Post-Quantum Era in V2X Security: Convergence of Orchestration and Parallel Computation

by   Engin Zeydan, et al.

Along with the potential emergence of quantum computing, safety and security of new and complex communication services such as automated driving need to be redefined in the post-quantum era. To ensure reliable, continuous and secure operation of these scenarios, quantum resistant security algorithms (QRSAs) that enable secure connectivity must be integrated into the network management and orchestration systems of mobile networks. This paper explores a roadmap study of post-quantum era convergence with cellular connectivity using the Service Computation Orchestrator (SCO) framework for enhanced data security in radio access and backhaul transmission with a particular focus on Vehicle-to-Everything (V2X) services. Using NTRU as a QSRA, we have shown that the parallelization performance of Toom-Cook and Karatsuba computation methods can vary based on different CPU load conditions through extensive simulations and that the SCO framework can facilitate the selection of the most efficient computation for a given QRSA. Finally, we discuss the evaluation results, identify the current standardization efforts, and possible directions for the coexistence of post-quantum and mobile network connectivity through a SCO framework that leverages parallel computing.



page 1

page 4

page 7


Non-invertible Anonymous Communication for the Quantum Era

We introduce a new approach for circuit anonymous communication based on...

The impact of quantum computing on real-world security: A 5G case study

This paper provides a detailed analysis of the impact of quantum computi...

Quantum-Secured Space-Air-Ground Integrated Networks: Concept, Framework, and Case Study

In the upcoming 6G era, existing terrestrial networks have evolved towar...

Making Existing Software Quantum Safe: Lessons Learned

In the era of quantum computing, Shor's algorithm running on quantum com...

An optimal security management framework for backhaul-aware 5G-Vehicle to Everything (V2X)

Cellular (C) setups facilitate the connectivity amongst the devices with...

Semantic-Effectiveness Filtering and Control for Post-5G Wireless Connectivity

The traditional role of a communication engineer is to address the techn...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.

I Introduction

Next generation cellular communication systems are expected to further drive the diversity of applications provided by 5G systems [15]. They will provide a highly flexible platform that can can deliver features such as integrated sensing, flexible multi-band usage, smart, green and secure communications. In next-generation cellular communication, AI, integrated sensing and communication are expected to be key enablers. V2X or autonomous driving has already attracted much attention in recent years and is expected to be used in next-generation communication systems. For example, convergence of MEC and blockchain technologies for a novel robust, resilient, and reliable architecture for V2X communications is proposed in [8]. With the recent industrial achievements from Google’s Waymo, Baidu’s Apollo and Tesla’s Autopilot technologies [5], full self-driving capabilities are possible in the future. However, the underlying secure communication technologies that support them are still in their infancy.

In the field of security, quantum computers are slowly being developed by many high profile IT and cloud companies (Google, IBM, Honeywell and Microsoft). In the long terms, quantum computers are expected to achieve quantum superiority and recent industrial work by Google has shown that these claims are feasible [2]. Devices and computers with quantum capacity have the ability to respond very quickly to complex problems by performing many operations simultaneously. Quantum-capable devices can also be used to attack security protocols established between network devices (such as TLS, DTLS, IPSec, etc.), break encryption schemes used in security protocols, and expose secure communications. In this case, algorithms resistant to quantum flows in security protocols operated between mobile network devices must be used. Thus, secure communication can be established in the mobile network. NIST is currently working on this issue and has organized a competition to select the best algorithm that is resistant to quantum attacks. Algorithms such as NTRU, Saber and Kyber have already made it to the final round of the NIST competition [11]. After the NIST competition is over, one algorithm will be selected as the standard QRSA and implemented in all devices as a result (such as AES/DES, which are the result of the previous NIST competition and are widely used today).

Nowadays, current encryption algorithms can be implemented in software and hardware of mobile devices to ensure the operation of the security protocol. However, a major problem arises when implementing QRSA. This problem is to decide how to perform the computational processes within the algorithm. In the study of existing QRSA such as NTRU, Saber, Kyber, the load on the CPU cores of the devices for computing mathematical operations with very high-order polynomials is very high. The computational processes for existing encryption algorithms such as AES, ECC etc. are already in use and the existing hardware capabilities of the devices can support these types of operations. However for QRSA, we are dealing with very high-degree polynomials. Therefore, the computational resources required for QRSA on the devices are higher than the resources required for the encryption algorithms already in use. For this reason, it is very difficult to perform computations for a QRSA based on high-order polynomials with the currently available software and hardware. To overcome this problem, an efficient computation and orchestration framework is needed that is aware of the entire topological view of the mobile and V2X network and can perform different computation methods for each QRSA. To this end, the following contributions are made in this paper:

  • We discuss key concepts and present the integration of post-quantum and mobile network connectivity through the SCO framework with potential use cases. (Section II and III)

  • We evaluate how post-quantum methods can be integrated into mobile networks via simulation analysis and discuss the evaluation results.(Section IV)

  • From a standardization perspective, we describe current SDO efforts and their potential contributions to network management and orchestration and post-quantum technologies. (Section V)

Ii Background & Motivation

Ii-a The Approach to Facilitate the Computation

A QRSA is actually based on multiplication of higher order polynomials. This can also be observed when algorithms are studied for NIST competition for selecting the next standard QRSA such as NTRU, Saber, Kyber, etc.. Multiplication of higher order polynomials consists of dozens of fundamental mathematical arithmetic operations such as addition and multiplication. Among these arithmetic operations, multiplication operations cause problems and implementation bottlenecks [14]. Multiplication processes that take place within the QRSA, consume many CPU resources and occupy significant CPU caches such as L1 and L2 caches.

On the other hand, time complexity is another problem that varies depending on the platform implemented and space complexity is critical for execution in hardware [13]. In the real world of device system architectures, we need to target time complexity, which means that shorter execution time is crucial for a mobile node. To overcome this, alternative multiplication operations can be used in software/hardware. For example, in the literature, there are various multiplication methods such as Karatsuba [1], Toom-Cook [4], Schönhage–Strassen [12], etc., which can perform the multiplication operations efficiently and with lower time complexity. As the degree of polynomials increases, the computation of multiplication of two polynomials becomes much more time consuming. The common feature of these different multiplication methods is that they focus on reducing the number of fundamental arithmetic multiplication operations when multiplying polynomials. This reduces the time required to compute the result of polynomial multiplication.

Figure 1: Illustration for multiplication of two N-digit numbers by different methods and the number of fundamental multiplication operations by (a) Classical schoolbook method (b) Karatsuba’s method (c) Toom-Cook k-way method.

Ii-B Different Methods for Implementing Multiplication

As an example, consider the product of two numbers according to the classical schoolbook method shown in Fig. 1. This figure is intended to show that some multiplication methods can be computed in parallel on CPU cores (e.g., the Toom-Cook method) while some others (e.g., the Karatsuba method) cannot be computed in a distributed fashion and work well only on a single CPU core. The higher degree of polynomials to be multiplied, the higher the number of fundamental arithmetic multiplications. This is illustrated in Fig. 0(a). When two N-digit numbers are multiplied over finite field, a total of multiplication operations and addition operations are performed using the classical schoolbook multiplication method. The fundamental arithmetic multiplications mentioned above are those performed inside the ellipses in Fig. 1. Another method for multiplication is that of the Karatsuba shown in Fig. 0(b). The approach of Karatsuba’s method is based on dividing numbers into smaller parts. In Karatsuba’s method, polynomials are first divided into two smaller parts, which are represented as polynomials. Then, coefficients are derived from these polynomials. There is also another predefined polynomial p and the derived coefficients are then substituted in this polynomial. Thus, the Karatsuba method for multiplications of two-digit numbers requires three-digit multiplications instead of four as in the classical schoolbook case. In general, the number of fundamental operations of the Karatsuba method reduces to polynomial multiplications compared to classical schoolbook multiplication, which has .

Toom-Cook’s method, which is shown in Fig. 0(c), is the generalization method of Karatsuba. In Toom-Cook, k indicates the number of concatenated parts of the original number. As k increases, polynomials are divided into smaller parts (the size of the polynomial decreases). In this way, multiplication results can be achieved in fewer recursion steps (lower time complexity), but the overall space complexity increases. In Toom-Cook k-way method, multiplications are required. If , it becomes the Karatsuba method, which divides the N-digit numbers into two parts. Thus, Karatsuba method can also be considered as a Toom-Cook two-way method.

Ii-C QRSA Implementation Target & Parallel Computing

Each multiplication method has its own advantages and disadvantages. One disadvantage of Toom-Cook is that the multiplication results are obtained with high space complexity, but it has fewer recursion steps than Karatsuba’s method. Karatsuba’s method has lower space complexity but uses a lot of digits as it reduces the degrees of the numbers to be multiplied by half. If a mobile node has many CPU cores and most of them are underutilized, then the computation process for the QRSA can be completed by using the Toom-Cook’s method, which has fewer recursion steps with many operations. In this case, the operations can be solved in a short time with parallel computing by using all or most of the available CPU cores. Each of the multiplication operations can be performed by different CPU.

Suppose additionally that we have a mobile node with a single CPU core. In this case, we can reach the result of multiplication faster using Karatsuba’s method, which outputs results in many recursion steps with fewer operations. In Karatsuba’s method, parallel computing has less impact on the performance than in Toom-Cook method due to the smaller number of operations per step and the dependence of the step result. Note that the method of multiplication in CPU cores in the mobile node may vary depending on the availability of resources in CPU cores. Thus, if the most appropriate method can be selected, then the encryption/decryption process introduced by QRSA can be computed quickly.

Ii-D Selecting the Computation Method for any QRSA

The considered problem is to select the computation method for a QRSA, executed inside the mobile nodes and on applications such as V2X, drones, etc. connected to the MEC. Note that when selecting the most appropriate computation method, all relevant parameters such as the current/future utilization status of the CPU/memory of the device, the status of the network topology, etc. must be taken into account. An important point is that the computations performed for QRSA impose an additional load on the NE. The MEC servers in the mobile network must perform multiple arithmetic operations simultaneously. In addition, providing services to air-connected UE/autonomous vehicles that jointly perform the QRSA computations may overwhelm the computational resources of NE.

In this study, a SCO framework is used for efficient operation of systems resistant to post-quantum attacks in next-generation mobile networks. Along with the system used, QRSA security protocols in mobile networks can reduce the computational burden by using one of the most relevant computation methods (Toom-Cook or Karatsuba). Since the system used has the potential to reduce the computational load on the device, it also enables the mobile nodes to provide more efficient services within the network through lower latency and more secure communication services. The SCO framework obtains information about the NE capabilities by interacting with other systems to organize the computational operations. The most appropriate computational method for executing a QRSA is communicated to the NE by monitoring the current load on the NE.

Figure 2: An illustration of how a SCO-based framework and post-quantum computing can be architecturally integrated into a mobile network infrastructure.

Iii Secure Service Computation & Orchestration in Post-Quantum Era

The main goal of the SCO framework is to guarantee the most efficient computation for the QRSA. The perspective is purely from the point of view of computing and acceleration of the computation process for each QRSA. As mentioned earlier, all QRSA in the NIST competition (NTRU, Saber, Kyber) are based on multiplication of very high order polynomials. NIST’s competition will result in only one QRSA to be standardized. Note that if NTRU runs on one NE, Saber cannot run on the other communicating NE. This is similar to the case when AES is running in a NE, DES cannot run in a communicating NE while establishing secure communication. For this reason, if NTRU is selected as the winner of the NIST competition, it must run on both communicating NE.

This is where SCO comes into play for selecting the appropriate computation method within QRSA. Regardless of which algorithm is chosen by NIST, this does not change the requirements for a SCO, as all NIST finalist QRSA are based on higher order polynomial multiplications. Note that the SCO framework does not aim to notify both sides in a secure communication to implement the same QRSA. In this regard, the SCO framework does not select the QRSA to be used. Rather, the SCO helps to select the most effective computation method for the implemented QRSA. Note that this decision is dynamically made by SCO and cannot be easily extended by a new resource scheduling algorithm due to the large data dimension and the dynamics of the environment. For this reason, AI/ML techniques or Deep Policy Enforcements (which are basically rule-based) can be used for this purpose.

Iii-a High-Level View of the System Design

Fig. 2 shows the high level view of the system architecture. It consists of three architectural blocks. At the top is SCO, which provides smart NS, compute, and resource orchestration capabilities to instantiate secure NS. It is also responsible for lifecycle management and control of services and optimizes resources in mobile infrastructure and cloud. In the middle is resource layer, which manages the underlying mobile infrastructure (RAN, EC, transport and core networks) as a whole, orchestrates the resources, instantiates VNF, interconnects the transport resources together and thanks to the capabilities brought by network controllers and the underlying NFV resources, provides a common abstraction view of the managed resources to the SCO via the IFA005 interface111ETSI GS NFV-IFA, SCO can communicate with the underlying resource layer to obtain the relevant information about the NE capabilities and the current computational load statistics of the NE resources, such as CPU load states, cache status of the CPU core, network I/O count, etc. At the lower layer is the infrastructure layer with all physical and virtual compute, storage and network resources. It can support reprogrammable mechanisms and algorithms to support enhanced security features.

Changes in network topology and handover updates of many moving vehicles create load on each NE. For this reason, the SCO stores a table and rules with certain thresholds. In accordance with these rules, the appropriate computation method is chosen using the given rule sets. Fig. 2 shows an example of this structure. SCO will forward the messages to the resource layer and the resource layer to the infrastructure devices through a secure communication channel. SCO is also aware of past load conditions, which can also help make more accurate predictions for future load conditions using either rule-based or AI/ML models. When QRSA is run in the NE (note that all computational methods discussed above must be available in the NE software), the SCO layer provides the instructions for selecting the most appropriate computational method for the QRSA under consideration.

Iii-B A Case Study

We consider a case where moving vehicles use a continuous V2X service. Each vehicle dynamically uses a different mobile network MEC along its route, so the instantaneous load of MEC varies. Each vehicle can run multiple services (e.g., critical services, high priority services, and low priority services) on multiple cores simultaneously. For example, critical services may run object recognition, accident prevention and remote control applications, high priority services may use AR navigation and information service, low priority services can use caching databases, multimedia or cloud gaming [7]. For self-driving capability, critical services should at least be available, run without interruptions (i.e., with high QoS support, low latency), and provide basic functionalities (e.g., real-time communication, remote monitoring, proactive driving support) for safety and security reasons.

On the other hand, there are also major threats to the security and privacy of vehicular networks. For example, illegal monitoring of message transmissions in vehicular networks can compromise message confidentiality, broadcast tempering attacks can disrupt message integrity or DoS attacks can flood vehicular control channels with huge amounts of messages [10]. In the post-quantum era, from a mobile backhaul perspective, user plane communication between the BS (where the V2X service is received by users) and the core network is encrypted and can be compromised. From a radio access perspective, the security of V2X devices connected to BS is also threatened, as the confidentiality and integrity algorithms used in the radio protocol layers are vulnerable to quantum attacks.

When an autonomous vehicle with V2X service continuously handovers to a new MEC on the highway, the vehicle must receive service from the nearest MEC serving that specific new MEC due to critical low latency service requirements. In this case, the vehicle must be connected to the new MEC very quickly and securely. However, since the vehicle is in motion, it will have multiple connections to different MEC as it travels down the road, which can cause significant delays. In this case, the computations within the QRSA need to be performed repeatedly and fast re-establishment to each new MEC connection is very important for autonomous driving vehicles. From another perspective, multiple vehicles also need to be securely connected to the new MEC within the mobile network. In this case, QRSA computations need to be performed dynamically on the MEC side. This increases the load on CPU, which overloads the MEC and can cause significant delays.

In the architecture of Fig. 2, the SCO, which can monitor the overall network status, is able to choose the most appropriate computation methods for a given QRSA for vehicles moving towards MEC. Later, this decision is propagated to the underlying layers and to the MEC and the vehicle. This ultimately leads to shorter execution times and, as a result, fewer delays in handovers while maintaining a high level of vehicle security.

Iv Experimental Results & Discussions

We used Kubernetes as our candidate SCO and utilized its CPU MCP feature222Kubernetes v1.12, Control CPU Management Policies on the Node, in the test environment. The nodes are separate workstations with 48 CPU cores and 64 GB memory, but the tests are run with only five of the CPU cores. The L1 cache of the nodes is 768 kiB, the L2 cache is 24 miB and the L3 cache is 33 miB. The QRSA computation applications are implemented in Docker containers in the nodes. Each computation method is implemented in a different container. The load status of the CPU cores is regularly monitored by Kubernetes and the reservation of the five CPU cores is also done by the MCP.

Since Karatsuba’s method works better without parallelization, we ran it with only one CPU core. We ran the Toom-Cook’s method both on one CPU core and with parallel programming [6] across all five CPU cores. Toom-Cook running on one CPU core is given for benchmarking purposes as the method running on a Single CPU core. However, Karatsuba’s method is a better solution in single core and the advantage of Toom-Cook is parallel processing.

Iv-a Simulation Results

Figure 3: Performance comparisons of computational methods under increasing load (load is applied to 4 CPU cores, 1 CPU core is always set with 0% load) (a) Multiplication of two polynomials with degree 512 (b) Multiplication of two polynomials with degree 812.

Since one MEC can perform multiple operations simultaneously in a mobile network, we gradually placed more and more load on three of the CPU cores in our simulations. However, we always kept one CPU as free (i.e., with 0% load). Karatsuba’s method was always run on this free CPU core. All computation time results are an average of ten Monte Carlo simulations.

Fig. 2(a) shows the products of two polynomials of degree 512 by different methods. The running QRSA in the NIST’s competition generally use polynomials whose degree varies between 256 and 512. For this reason, we studied the product of two polynomials of degree 512 using different multiplication methods. The results in Fig. 2(a) show that Karatsuba and Toom-Cook with Single CPU cores yield 21.2 and 27.1 msec computation time, respectively. Moreover, Toom-Cook with five CPU cores performs better than Karatsuba and Toom-Cook with Single CPU cores in terms of computation time up to a load ratio of 25% on CPU cores. After increasing the load from 25%, the performance of Toom-Cook with five CPU cores starts to decrease gradually compared to Karatsuba.

Moreover, after 45% load, the performance of Toom-Cook with five CPU cores becomes even worse than that of Toom-Cook with Single CPU core. The reason is that the resources of the other four CPU are no longer fully reserved for running Toom-Cook. As the load increased, parallelized CPU cores could not efficiently handle the multiplication operations involved in each step of Toom-Cook. This is because the computations of arithmetic operations are also heavily loaded on CPU cores and the cost of time spent on each step of Toom-Cook increases. Among the QRSA that made it to the 3rd round (finalists) of the NIST’s competition, NTRU can achieve NIST security level-5. At level-5, NTRU has the highest order polynomial multiplication among all QRSA that made it to the NIST competition. For this reason, Fig. 2(b) also shows the product of two polynomials of degree 821. The results in Fig. 2(b) show that Karatsuba and Toom-Cook with Single CPU cores yield 50.2 msec and 120 msec computation time, respectively. Moreover, in this higher order matrix multiplication case, Karatsuba performs better than Toom-Cook with five CPU cores in terms of computation time after 5% load ratio on CPU cores and Toom-Cook with Single CPU core performs better than Toom-Cook with five CPU cores after 60% CPU load.

Iv-B Discussions & Evaluations of Results

New asymmetric cryptosystems such as Lattice-based, code-based, supersingular elliptic-curve, hash-based and multivariate cryptography are among the leading cryptosystems that are resistant to post-quantum attacks. However, the building blocks of QRSA include matrix-vector products containing high-order polynomials which requires high computational overhead compared to classical computers. For this reason, it is necessary to design optimal computational techniques.

In Karatsuba’s method, the number of recursion steps is high due to polynomial divisions by two. Moreover, the results of these recursion steps are interrelated. For this reason, we cannot take full advantage of the parallel computation. Since each step must wait for the others to complete, the impact of an increased number of CPU on the performance of the parallel computation method is reduced. However, in the Toom-Cook method, the number of recursion steps is small (pros) due to the division of polynomials by where . Therefore, we can use more CPU cores in each recursion step. For example, if the Toom-Cook -way is used for QRSA computation, we need to multiply two polynomials of degree by dividing them by k (in k recursion steps) and it takes recursion steps to complete the multiplication. In Karatsuba, on the other hand, it takes . In this way, we can complete Toom-Cook with a smaller number of steps and make better use of parallel computation.

Since the cost of arithmetic operations required to implement post-quantum algorithms is higher than the cost of implementing the algorithms prior to quantum computers, the choice of the optimal multiplication method for each hardware becomes more important. As can be concluded from the above results, the Toom-Cook method, which is more suitable for parallel processing and achieves the multiplication result in a very short time when run in parallel, runs slower than Karatsuba’s method when the load ratio on the CPU cores increases. A V2X device running with five CPU cores prefers to compute directly with Toom-Cook, regardless of its load status, which can be misleading. When operating under high load or considering the potentially high load that may occur in the future, switching to Karatsuba’s method gives the V2X device a significant time advantage. The advantages of the methods over the others differ in different polynomial degrees. The advantages of calculations of different polynomial degrees and the most accurate switching decision time should be known to SCO.

V Standardization Roadmap

There have been several works around the world aimed at defining both network service management/orchestration and post-quantum technologies. However, they have been worked on separately. ETSI NFV-MANO is one of the main responsible standardization bodies for network service management and orchestration [9]. On the other hand, quantum communication has been researched for decades [3]. Post-quantum computing technologies conceptually fall into different areas of development separate from the field of mobile networks & services domain.

After the NIST competition mentioned in the introduction is completed, we will have a selected and standardized QRSA. Therefore, the development of mobile networks and the implementation of post-quantum algorithms require cross-domain collaboration in the industry and extended functional support from the SDO for a reliable SCO framework. For this reason, once NIST standardization is completed, 3GPP and ETSI can contribute to the development of post-quantum security integration for mobile network architecture. IETF can identify the protocol and V2X implementation aspects. Finally, ITU can develop guidelines for MNO for the convergence of post-quantum secured V2X services.

For SCO-enabled networks to be integrated with future quantum technologies, various computational methods for QRSA (e.g., Karatsba, Toom-cook) should be included in the SCO service catalog. The integration points and interfaces also need to be identified, and the corresponding abstractions should be consistent with the current trends in networking, e.g., considering the layered stacks of ETSI MANO architecture and their modular developments.

Vi Conclusions

Quantum computing will transform next-generation cellular communications, especially in cryptography, as communication and information flow occur over secure channels. In this paper, we propose a roadmap study for post-quantum era convergence with secure mobile connectivity via a SCO framework, focusing on V2X services. Selecting the most appropriate and fastest computation methods of QRSA is an important application area, especially in V2X scenarios when the computation of services leading to resource-intensive consumption can be done in parallel. Through a simulation study, we have shown that it is beneficial to choose the most efficient computation method for QRSA when it is triggered by a SCO in terms of computation time and parallelization performance. Finally, we conclude the paper with a discussion of the evaluation results and current standardization efforts, and highlight possible directions in the post-quantum era for secure mobile V2X network connectivity from a high-level system design perspective.

Vii Acknowledgment

This work has been partially funded by Generalitat de Catalunya grant 2017 SGR 1195 and the national program on equipment and scientific and technical infrastructure, EQC2018-005257-P under the European Regional Development Fund (FEDER).


  • [1] A. A. Karatsuba (1995) The Complexity of Computations. Proceedings of the Steklov Institute of Mathematics 211, pp. 169–183. Cited by: §II-A.
  • [2] F. Arute et al. (2019) Quantum Supremacy using a Programmable Superconducting Processor. Nature 574 (7779), pp. 505–510. Cited by: §I.
  • [3] R. Bassoli et al. (2021) Quantum communication networks. Vol. 23, Springer. Cited by: §V.
  • [4] S. A. Cook (1971) The Complexity of Theorem-Proving Procedures. In

    Proceedings of the 3rd Annual ACM Symposium on Theory of Computing

    pp. 151–158. Cited by: §II-A.
  • [5] M. A. Cusumano (2020) Self-driving Vehicle Technology: Progress and Promises. ACM. Cited by: §I.
  • [6] L. Dalcín, R. Paz, and M. Storti (2005) MPI for python. Journal of Parallel and Distributed Computing 65 (9), pp. 1108 – 1115. External Links: ISSN 0743-7315, Document Cited by: §IV.
  • [7] A. Dalgkitsis et al. (2020) Data Driven Service Orchestration for Vehicular Networks. IEEE Trans. on Intelligent Transportation Systems. Cited by: §III-B.
  • [8] M. A. K. et al. (2021) Robust, resilient and reliable architecture for v2x communications. IEEE Transactions on Intelligent Transportation Systems. Cited by: §I.
  • [9] European Telecommunications Standards Institute (2014) Network Function Virtualization (NFV) Management and Orchestration, Std.. ETSI ISG NFV-MAN 001 v0.8.1. Cited by: §V.
  • [10] A. Ghosal and M. Conti (2020) Security Issues and Challenges in V2X: A Survey. Computer Networks 169, pp. 107093. Cited by: §III-B.
  • [11] NIST Post-Quantum Cryptography (2015) Round 3 Finalists: Public-key Encryption and Key-establishment Algorithms. Note:[Online; accessed 17-Jan.-2020] Cited by: §I.
  • [12] A. Schönhage and V. Strassen (1971) Schnelle Multiplikation großer Zahlen. Computing 7, pp. 281–292. Cited by: §II-A.
  • [13] H. C. Thomas, E. L. Charles, L. R. Ronald, and S. Clifford (2009) Introduction to algorithms. MIT Press. Cited by: §II-A.
  • [14] S. Williams et al. (2007) Optimization of sparse matrix-vector multiplication on emerging multicore platforms. In Proceedings of the 2007 ACM/IEEE Conference on Supercomputing, Vol. , pp. 1–12. External Links: Document Cited by: §II-A.
  • [15] A. Yazar et al. (2020) 6G Vision: An Ultra-Flexible Perspective. ITU Journal on Future and Evolving Technologies 1 (1). Cited by: §I.