Abstract
The security of the ICT (Information Communications Technology) components of industrial systems is gaining great importance in the context of their criticality for society at large. There is an urgent need for the consideration of security in their design, and for the analysis of the related vulnerabilities and potential threats. The high exposure of industrial critical infrastructure to such threats is mainly due to the intrinsic weakness of the communication protocols used to control the process network. The peculiarities of the industrial protocols (low computational power, large geographical distribution, near to real-time constraints) make hard the effective use of traditional cryptographic schemes and in particular the implementation of a effective key management infrastructure supporting a cryptographic layer. In this paper we present the first working prototype of a distributed key generation infrastructure for SCADA systems based on the well known identity based crypto-paradigm.
Keywords
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Fovino, I.N., Marcelo Masera, R.L.: Ict security assessment of a power plant, a case study. In: Second Annual IFIP Working Group 11.10 International Conference on Critical Infrastructure Protection, Arlington, USA (2008)
Majdalawieh, M., Parisi-Presicce, F., Wijesekera, D.: Distributed network protocol security (dnpsec) security framework. In: 21st Annual Computer Security Applications Conference (2005)
Igor Nai Fovino, A.C., Masera, M.: Secure modbus protocol, a proof of concept. In: Proceedings of the 3rd IFIP Int. Conf. on Critical Infrastructure Protection (2009)
Beaver, C., Donald Gallup, W.N., Torgerson, M.: Key management for scada. Technical report, Cryptography and Information Systems Surety Department Sandia National Laboratories (2002)
Robert, D., Colin, B., Dawson, E., Juan, M.: Skma a key management architecture for scada systems. In: Proceedings of the Proceedings of the 4th Australasian Information Security Workshop, vol. 54 (2006)
Lambert, R.J.: Ecc and scada key management. In: Proceedings of S4 (SCADA Security Scientific Symposium) Conference (2007)
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)
Kate, A., Goldberg, I.: Asynchronous distributed private-key generators for identity-based cryptography. IACR Cryptology ePrint Archive 2009, 355 (2009)
Feldman, P.: A practical scheme for non-interactive verifiable secret sharing. In: Proceedings of the 28th Annual Symposium on Foundations of Computer Science, SFCS 1987, pp. 427–438. IEEE Computer Society, Washington, DC (1987)
Kilinc, G., Igor Nai Fovino, C.F., Koltuksuz, A.: A model of distributed key generation for industrial control systems. Technical report, E.C. Joint Research Centre, Institute for the Protection and Security of the Citizen (2012)
pairing-based cryptography, http://crypto.stanford.edu/pbc/
Gnu multiple precision library, http://gmplib.org/
Genge, B., Igor Nai Fovino, C.S., Masera, M.: Analyzing cyber-physical attacks on networked industrial control systems. In: Butts, J., Shenoi, S. (eds.) Critical Infrastructure Protection V. IFIP AICT, vol. 367, pp. 167–183. Springer, Boston (2011), doi:10.1007/978-3-642-24864-1_12
Chor, B., Shaft Goldwasser, S.M., Awerbuch, B.: Verifiable secret sharing and achieving simultaneity in the presence of faults. In: Proceedings of 6th IEEE Symposium on Foundations of Computer Science, pp. 383–395 (1985)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kılınç, G., Nai Fovino, I. (2013). Distributed Identity Based Private Key Generation for SCADA Systems. In: Hämmerli, B.M., Kalstad Svendsen, N., Lopez, J. (eds) Critical Information Infrastructures Security. Lecture Notes in Computer Science, vol 7722. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41485-5_11
Download citation
DOI: https://doi.org/10.1007/978-3-642-41485-5_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-41484-8
Online ISBN: 978-3-642-41485-5
eBook Packages: Computer ScienceComputer Science (R0)