Scada Security
International Journal of Research and Reviews in Information Security and Privacy (IJRRISP)
Vol. 1, No. 2, June 2011
ISSN: 2046-5718
Copyright © Science Academy Publisher, United Kingdom www.sciacademypublisher.com Science Academy
Publisher
A Configurable and Efficient Key-Management scheme for
SCADA Communication Networks
Zia Saquib1, Ravi Batra1, Om Pal1, Ashwin Nevangune1, Dhiren Patel2, and M. Rajarajan3
1
Centre for Development of Advanced Computing, Mumbai, India
National Institute of Technology Surat, India
3
City University London, UK
2
Email: (saquib, ravibatra, ompal, ashwin}@cdacmumbai.in, dhiren29p@gmail.com, R.Muttukrishnan@city.ac.uk
Abstract – Key management in SCADA (Supervisory Control And Data Acquisition) networks is a major challenge today.
Due to resource constraints and latency requirements in such networks, it is infeasible to use traditional key management schemes such as RSA based PKC (Public key cryptography). In this paper, we propose a key management scheme, making use of Id-NIKDS (Id-based Non Interactive Key Distribution System) along with Polynomial based Pair -wise Key
Establishment in a manner that the resulting scheme is efficient an d highly secure for large SCADA networks. The level of security provided is configurable and can vary from resilience against compromise of a few nodes to 100 % resilient against node compromise attacks. The protocol achieves energy efficiency by minimizin g the number of communications for key establishment, also provides flexibility for dynamic cluster formation after deployment, easy key updates, node addition and revocation. The scheme has been formulated considering the fact that the remote terminal uni ts & nodes are low range devices and most frequently communicate with only the nearby nodes so as to achieve admissible latencies. Small clusters may be formed in such networks, each responsible for collectively providing sensed data and controlling actuat ors in
Vol. 1, No. 2, June 2011
ISSN: 2046-5718
Copyright © Science Academy Publisher, United Kingdom www.sciacademypublisher.com Science Academy
Publisher
A Configurable and Efficient Key-Management scheme for
SCADA Communication Networks
Zia Saquib1, Ravi Batra1, Om Pal1, Ashwin Nevangune1, Dhiren Patel2, and M. Rajarajan3
1
Centre for Development of Advanced Computing, Mumbai, India
National Institute of Technology Surat, India
3
City University London, UK
2
Email: (saquib, ravibatra, ompal, ashwin}@cdacmumbai.in, dhiren29p@gmail.com, R.Muttukrishnan@city.ac.uk
Abstract – Key management in SCADA (Supervisory Control And Data Acquisition) networks is a major challenge today.
Due to resource constraints and latency requirements in such networks, it is infeasible to use traditional key management schemes such as RSA based PKC (Public key cryptography). In this paper, we propose a key management scheme, making use of Id-NIKDS (Id-based Non Interactive Key Distribution System) along with Polynomial based Pair -wise Key
Establishment in a manner that the resulting scheme is efficient an d highly secure for large SCADA networks. The level of security provided is configurable and can vary from resilience against compromise of a few nodes to 100 % resilient against node compromise attacks. The protocol achieves energy efficiency by minimizin g the number of communications for key establishment, also provides flexibility for dynamic cluster formation after deployment, easy key updates, node addition and revocation. The scheme has been formulated considering the fact that the remote terminal uni ts & nodes are low range devices and most frequently communicate with only the nearby nodes so as to achieve admissible latencies. Small clusters may be formed in such networks, each responsible for collectively providing sensed data and controlling actuat ors in
References: International Conference on System Sciences-Volume 8, page 8020, Washington, DC, USA, 2000 Nieto: SKMA – A Key Management Architecture for SCADA Systems: Fourth Australasian Information Security Workshop AISWNetSec (2006). Networks, 10th ACM CCS '03, Washington D.C., October, 2003 . Workshop on Cryptographic Hardware and Embedded Systems (CHES 2004), pages 119–132, August 2004. 36, North Carolina State University, Department of Computer Science, 2007. Theory, vol. 39, no. 5, pp. 1639–1646, 1993. Computations on Curves with High-Degree Twists, Lecture Notes in Computer Science, 2010, Volume 6056/2010, 224-242 Report 2009/155, 2009. Report 2009/155, 2009. characteristic fields. In ICISC 2004 [27], pages 168–181, 2005 [22] D.E Seminumerical Algorithms. Addison-Wesley, third edition, 1997. Blake, G. Seroussi, and N. Smart, Eds. Cambridge Univ. Press, 2005, vol