Skip to main content
SpringerLink
Log in

Key Update at Train Stations: Two-Layer Dynamic Key Update Scheme for Secure Train Communications

  • Conference paper
  • First Online:
Security and Privacy in Communication Networks (SecureComm 2016)

Abstract

Modern train systems adopt communication-based train control (CBTC), which uses wireless communications to better monitor and control the train operations. Despite the well-studied security issues in wireless networking in information technology applications, security implementations in trains have been lagging; many train systems rely on security by obscurity and forgo well-established security practices such as key updates. To secure train systems against increasingly evolving and persistent attackers and mitigate key breach (which can occur due to misuse of the key), we build a key update scheme, Key Update at Train Stations (KUTS), that leverages the inherent physical aspects of train operations (mobility/infrastructure-asymmetry between the stations and the trains and the operational differences when the trains are at stations and between the stations). Furthermore, by incorporating separation of key chain and use and on the entities providing the key seeds, KUTS protects the key seeds for future updates against the breach of the current key and is both key-collision irrelevant (thwarting known collision-based threats on one-way random functions) and system-compromise resilient (protecting the key secrecy even when the train system is compromised). We theoretically analyze KUTS’s effectiveness, security strength, and security properties. We also implement KUTS on various computing devices to study the performance overhead.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    The choice of KUTS stations is a design parameter which has a tradeoff between security strength and complexity/computation and is beyond the scope of this paper. Section 5 provides analyses and insights that can be helpful in making such design choices.

References

  1. Heddebaut, M., Mili, S., Sodoyer, D., Jacob, E., Aguado, M., Zamalloa, C.P., Lopez, I., Deniau, V.: Towards a resilient railway communication network against electromagnetic attacks. In: TRA - Transport Research Arena, France, p. 10p, April 2014. https://hal.archives-ouvertes.fr/hal-01061258

  2. He, H.: Passenger wi-fi freezes third Shenzhen metro train in a week. South China Morning Post. http://www.scmp.com/news/china/article/1078165/passenger-wi-fi-freezes-third-shenzhen-metro-train-week

  3. Squatriglia, C.: Polish teen hacks his citys trams, chaos ensues. Wired. http://www.wired.com/2008/01/polish-teen-hac/

  4. Greenber, A.: Hackers remotely kill a jeep on the highwaywith me in it. Wired. http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/

  5. Finkle, J., Woodall, B.: Researcher says can hack GM’s OnStar app, open vehicle, start engine, Reuters. http://www.reuters.com/article/2015/07/30/us-gm-hacking-idUSKCN0Q42FI20150730

  6. Foster, I., Prudhomme, A., Koscher, K., Savage, S.: Fast and vulnerable: a story of telematic failures. In: 9th USENIX Workshop on Offensive Technologies (WOOT 2015). USENIX Association, Washington, D.C., August 2015. http://blogs.usenix.org/conference/woot15/workshop-program/presentation/foster

  7. Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S., Koscher, K., Czeskis, A., Roesner, F., Kohno, T.: Comprehensive experimental analyses of automotive attack surfaces. In: Proceedings of the 20th USENIX Conference on Security, SEC 2011, p. 6. USENIX Association, Berkeley (2011). http://dl.acm.org/citation.cfm?id=2028067.2028073

  8. American Public Transportation Association (APTA): Securing control and communications systems in rail transmit environments, part II: Defining a security zone architecture for rail transit and protecting critical zones, Recommended Practice, ATPA-SS-CCS-RP-002-13 (2013)

    Google Scholar 

  9. American Public Transportation Association (APTA): Cybersecurity considerations for public transit, Recommended Practice, ATPA-SS-ECS-RP-001-14 (2014)

    Google Scholar 

  10. Deniau, V.: Overview of the European project security of railways in Europe against electromagnetic attacks (secret). IEEE Electromagn. Compat. Mag. 3(4), 80–85 (2014)

    Article  Google Scholar 

  11. Chang, S.-Y., Tran, B.A.N., Hu, Y.-C., Jones, D.L.: Jamming with power boost: leaky waveguide vulnerability in train systems. In: 2015 IEEE 21st International Conference on Parallel and Distributed Systems (ICPADS), pp. 37–43, December 2015

    Google Scholar 

  12. Lopez, I., Aguado, M.: Cyber security analysis of the european train control system. IEEE Commun. Mag. 53(10), 110–116 (2015)

    Article  Google Scholar 

  13. Hartong, M., Goel, R., Wijesekera, D.: Key management requirements for positive train control communications security. In: Proceedings of the 2006 IEEE/ASME Joint Rail Conference, pp. 253–262, April 2006

    Google Scholar 

  14. Reiter, M., Stubblebine, S.: Resilient authentication using path independence. IEEE Trans. Comput. 47(12), 1351–1362 (1998)

    Article  MathSciNet  Google Scholar 

  15. Zhao, M., Smith, S.W., Nicol, D.M.: Aggregated path authentication for efficient BGP security. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, CCS 2005, pp. 128–138. ACM, New York (2005). http://doi.acm.org/10.1145/1102120.1102139

  16. Kim, T.H.-J., Basescu, C., Jia, L., Lee, S.B., Hu, Y.-C., Perrig, A.: Lightweight source authentication and path validation. In: Proceedings of the 2014 ACM Conference on SIGCOMM, SIGCOMM 2014, pp. 271–282. ACM, New York (2014). http://doi.acm.org/10.1145/2619239.2626323

  17. Blass, E.-O., Elkhiyaoui, K., Molva, R.: Tracker: security and privacy for RFID-based supply chains. In: 18th Annual Network and Distributed System Security Symposium NDSS 2011, 6–9 February 2011, San Diego, CA, USA (2011). http://www.eurecom.fr/publication/3233. Accessed Feb 2011

  18. Elkhiyaoui, K., Blass, E.-O., Molva, R.: CHECKER: on-site checking in RFID-based supply chains. In: Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks, WISEC 2012, pp. 173–184. ACM, New York (2012). http://doi.acm.org/10.1145/2185448.2185471

  19. Cai, S., Li, Y., Zhao, Y.: Distributed path authentication for dynamic RFID-enabled supply chains. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) Information Security and Privacy Research. SEC 2012. IFIPAICT, vol. 376, pp. 501–512. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  20. Cai, S., Deng, R.H., Li, Y., Zhao, Y.: A new framework for privacy of RFID path authentication. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol. 7341, pp. 473–488. Springer, Heidelberg (2012). doi:10.1007/978-3-642-31284-7_28

    Chapter  Google Scholar 

  21. Challal, Y., Bouabdallah, A., Hinard, Y.: Efficient multicast source authentication using layered hash-chaining scheme. In: 29th Annual IEEE International Conference on Local Computer Networks, pp. 411–412, November 2004

    Google Scholar 

  22. Fredman, M.L., Komlós, J., Szemerédi, E.: Storing a sparse table with 0(1) worst case access time. J. ACM 31(3), 538–544 (1984). http://doi.acm.org/10.1145/828.1884

    Article  MathSciNet  MATH  Google Scholar 

  23. Ohkubo, M., Suzuki, K., Kinoshita, S.: Cryptographic approach to “privacy-friendly” tags. In: RFID Privacy Workshop (2003)

    Google Scholar 

  24. Whyte, W., Weimerskirch, A., Kumar, V., Hehn, T.: A security credential management system for V2V communications. In: Vehicular Networking Conference (VNC), pp. 1–8. IEEE, December 2013

    Google Scholar 

  25. Rajendran, J., Sinanoglu, O., Karri, R.: Is split manufacturing secure? In: Design, Automation Test in Europe Conference Exhibition (DATE), pp. 1259–1264, March 2013

    Google Scholar 

  26. Imeson, F., Emtenan, A., Garg, S., Tripunitara, M.: Securing computer hardware using 3D integrated circuit (IC) technology, split manufacturing for obfuscation. In: Presented as Part of the 22nd USENIX Security Symposium (USENIX Security 2013), pp. 495–510. USENIX, Washington, D.C. (2013). https://www.usenix.org/conference/usenixsecurity13/technical-sessions/presentation/imeson

  27. Shannon, C.E.: A mathematical theory of communication. Bell Syst. Tech. J. 27(3), 379–423 (1948). http://dx.doi.org/10.1002/j.1538-7305.1948.tb01338.x

    Article  MathSciNet  MATH  Google Scholar 

  28. Shannon, C.E.: Communication theory of secrecy systems. Bell Syst. Tech. J. 28(4), 656–715 (1949)

    Article  MathSciNet  MATH  Google Scholar 

Download references

Acknowledgments

This work was supported by the National Research Foundation (NRF), Prime Ministers Office, Singapore, under its National Cybersecurity R&D Programme (Award No. NRF2014NCR-NCR001-31) and administered by the National Cybersecurity R&D Directorate and by the Human-Centered Cyber-physical Systems Programme at the Advanced Digital Sciences Center from Singapore’s Agency for Science, Technology and Research (A\(^\star \)STAR).

Author information

Authors and Affiliations

  1. Advanced Digital Sciences Center, Singapore, Singapore

    Sang-Yoon Chang & Yih-Chun Hu

  2. University of Colorado Colorado Springs, Colorado Springs, CO, USA

    Sang-Yoon Chang

  3. Institute for Infocomm Research, A*STAR, Singapore, Singapore

    Shaoying Cai & Hwajeong Seo

  4. University of Illinois at Urbana-Champaign, Urbana, IL, USA

    Yih-Chun Hu

Authors
  1. Sang-Yoon Chang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shaoying Cai
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hwajeong Seo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yih-Chun Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sang-Yoon Chang .

Editor information

Editors and Affiliations

  1. Singapore Management University, Singapore, Singapore

    Robert Deng

  2. Jinan University, Guangzhou, Guangdong, China

    Jian Weng

  3. University at Buffalo, Buffalo, New York, USA

    Kui Ren

  4. SRI International, Menlo Park, California, USA

    Vinod Yegneswaran

Rights and permissions

Reprints and permissions

Copyright information

© 2017 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Chang, SY., Cai, S., Seo, H., Hu, YC. (2017). Key Update at Train Stations: Two-Layer Dynamic Key Update Scheme for Secure Train Communications. In: Deng, R., Weng, J., Ren, K., Yegneswaran, V. (eds) Security and Privacy in Communication Networks. SecureComm 2016. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 198. Springer, Cham. https://doi.org/10.1007/978-3-319-59608-2_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-59608-2_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-59607-5

  • Online ISBN: 978-3-319-59608-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation