Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Meet-in-the-Middle Attacks on Reduced Round Piccolo Kapitel lesen Erstes Kapitel lesen

2016 | OriginalPaper | Buchkapitel

On Lightweight Security Enforcement in Cyber-Physical Systems

verfasst von : Yanjiang Yang, Jiqiang Lu, Kim-Kwang Raymond Choo, Joseph K. Liu

Erschienen in: Lightweight Cryptography for Security and Privacy

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Cyber-physical systems (CPS) are a key component in industrial control systems (ICS), which are widely used in the critical infrastructure sectors. The increasing reliance on CPS, however, affords exploitative opportunities for malicious actors targeting our critical infrastructure. The real-time requirement of control systems, coupled with the deployment of resource-constrained field devices, complicate efforts to secure our critical infrastructure. A key technical limitation for security solutions is that they should be lightweight. While lightweight cryptography is useful to some extent, enforcement of asymmetric key cryptographic primitives in control systems is known to be problematic. In this paper, we suggest investigating the enforcement of lightweight security solutions in ICS from a different perspective. Rather than focusing on designing lightweight (individual) cryptographic primitives, we propose taking a whole-of-system approach to (1) achieve system/collective lightweightness, (2) outsource expensive computations from resource-constrained field devices to neighboring devices and equipments that have more computational capacity, and (3) selectively protect critical data (partial/selective protection of Data of Interest).

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel PUF-Based Mutual Multifactor Entity and Transaction Authentication for Secure Banking
Nächstes Kapitel Fast Software Implementation of QUARK on a 32-Bit Architecture
Fußnoten
1
If a bit of the input challenge c is 0, then the multiplicand s is shifted to the left by one position. Otherwise (i.e. the bit of the input challenge c is 1), the multiplicand s is shifted to the left and the result is added (with carry) to the multiplicand s.
 
2
This infamous incident highlighted the reality of the inadequate security and vulnerability of SCADA systems and ICS. The accused person, a disgruntled employee, allegedly issued radio commands to the sewage equipment, which resulted in 800,000 L of raw sewage to spill out into local parks and rivers, killing marine life. The accused person was sentenced to two years’ imprisonment. Subsequent appeal to the Australian High Court was unsuccessful - see R v Boden [2002] QCA 164.
 
Literatur
1.
AGA Report No. 12 (2004): Cryptographic Protection of SCADA Communications:General Recommendations, Draft 2, 2004. The Draft 3 is available for purchage at http://​www.​aga.​org/​
2.
3.
Baek, J., Vu, Q.H., Liu, J.K., Huang, X., Xiang, Y.: A secure cloud computing based framework for big data information management of smart grid. IEEE Trans. Cloud Comput. 3(2), 233–244 (2015)CrossRef
4.
Borghoff, J., et al.: PRINCE – a low-latency block cipher for pervasive computing applications. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 208–225. Springer, Heidelberg (2012)CrossRef
5.
Bichsel, P., Camenisch, J., Gro, T., Shoup, V.: Anonymous credentials on a standard java card. In: Proceedings of ACM Conference on Computer and Communication Security, CCS 2009, pp. 600–610 (2009)
6.
7.
8.
Cardenas, A., Amin, S., Sinopoli, B., Giani, A., Perrig, A., Sastry, S.: Challenges for securing cyber physical systems. In: Proceedings of Workshop on Future Directions in Cyber-Physical Systems Security, DHS (2009)
9.
De Cannière, C., Dunkelman, O., Knežević, M.: KATAN and KTANTAN — a family of small and efficient hardware-oriented block ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 272–288. Springer, Heidelberg (2009)CrossRef
10.
Carlson, R., Dagle, J., Shamsuddin, S., Evans, R.: A Summary of Control System Security Standards Activities in the Energy Sector, Office of Electricity Delivery and Energy Reliability U.S. Department of Energy (2005)
11.
Camenisch, J., Herreweghen, E.V.: Design and implementation of the idemix anonymous credential system. In: Proceedings of ACM Conference on Computer and Communication Security, CCS 2002 (2002)
12.
Chen, X., Li, J., Ma, J., Tang, Q., Lou, W.: New algorithms for secure outsourcing of modular exponentiations. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 541–556. Springer, Heidelberg (2012)CrossRef
13.
14.
Choo, K.-K.R.: The cyber threat landscape: challenges and future research directions. Comput. Secur. 30(8), 719–731 (2011)CrossRef
15.
Choo, K.-K.R.: A conceptual interdisciplinary plug-and-play cyber security framework. ICTs and the Millennium Development Goals: A United Nations Perspective, pp. 81–99. Springer, New York (2014)CrossRef
16.
Chow, S.M., Liu, J.K., Zhou, J.: Identity-based online/offline key encapsulation and encryption. In: Proceedings of ACM Symposium on Information, Computer and Communications Security, ASIACCS 2011, pp. 52–60 (2011)
17.
Chu, C., Liu, J.K., Wong, J.W., Zhao, Y., Zhou, J.: Privacy-preserving smart metering with regional statistics and personal enquiry services. In: Proceedings of ACM Symposium on Information, Computer and Communications Security, ASIACCS 2013, pp. 369–380 (2013)
18.
Chu, C., Liu, J.K., Zhou, J., Bao, F., Deng, R.H.: Practical ID-based encryption for wireless sensor network. In: Proceedings of ACM Symposium on Information, Computer and Communications Security, ASIACCS 2010, pp. 337–340 (2010)
19.
Eisenbarth, T., et al.: Compact implementation and performance evaluation of block ciphers in ATtiny devices. In: Mitrokotsa, A., Vaudenay, S. (eds.) AFRICACRYPT 2012. LNCS, vol. 7374, pp. 172–187. Springer, Heidelberg (2012)CrossRef
20.
Gong, Z., Nikova, S., Law, Y.W.: KLEIN: a new family of lightweight block ciphers. In: Juels, A., Paar, C. (eds.) RFIDSec 2011. LNCS, vol. 7055, pp. 1–18. Springer, Heidelberg (2012)CrossRef
21.
Guo, J., Peyrin, T., Poschmann, A.: The PHOTON family of lightweight hashfunctions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 222–239. Springer, Heidelberg (2011)CrossRef
22.
Guo, J., Peyrin, T., Poschmann, A., Robshaw, M.: The LED block cipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 326–341. Springer, Heidelberg (2011)CrossRef
23.
Girault, M., Poupard, G., Stern, J.: On the fly authentication and signature schemes based on groups of unknown order. J. Cryptology 19(4), 463–487 (2006)MathSciNetCrossRefMATH
24.
Hohenberger, S., Lysyanskaya, A.: How to securely outsource cryptographic computations. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 264–282. Springer, Heidelberg (2005)CrossRef
25.
Igure, V., Laughter, S., Williams, R.: Security issues in SCADA networks. Comput. Secur. 25, 498–506 (2006)CrossRef
26.
Lian, S., Sun, J., Wang, Z.: Quality analysis of several typical MPEG video encryption algorithms. J. Image Graph. 9(4), 483–490 (2004)
27.
ISO/IEC 18033-3: Information technology – Security techniques – Encryption algorithms – Part 3: Block ciphers
28.
ISO/IEC 29192-2: Information technology – Security techniques – Lightweightcryptography – Part 2: Block ciphers
29.
ISO/IEC 29192-4: Information technology – Security techniques – Lightweightcryptography – Part 4: Mechanisms using asymmetric techniques
30.
31.
32.
Kavun, E.B., Yalcin, T.: A lightweight implementation of keccak hash function for radio-frequency identification applications. In: Ors Yalcin, S.B. (ed.) RFIDSec 2010. LNCS, vol. 6370, pp. 258–269. Springer, Heidelberg (2010)CrossRef
33.
Laplante, P., Michael, B., Voas, J.: Cyberpandemics: history, inevitability, response. IEEE Secur. Priv. 7(1), 63–67 (2009)CrossRef
34.
Liu, J.K., Baek, J., Zhou, J.: Online/offline identity-based signcryption revisited. In: Lai, X., Yung, M., Lin, D. (eds.) Inscrypt 2010. LNCS, vol. 6584, pp. 36–51. Springer, Heidelberg (2011)CrossRef
35.
Liu, J.K., Baek, J., Zhou, J., Yang, Y., Wong, J.W.: Efficient online/offline identity-based signature for wireless sensor network. Int. J. Inf. Sec. 9(4), 287–296 (2010)CrossRef
36.
Liu, J.K., Au, M.H., Susilo, W., Zhou, J.: Online/offline ring signature scheme. In: Qing, S., Mitchell, C.J., Wang, G. (eds.) ICICS 2009. LNCS, vol. 5927, pp. 80–90. Springer, Heidelberg (2009)CrossRef
37.
Liu, J.K., Chu, C.K., Zhou, J.: Identity-based server-aided decryption. In: Parampalli, U., Hawkes, P. (eds.) ACISP 2011. LNCS, vol. 6812, pp. 337–352. Springer, Heidelberg (2011)CrossRef
38.
Liu, J.K., Zhou, J.: An efficient identity-based online/offline encryption scheme. In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS 2009. LNCS, vol. 5536, pp. 156–167. Springer, Heidelberg (2009)CrossRef
39.
Molina-Markham, A., Danezis, G., Fu, K., Shenoy, P., Irwin, D.: Designing privacy-preserving smart meters with low-cost microcontrollers. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 239–253. Springer, Heidelberg (2012)CrossRef
40.
41.
Poschmann, A.: Lightweight Cryptography: Cryptographic Engineering for A Pervasive World, Ph.D. Thesis (2009)
42.
43.
Stouffer, K., Falco, J., Kent, K.: Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security. NIST SP 800–82 (2006)
44.
Sanger, D.: Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power. Crown, NY (2012)
45.
Shahid, Z., Chaumont, M., Puech, W.: Fast protection of H.264/AVC by selective encryption of CAVLC and CABAC for I and P frames. IEEE Trans. Circ. Syst. Video Technol. 21(5), 565–576 (2011)CrossRef
46.
Sommestad, T., Ericsson, N., Nordlander, J.: SCADA system cyber security: a comparison of standards. In: Proceedings of IEEE Power and Energy Society General, pp. 1–8 (2010)
47.
Shibutani, K., Isobe, T., Hiwatari, H., Mitsuda, A., Akishita, T., Shirai, T.: Piccolo: an ultra-lightweight blockcipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 342–357. Springer, Heidelberg (2011)CrossRef
48.
Wang, Y.: sSCADA: securing SCADA infrastrcture communications. Int. J. Commun. Netw. Distrib. Syst. 6(11), 59–78 (2011)CrossRef
49.
Wang, Y., O’Neill, M., Kurugollu, F.: A tunable encryption scheme and analysis of fast selective encryption for CAVLC and CABAC in H.264/AVC. IEEE Trans. Circ. Syst. Video Technol. 23(9), 1476–1490 (2013)CrossRef
50.
Wang, Y., Wu, Q., Wong, D.S., Qin, B., Chow, S.S.M., Liu, Z., Tan, X.: Securely outsourcing exponentiations with single untrusted program for cloud storage. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014, Part I. LNCS, vol. 8712, pp. 326–343. Springer, Heidelberg (2014)
51.
Wright, A.K., Kinast, J.A., McCarty, J.: Low-latency cryptographic protection for SCADA communications. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 263–277. Springer, Heidelberg (2004)CrossRef
52.
Wan, Z., Wang, G., Yang, Y., Shi, S.: SKM: scalable key management for advanced metering infrastructure in smart grids. IEEE Trans. Industr. Electron. 61(12), 7055–7066 (2014)CrossRef
53.
Wu, W., Wu, S., Zhang, L., Zou, J., Dong, L.: LHash: a lightweight hash function. In: Lin, D., Xu, S., Yung, M. (eds.) Inscrypt 2013. LNCS, vol. 8567, pp. 291–308. Springer, Heidelberg (2014)
54.
Yuen, T.H., Zhang, Y., Yiu, S.M., Liu, J.K.: Identity-based encryption with post-challenge auxiliary inputs for secure cloud applications and sensor networks. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014, Part I. LNCS, vol. 8712, pp. 130–147. Springer, Heidelberg (2014)
Metadaten
Titel
On Lightweight Security Enforcement in Cyber-Physical Systems
verfasst von
Yanjiang Yang
Jiqiang Lu
Kim-Kwang Raymond Choo
Joseph K. Liu
Copyright-Jahr
2016
Verlag
Springer International Publishing
Buch
Lightweight Cryptography for Security and Privacy

Print ISBN: 978-3-319-29077-5

Electronic ISBN: 978-3-319-29078-2

Copyright-Jahr: 2016

DOI
https://doi.org/10.1007/978-3-319-29078-2_6