Both encryption and message authentication/integrity are needed to provide security over a wireless air interface. Message encryption protects the privacy of a message whereas message authentication protects the message from tampering.
In a message authentication process, a sender using a secret key and a message authentication algorithm calculates a short tag, which is appended to a message. A receiver also calculates the tag for the received message based on knowledge of the secret key, and compares the calculated tag with the received tag. If the tags are the same, then the receiver accepts the message; otherwise, the message is discarded.
Existing message authentication algorithms, for example, keyed-Hash Message Authentication Code-Secure Hash Algorithm (HMAC-SHA) and Advanced Encryption Standard-Cipher Algorithm in Cipher Block Chaining (AES-CBC), do not allow out-of-order packet processing because they are serial operations and require that bits be processed in the order they were sent. Hence, the conventional approaches to message authentication must send data to a RAM, let a central processor (CP) reorder data packets and reassemble an application packet (message), and send the application packet to hardware to do message authentication. This significantly increases traffic on the bus and can significantly add latencies in the packet processing.
In addition, existing message authentication algorithms operate on blocks at a time. As a consequence, a block level algorithm cannot operate on a message segment that ends in a non-block boundary. It would be necessary to reassemble the entire application packet from all message segments before beginning to perform the message authentication tag verification.