _{a V} (i), and the index derived ignoring the modification, mdex _{0 0} (i)is shown in Equation 4. It is noted that if m _a = 0 , the relation may be a fixed offset that corresponds to permuting the original source data by a fixed cyclic permutation determined by offset o _{a V} .

Equation 4: Example Index relation

index _ay i) = ((b + o _ay ) + i ^■ ( + m _a )) = (index _0>0 (i) + o _{a V} + i ^■ m _a ) 0≤i < d ' mod L mou L

An example difference between the index computed with keys a and β using the same ESI (and hence triple) is computed in Equation 5. It is observed that the difference is independent of ESI.

When the factors m _a = πΐ _β , the difference in indices is constant and differ by a fixed cyclic permutation of the indices.

Equation 5: Example Difference in index generation

index _{a v} (i)— indexa y(i) = ( (o _{a v} — On + i ^■ (m _a — mo) ) 0 < i < d

^ ^' ' mod h

An example plot of this difference in packet indexes produced by different values of offsets is shown in Fig. 11. In accordance with the illustrated example, the sequence with a horizontal plot indicates a constant offset which corresponds to zero difference in the second parameter, i.e. m _a = πΐβ, and hence the decoding results differ in a cyclic permutation of the source packets. The other two example sequences show permutations that depend upon the number of contributors to a transmitted packet, and hence do not correspond to a single permutation of the source data. It may be possible for the decoding to fail due to inconsistency in these cases. In some cases, limited data authenticity is provided by this decoding failure. For example, if an attacker produces fountain coded data with a key having m _a ≠ πΐβ, the decoder may encounter inconsistency in the decoded data indicating it was produced with a different key. In an example in which o _{a V} = θβ γ is required, the keys may differ by authentication ability.

[0053] In some cases, cases corresponding to different cyclic permutations of the packets are indistinguishable and require higher level information to determine the proper order. In this sense, for example, an incorrect key cannot be ruled out in a brute force attack. Despite a restricted key space, in some cases, detection of a correct key requires knowledge of statistics of the packet contents and hence may require a sizable volume of data unless, for example, the order of each source packet can be easily determined. This differs from the initial bitmask fountain code example where analysis of the ESI sequence, {ESI _n }, may allow determining bits of the key.

[0054] Turning now to key determination, the use of a key in a low complexity means of encrypting fountain code data has been described above. The determination of the key is now discussed. In an example IoT system, each device may have an identifier as well as a network. Each device may include a variety of information including, for example and without limitation, a user ID, manufacturer ID, universal product code, serial number, a model number, or the like. A time dependent hash function may be used to produce a key (e.g., 16-bit value) from this information. This key value may then be used within the modified fountain code to perform encryption of the data transmitted by the node. As part of initial set up, the base station may be given the data input to the hash function for each device, and may maintain a record of such data to manage communication as illustrated in Fig. 12, for example. Referring generally to Figs. 3 and 5, at 31 1, a given key determination may be related to shared Channel State Information between the transmitter 214 and the receiver 210, so that the transmitter 214 and the receiver 210 may determine a common shared secret that may be used to determine a key. In another example, device identities (e.g., of the transmitter 214 or the receiver 210) are used to determine the shared key.

[0055] Turning now to per-packet dynamic encryption key generation, in an example, a shared secret between the transmitter and the receiver together with a random-like number carried in a packet, may be used to dynamically change the encryption key. An example of this is shown in Fig. 13.

[0056] Referring to Fig. 13, in accordance with the illustrated example, the shared secret may be derived from one or more properties of the UE (e.g., IoT device 214) that are sent from the UE to the eNB, for example, at the time of registration. This transmission may occur once or more than once, and thus may be infrequent. The transmission may be encrypted with a strong encryption method for enhanced security. The properties may include, for example and without limitation, the model, manufacturer, universal product code, and serial number. A hash function (HASH 1) may be used to generate a number from the properties. In some cases in which the registration is done only once or infrequently, it may be much harder for an eavesdropper to intercept the transmission of the properties than the identifier of the UE, which might exist in every transmitted packet. To make a per-packet encryption key, for example, pseudo-random information in a packet that is known to both the transmitter and the receiver may be utilized. The pseudo-random information may include the TCP sequence number, the RTP packet sequence number and the RTP packet timestamp, etc. This information may be input to a second hash function (HASH 2), which outputs a number. The outputs of the two hash functions, HASH 1 and HASH 2, may be fed into a third hash function (HASH 3), which generates a number that is used as the encryption key for the packet, in accordance with an example.

[0057] The scheme illustrated in Fig. 13 may be further extended by exploiting time- varying random information that is shared between the transmitter and the receiver, but is unavailable to an eavesdropper. One example piece of such information may be the channel state information (CSI) for the channels between the transmitter and the legitimate receiver. An example of this is shown in Fig. 14. As shown, the channels between the transmitter and legitimate receiver are not observable by the eavesdropper, and therefore can be a source of common randomness between the transmitter and the legitimate receiver only, in accordance with an example. In an example mobile environment, the channels may change rapidly over time and that may increase the robustness of this scheme. Referring also to Fig. 15, an example system 1500 is shown in which the channel hi from the transmitter 1502 to the legitimate receiver 1504 and the reverse channel h2 are generally different from the channels h3 and l , which are to the eavesdropper 1506 from the transmitter 1502 and the receiver 1504, respectively. The CSI information that is shared only between the transmitter 1502 and the legitimate receiver 1506 may be obtained as follows. In one example, which may work for a Time Division Duplexing (TDD) system, the transmitter 1502 and the legitimate receiver 1506 calibrate their circuitry (including their RF chains for example) so that the channels hi and h2 are identical within a small error (e.g., reciprocal). After the calibration, the two channels hi and h2 may remain almost identical for some time, at which point a new calibration may be performed. The two channels hi and h2 may generally change over time, but they may change at least substantially in the same way. For the legitimate receiver 1504 to measure channel hi, in some cases, the transmitter sends a signal known to the legitimate receiver 1504, which may be called a reference signal, a pilot signal or a training signal for example. Similarly, for the transmitter to measure h2, the legitimate receiver may send a known signal. In some cases, the channel estimates for hi and h2 may be corrupted by noise and imperfection in channel calibration. The transmitter 1502 and the legitimate receiver 1504 can quantize the channel estimates to arrive at two identical quantized channels. The transmitter 1502 and the legitimate receiver 1504 may have multiple antennas each, and hi may be the channel impulse responses from multiple antennas on the transmitter 1502 to multiple antennas on the legitimate receiver. For example, the transmitter 1502 can select m antennas and the legitimate receiver 1504 can select n antennas, and the number of channels may thus be mxn, and the channels, for instance all the channels, may be represented by hi. Channel h2 may assume a similar role, but for the reverse channels. In some cases, using multiple channels for each direction of communication increases the number of values for the CSI, and thus increases the robustness of the scheme. In some cases, the eavesdropper 1506 cannot measure hi or h2, and it can measure channels h3 and l , which are different from channels hi and h2.

[0058] In another example, feedback is used to convey the CSI. The legitimate receiver 1504 may measure channel hi, and may quantize it, and then may send the channel estimate to the transmitter 1502. When there are multiple antennas on the transmitter 1502 and the legitimate receiver 1504, for example, the measurement can be done for each pair of antennas.

[0059] In yet another example, which may apply to both TDD and Frequency Division

Duplexing (FDD) systems, among others, the transmitter 1502 and the receiver 1506 leverage the linear time invariance (LTI) properties of practical channels to estimate a common composite channel, which captures the aggregate effect of channels hi and h2. Specifically, in accordance with the example, the transmitter 1502 sends a known signal x(n), and the legitimate receiver

1506 receives x(n)*hi(n) + zi(n), where * stands for convolution and zi(n) represents noise. The legitimate receiver 1506 may then transmit the received signal x(n)*hi(n) + zi(n) back to the transmitter 1502, which then receives h2(n)*(x(n)*hi(n) + zi(n)) + Z2(n)= hi(n)*h2(n)*x(n)+ h2(n)*zi(n)+ Z2(n), where the commutative property of the convolution is used. Similarly, the legitimate receiver 1504 can initiate the same process, and end up receiving hi(n)*(x(n)*h2(n) + z'2(n)) + z' i(n)) = hi(n)*h2(n)*x(n)+ hi(n)*z'2(n)+ z'i(n), where z'2(n) and z' i(n) are noise. It is noted that the final received signals in the two example processes are identical except for the noise terms. The transmitter 1502 and the legitimate receiver 1504 can process the two final received signals separately and get an estimate of hi(n)*h2(n). The example can be carried out for the case of multiple antennas on the transmitter 1502 and the legitimate receiver 1504.

[0060] In an alternate embodiment, the offset calculation in Equation 2 is modified to add the Initialization Vector value V prior to the look-up-table access, where the addition is done mod 2 ¹⁶ to give the different equation shown below in Equation 6.

Equation 6: example different modification relations

= LUT _m (a)

[0061] Thus, as described above, an apparatus that includes an encoder may determine an offset, and modify an encoded symbol identity (ESI) by the offset. The apparatus may encode source packets in accordance with a fountain code and the modified ESI to construct output packets, and send the output packets and the modified ESI to a receiver, such that the receiver can reconstruct the source packets from the output packets by using a key and the ESI. In an example, a key may be used to determine the offset. In another example, the offset includes a first offset and a second offset, and the ESI includes a sequence of values. Further, based on the key, the apparatus may retrieve the first offset and the second offset from respective look-up tables, and apply the first offset the second offset to a first value and a second value,

respectively, in the sequence of values. In another example, the apparatus may generate the key based on information specific to the apparatus. Such information may change with respect to time. For example, the apparatus may generate the key based on state information of a channel between the apparatus and the receiver.

[0062] Fig. 16A is a diagram illustrating an example communications system 100 in which one or more disclosed embodiments may be implemented. The communications system 100 may be a multiple access system that provides content, such as voice, data, video, messaging, broadcast, etc., to multiple wireless users. The communications system 100 may enable multiple wireless users to access such content through the sharing of system resources, including wireless bandwidth. For example, the communications systems 100 may employ one or more channel access methods, such as code division multiple access (CDMA), time division multiple access (TDMA), frequency division multiple access (FDMA), orthogonal FDMA (OFDMA), single-carrier FDMA (SC-FDMA), zero-tail unique-word DFT-Spread OFDM (ZT UW DTS-s OFDM), unique word OFDM (UW-OFDM), resource block-filtered OFDM, filter bank multicarrier (FBMC), and the like.

[0063] As shown in Fig. 16A, the communications system 100 may include wireless transmit/receive units (WTRUs) 102a, 102b, 102c, 102d, a RAN 104/113, a CN 106/115, a public switched telephone network (PSTN) 108, the Internet 110, and other networks 112, though it will be appreciated that the disclosed embodiments contemplate any number of WTRUs, base stations, networks, and/or network elements. Each of the WTRUs 102a, 102b, 102c, 102d may be any type of device configured to operate and/or communicate in a wireless environment. By way of example, the WTRUs 102a, 102b, 102c, 102d, any of which may be referred to as a "station" and/or a "STA", may be configured to transmit and/or receive wireless signals and may include a user equipment (UE), a mobile station, a fixed or mobile subscriber unit, a subscription-based unit, a pager, a cellular telephone, a personal digital assistant (PDA), a smartphone, a laptop, a netbook, a personal computer, a wireless sensor, a hotspot or Mi-Fi device, an Internet of Things (IoT) device, a watch or other wearable, a head-mounted display (HMD), a vehicle, a drone, a medical device and applications (e.g., remote surgery), an industrial device and applications (e.g., a robot and/or other wireless devices operating in an industrial and/or an automated processing chain contexts), a consumer electronics device, a device operating on commercial and/or industrial wireless networks, and the like. Any of the WTRUs 102a, 102b, 102c and 102d may be interchangeably referred to as a UE.

[0064] The communications systems 100 may also include a base station 114a and/or a base station 114b. Each of the base stations 114a, 114b may be any type of device configured to wirelessly interface with at least one of the WTRUs 102a, 102b, 102c, 102d to facilitate access to one or more communication networks, such as the CN 106/115, the Internet 110, and/or the other networks 112. By way of example, the base stations 114a, 114b may be a base transceiver station (BTS), a Node-B, an eNode B, a Home Node B, a Home eNode B, a gNB, a NR NodeB, a site controller, an access point (AP), a wireless router, and the like. While the base stations 114a, 114b are each depicted as a single element, it will be appreciated that the base stations 114a, 114b may include any number of interconnected base stations and/or network elements.

[0065] The base station 114a may be part of the RAN 104/113, which may also include other base stations and/or network elements (not shown), such as a base station controller (BSC), a radio network controller (RNC), relay nodes, etc. The base station 114a and/or the base station 114b may be configured to transmit and/or receive wireless signals on one or more carrier frequencies, which may be referred to as a cell (not shown). These frequencies may be in licensed spectrum, unlicensed spectrum, or a combination of licensed and unlicensed spectrum. A cell may provide coverage for a wireless service to a specific geographical area that may be relatively fixed or that may change over time. The cell may further be divided into cell sectors. For example, the cell associated with the base station 114a may be divided into three sectors. Thus, in one embodiment, the base station 114a may include three transceivers, i.e., one for each sector of the cell. In an embodiment, the base station 114a may employ multiple-input multiple output (MIMO) technology and may utilize multiple transceivers for each sector of the cell. For example, beamforming may be used to transmit and/or receive signals in desired spatial directions.

[0066] The base stations 114a, 114b may communicate with one or more of the WTRUs 102a, 102b, 102c, 102d over an air interface 116, which may be any suitable wireless communication link (e.g., radio frequency (RF), microwave, centimeter wave, micrometer wave, infrared (IR), ultraviolet (UV), visible light, etc.). The air interface 116 may be established using any suitable radio access technology (RAT).

[0067] More specifically, as noted above, the communications system 100 may be a multiple access system and may employ one or more channel access schemes, such as CDMA, TDMA, FDMA, OFDMA, SC-FDMA, and the like. For example, the base station 114a in the RAN 104/113 and the WTRUs 102a, 102b, 102c may implement a radio technology such as Universal Mobile Telecommunications System (UMTS) Terrestrial Radio Access (UTRA), which may establish the air interface 115/116/117 using wideband CDMA (WCDMA).

WCDMA may include communication protocols such as High-Speed Packet Access (HSPA) and/or Evolved HSPA (HSPA+). HSPA may include High-Speed Downlink (DL) Packet Access (HSDPA) and/or High-Speed UL Packet Access (HSUPA).

[0068] In an embodiment, the base station 114a and the WTRUs 102a, 102b, 102c may implement a radio technology such as Evolved UMTS Terrestrial Radio Access (E-UTRA), which may establish the air interface 116 using Long Term Evolution (LTE) and/or LTE- Advanced (LTE-A) and/or LTE- Advanced Pro (LTE-A Pro).

[0069] In an embodiment, the base station 114a and the WTRUs 102a, 102b, 102c may implement a radio technology such as NR Radio Access, which may establish the air interface 116 using New Radio (NR).

[0070] In an embodiment, the base station 114a and the WTRUs 102a, 102b, 102c may implement multiple radio access technologies. For example, the base station 114a and the WTRUs 102a, 102b, 102c may implement LTE radio access and NR radio access together, for instance using dual connectivity (DC) principles. Thus, the air interface utilized by WTRUs 102a, 102b, 102c may be characterized by multiple types of radio access technologies and/or transmissions sent to/from multiple types of base stations (e.g., a eNB and a gNB).

[0071] In other embodiments, the base station 114a and the WTRUs 102a, 102b, 102c may implement radio technologies such as IEEE 802.11 (i.e., Wireless Fidelity (WiFi), IEEE 802.16 (i.e., Worldwide Interoperability for Microwave Access (WiMAX)), CDMA2000, CDMA2000 IX, CDMA2000 EV-DO, Interim Standard 2000 (IS-2000), Interim Standard 95 (IS-95), Interim Standard 856 (IS-856), Global System for Mobile communications (GSM), Enhanced Data rates for GSM Evolution (EDGE), GSM EDGE (GERAN), and the like.

[0072] The base station 114b in Fig. 16A may be a wireless router, Home Node B, Home eNode B, or access point, for example, and may utilize any suitable RAT for facilitating wireless connectivity in a localized area, such as a place of business, a home, a vehicle, a campus, an industrial facility, an air corridor (e.g., for use by drones), a roadway, and the like. In one embodiment, the base station 114b and the WTRUs 102c, 102d may implement a radio technology such as IEEE 802.11 to establish a wireless local area network (WLAN). In an embodiment, the base station 114b and the WTRUs 102c, 102d may implement a radio technology such as IEEE 802.15 to establish a wireless personal area network (WPAN). In yet another embodiment, the base station 114b and the WTRUs 102c, 102d may utilize a cellular- based RAT (e.g., WCDMA, CDMA2000, GSM, LTE, LTE-A, LTE-A Pro, NR etc.) to establish a picocell or femtocell. As shown in Fig. 16 A, the base station 114b may have a direct connection to the Internet 110. Thus, the base station 114b may not be required to access the Internet 110 via the CN 106/115.

[0073] The RAN 104/113 may be in communication with the CN 106/115, which may be any type of network configured to provide voice, data, applications, and/or voice over internet protocol (VoIP) services to one or more of the WTRUs 102a, 102b, 102c, 102d. The data may have varying quality of service (QoS) requirements, such as differing throughput requirements, latency requirements, error tolerance requirements, reliability requirements, data throughput requirements, mobility requirements, and the like. The CN 106/115 may provide call control, billing services, mobile location-based services, pre-paid calling, Internet connectivity, video distribution, etc., and/or perform high-level security functions, such as user authentication.

Although not shown in Fig. 16A, it will be appreciated that the RAN 104/113 and/or the CN

106/115 may be in direct or indirect communication with other RANs that employ the same RAT as the RAN 104/113 or a different RAT. For example, in addition to being connected to the RAN 104/113, which may be utilizing a NR radio technology, the CN 106/115 may also be in communication with another RAN (not shown) employing a GSM, UMTS, CDMA 2000, WiMAX, E-UTRA, or WiFi radio technology.

[0074] The CN 106/115 may also serve as a gateway for the WTRUs 102a, 102b, 102c, 102d to access the PSTN 108, the Internet 110, and/or the other networks 112. The PSTN 108 may include circuit-switched telephone networks that provide plain old telephone service (POTS). The Internet 110 may include a global system of interconnected computer networks and devices that use common communication protocols, such as the transmission control protocol (TCP), user datagram protocol (UDP) and/or the internet protocol (IP) in the TCP/IP internet protocol suite. The networks 112 may include wired and/or wireless communications networks owned and/or operated by other service providers. For example, the networks 112 may include another CN connected to one or more RANs, which may employ the same RAT as the RAN 104/113 or a different RAT.

[0075] Some or all of the WTRUs 102a, 102b, 102c, 102d in the communications system 100 may include multi-mode capabilities (e.g., the WTRUs 102a, 102b, 102c, 102d may include multiple transceivers for communicating with different wireless networks over different wireless links). For example, the WTRU 102c shown in Fig. 16A may be configured to communicate with the base station 114a, which may employ a cellular-based radio technology, and with the base station 114b, which may employ an IEEE 802 radio technology.

[0076] Fig. 16B is a system diagram illustrating an example WTRU 102. As shown in Fig. 16B, the WTRU 102 may include a processor 118, a transceiver 120, a transmit/receive element 122, a speaker/microphone 124, a keypad 126, a display/touchpad 128, non-removable memory 130, removable memory 132, a power source 134, a global positioning system (GPS) chipset 136, and/or other peripherals 138, among others. It will be appreciated that the WTRU 102 may include any sub-combination of the foregoing elements while remaining consistent with an embodiment.

[0077] The processor 118 may be a general-purpose processor, a special purpose processor, a conventional processor, a digital signal processor (DSP), a plurality of

microprocessors, one or more microprocessors in association with a DSP core, a controller, a microcontroller, Application Specific Integrated Circuits (ASICs), Field Programmable Gate

Arrays (FPGAs) circuits, any other type of integrated circuit (IC), a state machine, and the like.

The processor 118 may perform signal coding, data processing, power control, input/output processing, and/or any other functionality that enables the WTRU 102 to operate in a wireless environment. The processor 118 may be coupled to the transceiver 120, which may be coupled to the transmit/receive element 122. While Fig. 16B depicts the processor 118 and the transceiver 120 as separate components, it will be appreciated that the processor 118 and the transceiver 120 may be integrated together in an electronic package or chip.

[0078] The transmit/receive element 122 may be configured to transmit signals to, or receive signals from, a base station (e.g., the base station 114a) over the air interface 116. For example, in one embodiment, the transmit/receive element 122 may be an antenna configured to transmit and/or receive RF signals. In an embodiment, the transmit/receive element 122 may be an emitter/detector configured to transmit and/or receive IR, UV, or visible light signals, for example. In yet another embodiment, the transmit/receive element 122 may be configured to transmit and/or receive both RF and light signals. It will be appreciated that the transmit/receive element 122 may be configured to transmit and/or receive any combination of wireless signals.

[0079] Although the transmit/receive element 122 is depicted in Fig. 16B as a single element, the WTRU 102 may include any number of transmit/receive elements 122. More specifically, the WTRU 102 may employ MIMO technology. Thus, in one embodiment, the WTRU 102 may include two or more transmit/receive elements 122 (e.g., multiple antennas) for transmitting and receiving wireless signals over the air interface 116.

[0080] The transceiver 120 may be configured to modulate the signals that are to be transmitted by the transmit/receive element 122 and to demodulate the signals that are received by the transmit/receive element 122. As noted above, the WTRU 102 may have multi-mode capabilities. Thus, the transceiver 120 may include multiple transceivers for enabling the WTRU 102 to communicate via multiple RATs, such as NR and IEEE 802.11, for example.

[0081] The processor 118 of the WTRU 102 may be coupled to, and may receive user input data from, the speaker/microphone 124, the keypad 126, and/or the display/touchpad 128 (e.g., a liquid crystal display (LCD) display unit or organic light-emitting diode (OLED) display unit). The processor 118 may also output user data to the speaker/microphone 124, the keypad 126, and/or the display/touchpad 128. In addition, the processor 118 may access information from, and store data in, any type of suitable memory, such as the non-removable memory 130 and/or the removable memory 132. The non-removable memory 130 may include random-access memory (RAM), read-only memory (ROM), a hard disk, or any other type of memory storage device. The removable memory 132 may include a subscriber identity module (SIM) card, a memory stick, a secure digital (SD) memory card, and the like. In other embodiments, the processor 118 may access information from, and store data in, memory that is not physically located on the WTRU 102, such as on a server or a home computer (not shown). [0082] The processor 118 may receive power from the power source 134, and may be configured to distribute and/or control the power to the other components in the WTRU 102. The power source 134 may be any suitable device for powering the WTRU 102. For example, the power source 134 may include one or more dry cell batteries (e.g., nickel-cadmium (NiCd), nickel-zinc (NiZn), nickel metal hydride (NiMH), lithium-ion (Li-ion), etc.), solar cells, fuel cells, and the like.

[0083] The processor 118 may also be coupled to the GPS chipset 136, which may be configured to provide location information (e.g., longitude and latitude) regarding the current location of the WTRU 102. In addition to, or in lieu of, the information from the GPS chipset 136, the WTRU 102 may receive location information over the air interface 116 from a base station (e.g., base stations 114a, 114b) and/or determine its location based on the timing of the signals being received from two or more nearby base stations. It will be appreciated that the WTRU 102 may acquire location information by way of any suitable location-determination method while remaining consistent with an embodiment.

[0084] The processor 118 may further be coupled to other peripherals 138, which may include one or more software and/or hardware modules that provide additional features, functionality and/or wired or wireless connectivity. For example, the peripherals 138 may include an accelerometer, an e-compass, a satellite transceiver, a digital camera (for photographs and/or video), a universal serial bus (USB) port, a vibration device, a television transceiver, a hands free headset, a Bluetooth® module, a frequency modulated (FM) radio unit, a digital music player, a media player, a video game player module, an Intemet browser, a Virtual Reality and/or Augmented Reality (VR/AR) device, an activity tracker, and the like. The peripherals 138 may include one or more sensors, the sensors may be one or more of a gyroscope, an accelerometer, a hall effect sensor, a magnetometer, an orientation sensor, a proximity sensor, a temperature sensor, a time sensor; a geolocation sensor; an altimeter, a light sensor, a touch sensor, a magnetometer, a barometer, a gesture sensor, a biometric sensor, and/or a humidity sensor.

[0085] The WTRU 102 may include a full duplex radio for which transmission and reception of some or all of the signals (e.g., associated with particular subframes for both the UL

(e.g., for transmission) and downlink (e.g., for reception) may be concurrent and/or

simultaneous. The full duplex radio may include an interference management unit 139 to reduce and or substantially eliminate self-interference via either hardware (e.g., a choke) or signal processing via a processor (e.g., a separate processor (not shown) or via processor 118). In an embodiment, the WRTU 102 may include a half-duplex radio for which transmission and reception of some or all of the signals (e.g., associated with particular subframes for either the UL (e.g., for transmission) or the downlink (e.g., for reception)).

[0086] Fig. 16C is a system diagram illustrating the RAN 104 and the CN 106 according to an embodiment. As noted above, the RAN 104 may employ an E-UTRA radio technology to communicate with the WTRUs 102a, 102b, 102c over the air interface 116. The RAN 104 may also be in communication with the CN 106.

[0087] The RAN 104 may include eNode-Bs 160a, 160b, 160c, though it will be appreciated that the RAN 104 may include any number of eNode-Bs while remaining consistent with an embodiment. The eNode-Bs 160a, 160b, 160c may each include one or more transceivers for communicating with the WTRUs 102a, 102b, 102c over the air interface 116. In one embodiment, the eNode-Bs 160a, 160b, 160c may implement MIMO technology. Thus, the eNode-B 160a, for example, may use multiple antennas to transmit wireless signals to, and/or receive wireless signals from, the WTRU 102a.

[0088] Each of the eNode-Bs 160a, 160b, 160c may be associated with a particular cell (not shown) and may be configured to handle radio resource management decisions, handover decisions, scheduling of users in the UL and/or DL, and the like. As shown in Fig. 16C, the eNode-Bs 160a, 160b, 160c may communicate with one another over an X2 interface.

[0089] The CN 106 shown in Fig. 16C may include a mobility management entity (MME) 162, a serving gateway (SGW) 164, and a packet data network (PDN) gateway (or PGW) 166. While each of the foregoing elements are depicted as part of the CN 106, it will be appreciated that any of these elements may be owned and/or operated by an entity other than the CN operator.

[0090] The MME 162 may be connected to each of the eNode-Bs 162a, 162b, 162c in the RAN 104 via an S I interface and may serve as a control node. For example, the MME 162 may be responsible for authenticating users of the WTRUs 102a, 102b, 102c, bearer

activation/deactivation, selecting a particular serving gateway during an initial attach of the WTRUs 102a, 102b, 102c, and the like. The MME 162 may provide a control plane function for switching between the RAN 104 and other RANs (not shown) that employ other radio technologies, such as GSM and/or WCDMA.

[0091] The SGW 164 may be connected to each of the eNode Bs 160a, 160b, 160c in the RAN 104 via the SI interface. The SGW 164 may generally route and forward user data packets to/from the WTRUs 102a, 102b, 102c. The SGW 164 may perform other functions, such as anchoring user planes during inter-eNode B handovers, triggering paging when DL data is available for the WTRUs 102a, 102b, 102c, managing and storing contexts of the WTRUs 102a, 102b, 102c, and the like.

[0092] The SGW 164 may be connected to the PGW 166, which may provide the WTRUs 102a, 102b, 102c with access to packet-switched networks, such as the Internet 110, to facilitate communications between the WTRUs 102a, 102b, 102c and IP-enabled devices.

[0093] The CN 106 may facilitate communications with other networks. For example, the CN 106 may provide the WTRUs 102a, 102b, 102c with access to circuit-switched networks, such as the PSTN 108, to facilitate communications between the WTRUs 102a, 102b, 102c and traditional land-line communications devices. For example, the CN 106 may include, or may communicate with, an IP gateway (e.g., an IP multimedia subsystem (IMS) server) that serves as an interface between the CN 106 and the PSTN 108. In addition, the CN 106 may provide the WTRUs 102a, 102b, 102c with access to the other networks 112, which may include other wired and/or wireless networks that are owned and/or operated by other service providers.

[0094] Although the WTRU is described in Figs. 16A-16D as a wireless terminal, it is contemplated that in certain representative embodiments that such a terminal may use (e.g., temporarily or permanently) wired communication interfaces with the communication network.

[0095] In representative embodiments, the other network 112 may be a WLAN.

[0096] A WLAN in Infrastructure Basic Service Set (BSS) mode may have an Access Point (AP) for the BSS and one or more stations (STAs) associated with the AP. The AP may have an access or an interface to a Distribution System (DS) or another type of wired/wireless network that carries traffic in to and/or out of the BSS. Traffic to STAs that originates from outside the BSS may arrive through the AP and may be delivered to the STAs. Traffic originating from STAs to destinations outside the BSS may be sent to the AP to be delivered to respective destinations. Traffic between STAs within the BSS may be sent through the AP, for example, where the source STA may send traffic to the AP and the AP may deliver the traffic to the destination STA. The traffic between STAs within a BSS may be considered and/or referred to as peer-to-peer traffic. The peer-to-peer traffic may be sent between (e.g., directly between) the source and destination STAs with a direct link setup (DLS). In certain representative embodiments, the DLS may use an 802. l ie DLS or an 802.1 lz tunneled DLS (TDLS). A WLAN using an Independent BSS (IBSS) mode may not have an AP, and the STAs (e.g., all of the STAs) within or using the IBSS may communicate directly with each other. The IBSS mode of communication may sometimes be referred to herein as an "ad-hoc" mode of communication.

[0097] When using the 802.11 ac infrastructure mode of operation or a similar mode of operations, the AP may transmit a beacon on a fixed channel, such as a primary channel. The primary channel may be a fixed width (e.g., 20 MHz wide bandwidth) or a dynamically set width via signaling. The primary channel may be the operating channel of the BSS and may be used by the STAs to establish a connection with the AP. In certain representative embodiments, Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) may be implemented, for example in in 802.11 systems. For CSMA/CA, the STAs (e.g., every STA), including the AP, may sense the primary channel. If the primary channel is sensed/detected and/or determined to be busy by a particular STA, the particular STA may back off. One STA (e.g., only one station) may transmit at any given time in a given BSS.

[0098] High Throughput (HT) STAs may use a 40 MHz wide channel for

communication, for example, via a combination of the primary 20 MHz channel with an adjacent or nonadjacent 20 MHz channel to form a 40 MHz wide channel.

[0099] Very High Throughput (VHT) STAs may support 20MHz, 40 MHz, 80 MHz, and/or 160 MHz wide channels. The 40 MHz, and/or 80 MHz, channels may be formed by combining contiguous 20 MHz channels. A 160 MHz channel may be formed by combining 8 contiguous 20 MHz channels, or by combining two non-contiguous 80 MHz channels, which may be referred to as an 80+80 configuration. For the 80+80 configuration, the data, after channel encoding, may be passed through a segment parser that may divide the data into two streams. Inverse Fast Fourier Transform (IFFT) processing, and time domain processing, may be done on each stream separately. The streams may be mapped on to the two 80 MHz channels, and the data may be transmitted by a transmitting STA. At the receiver of the receiving STA, the above described operation for the 80+80 configuration may be reversed, and the combined data may be sent to the Medium Access Control (MAC).

[00100] Sub 1 GHz modes of operation are supported by 802.1 laf and 802.1 lah. The channel operating bandwidths, and carriers, are reduced in 802.1 laf and 802.1 lah relative to those used in 802.11η, and 802.1 lac. 802.1 laf supports 5 MHz, 10 MHz and 20 MHz bandwidths in the TV White Space (TVWS) spectrum, and 802.1 lah supports 1 MHz, 2 MHz, 4 MHz, 8 MHz, and 16 MHz bandwidths using non-TVWS spectrum. According to a

representative embodiment, 802.1 lah may support Meter Type Control/Machine-Type

Communications, such as MTC devices in a macro coverage area. MTC devices may have certain capabilities, for example, limited capabilities including support for (e.g., only support for) certain and/or limited bandwidths. The MTC devices may include a battery with a battery life above a threshold (e.g., to maintain a very long battery life).

[00101] WLAN systems, which may support multiple channels, and channel bandwidths, such as 802.1 In, 802.1 lac, 802.1 laf, and 802.1 lah, include a channel which may be designated as the primary channel. The primary channel may have a bandwidth equal to the largest common operating bandwidth supported by all STAs in the BSS. The bandwidth of the primary channel may be set and/or limited by a STA, from among all STAs in operating in a BSS, which supports the smallest bandwidth operating mode. In the example of 802.1 lah, the primary channel may be 1 MHz wide for STAs (e.g., MTC type devices) that support (e.g., only support) a 1 MHz mode, even if the AP, and other STAs in the BSS support 2 MHz, 4 MHz, 8 MHz, 16 MHz, and/or other channel bandwidth operating modes. Carrier sensing and/or Network Allocation Vector (NAV) settings may depend on the status of the primary channel. If the primary channel is busy, for example, due to a STA (which supports only a 1 MHz operating mode), transmitting to the AP, the entire available frequency bands may be considered busy even though a majority of the frequency bands remains idle and may be available.

[00102] In the United States, the available frequency bands, which may be used by 802.1 lah, are from 902 MHz to 928 MHz. In Korea, the available frequency bands are from 917.5 MHz to 923.5 MHz. In Japan, the available frequency bands are from 916.5 MHz to 927.5 MHz. The total bandwidth available for 802.1 lah is 6 MHz to 26 MHz depending on the country code.

[00103] Fig. 16D is a system diagram illustrating the RAN 113 and the CN 115 according to an embodiment. As noted above, the RAN 113 may employ an NR radio technology to communicate with the WTRUs 102a, 102b, 102c over the air interface 116. The RAN 113 may also be in communication with the CN 115.

[00104] The RAN 113 may include gNBs 180a, 180b, 180c, though it will be appreciated that the RAN 113 may include any number of gNBs while remaining consistent with an embodiment. The gNBs 180a, 180b, 180c may each include one or more transceivers for communicating with the WTRUs 102a, 102b, 102c over the air interface 116. In one

embodiment, the gNBs 180a, 180b, 180c may implement MIMO technology. For example, gNBs

180a, 108b may utilize beamforming to transmit signals to and/or receive signals from the gNBs

180a, 180b, 180c. Thus, the gNB 180a, for example, may use multiple antennas to transmit wireless signals to, and/or receive wireless signals from, the WTRU 102a. In an embodiment, the gNBs 180a, 180b, 180c may implement carrier aggregation technology. For example, the gNB

180a may transmit multiple component carriers to the WTRU 102a (not shown). A subset of these component carriers may be on unlicensed spectrum while the remaining component carriers may be on licensed spectrum. In an embodiment, the gNBs 180a, 180b, 180c may implement Coordinated Multi-Point (CoMP) technology. For example, WTRU 102a may receive coordinated transmissions from gNB 180a and gNB 180b (and/or gNB 180c). [00105] The WTRUs 102a, 102b, 102c may communicate with gNBs 180a, 180b, 180c using transmissions associated with a scalable numerology. For example, the OFDM symbol spacing and/or OFDM subcarrier spacing may vary for different transmissions, different cells, and/or different portions of the wireless transmission spectrum. The WTRUs 102a, 102b, 102c may communicate with gNBs 180a, 180b, 180c using subframe or transmission time intervals (TTIs) of various or scalable lengths (e.g., containing varying number of OFDM symbols and/or lasting varying lengths of absolute time).

[00106] The gNBs 180a, 180b, 180c may be configured to communicate with the WTRUs 102a, 102b, 102c in a standalone configuration and/or a non-standalone configuration. In the standalone configuration, WTRUs 102a, 102b, 102c may communicate with gNBs 180a, 180b, 180c without also accessing other RANs (e.g., such as eNode-Bs 160a, 160b, 160c). In the standalone configuration, WTRUs 102a, 102b, 102c may utilize one or more of gNBs 180a, 180b, 180c as a mobility anchor point. In the standalone configuration, WTRUs 102a, 102b, 102c may communicate with gNBs 180a, 180b, 180c using signals in an unlicensed band. In a non-standalone configuration WTRUs 102a, 102b, 102c may communicate with/connect to gNBs 180a, 180b, 180c while also communicating with/connecting to another RAN such as eNode-Bs 160a, 160b, 160c. For example, WTRUs 102a, 102b, 102c may implement DC principles to communicate with one or more gNBs 180a, 180b, 180c and one or more eNode-Bs 160a, 160b, 160c substantially simultaneously. In the non-standalone configuration, eNode-Bs 160a, 160b, 160c may serve as a mobility anchor for WTRUs 102a, 102b, 102c and gNBs 180a, 180b, 180c may provide additional coverage and/or throughput for servicing WTRUs 102a, 102b, 102c.

[00107] Each of the gNBs 180a, 180b, 180c may be associated with a particular cell (not shown) and may be configured to handle radio resource management decisions, handover decisions, scheduling of users in the UL and/or DL, support of network slicing, dual

connectivity, interworking between NR and E-UTRA, routing of user plane data towards User Plane Function (UPF) 184a, 184b, routing of control plane information towards Access and Mobility Management Function (AMF) 182a, 182b and the like. As shown in Fig. 16D, the gNBs 180a, 180b, 180c may communicate with one another over an Xn interface.

[00108] The CN 115 shown in Fig. 16D may include at least one AMF 182a, 182b, at least one UPF 184a, 184b, at least one Session Management Function (SMF) 183a, 183b, and possibly a Data Network (DN) 185a, 185b. While each of the foregoing elements are depicted as part of the CN 1 15, it will be appreciated that any of these elements may be owned and/or operated by an entity other than the CN operator. [00109] The AMF 182a, 182b may be connected to one or more of the gNBs 180a, 180b, 180c in the RAN 113 via an N2 interface and may serve as a control node. For example, the AMF 182a, 182b may be responsible for authenticating users of the WTRUs 102a, 102b, 102c, support for network slicing (e.g., handling of different PDU sessions with different requirements), selecting a particular SMF 183a, 183b, management of the registration area, termination of NAS signaling, mobility management, and the like. Network slicing may be used by the AMF 182a, 182b in order to customize CN support for WTRUs 102a, 102b, 102c based on the types of services being utilized WTRUs 102a, 102b, 102c. For example, different network slices may be established for different use cases such as services relying on ultra- reliable low latency (URLLC) access, services relying on enhanced massive mobile broadband (eMBB) access, services for machine type communication (MTC) access, and/or the like. The AMF 162 may provide a control plane function for switching between the RAN 113 and other RANs (not shown) that employ other radio technologies, such as LTE, LTE-A, LTE-A Pro, and/or non-3GPP access technologies such as WiFi.

[00110] The SMF 183a, 183b may be connected to an AMF 182a, 182b in the CN 115 via an Ni l interface. The SMF 183a, 183b may also be connected to a UPF 184a, 184b in the CN 115 via an N4 interface. The SMF 183a, 183b may select and control the UPF 184a, 184b and configure the routing of traffic through the UPF 184a, 184b. The SMF 183a, 183b may perform other functions, such as managing and allocating UE IP address, managing PDU sessions, controlling policy enforcement and QoS, providing downlink data notifications, and the like. A PDU session type may be IP-based, non-IP based, Ethernet-based, and the like.

[00111] The UPF 184a, 184b may be connected to one or more of the gNBs 180a, 180b, 180c in the RAN 113 via an N3 interface, which may provide the WTRUs 102a, 102b, 102c with access to packet-switched networks, such as the Internet 110, to facilitate

communications between the WTRUs 102a, 102b, 102c and IP-enabled devices. The UPF 184, 184b may perform other functions, such as routing and forwarding packets, enforcing user plane policies, supporting multi-homed PDU sessions, handling user plane QoS, buffering downlink packets, providing mobility anchoring, and the like.

[00112] The CN 115 may facilitate communications with other networks. For example, the CN 115 may include, or may communicate with, an IP gateway (e.g., an IP multimedia subsystem (IMS) server) that serves as an interface between the CN 115 and the PSTN 108. In addition, the CN 115 may provide the WTRUs 102a, 102b, 102c with access to the other networks 112, which may include other wired and/or wireless networks that are owned and/or operated by other service providers. In one embodiment, the WTRUs 102a, 102b, 102c may be connected to a local Data Network (DN) 185a, 185b through the UPF 184a, 184b via the N3 interface to the UPF 184a, 184b and an N6 interface between the UPF 184a, 184b and the DN 185a, 185b.

[00113] In view of Figs. 16A-16D, and the corresponding description of Figs. 16A- 16D, one or more, or all, of the functions described herein with regard to one or more of: WTRU 102a-d, Base Station 114a-b, eNode-B 160a-c, MME 162, SGW 164, PGW 166, gNB 180a-c, AMF 182a-ab, UPF 184a-b, SMF 183a-b, DN 185a-b, and/or any other device(s) described herein, may be performed by one or more emulation devices (not shown). The emulation devices may be one or more devices configured to emulate one or more, or all, of the functions described herein. For example, the emulation devices may be used to test other devices and/or to simulate network and/or WTRU functions.

[00114] The emulation devices may be designed to implement one or more tests of other devices in a lab environment and/or in an operator network environment. For example, the one or more emulation devices may perform the one or more, or all, functions while being fully or partially implemented and/or deployed as part of a wired and/or wireless communication network in order to test other devices within the communication network. The one or more emulation devices may perform the one or more, or all, functions while being temporarily implemented/deployed as part of a wired and/or wireless communication network. The emulation device may be directly coupled to another device for purposes of testing and/or may performing testing using over-the-air wireless communications.

[00115] The one or more emulation devices may perform the one or more, including all, functions while not being implemented/deployed as part of a wired and/or wireless communication network. For example, the emulation devices may be utilized in a testing scenario in a testing laboratory and/or a non-deployed (e.g., testing) wired and/or wireless communication network in order to implement testing of one or more components. The one or more emulation devices may be test equipment. Direct RF coupling and/or wireless

communications via RF circuitry (e.g., which may include one or more antennas) may be used by the emulation devices to transmit and/or receive data.

[00116] It will be understood that any of the methods and processes described herein may be embodied in the form of computer executable instructions (i.e., program code) stored on a computer-readable storage medium which instructions, when executed by a machine, such as a computer, server, apparatus, IoT terminal device, IoT gateway device, peer device, or the like, perform and/or implement the systems, methods and processes described herein. Specifically, any of the steps, operations or functions described above may be implemented in the form of such computer executable instructions. Computer readable storage media include both volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information, but such computer readable storage media do not includes signals. Computer readable storage media include, but are not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other physical medium which can be used to store the desired information and which can be accessed by a computer.