Research on the safety of the communication link of the Radio Based Cab Signaling system
|
|
- Lindsey Juliet McCoy
- 5 years ago
- Views:
Transcription
1 Research on the safety of the communication link of the Radio Based Cab Signaling system C. Li, Y. Zhang, J. Wang & H. Wang Automation Research Institute of Transportation Science & Technology, Beijing Jiaotong University, P. R. China Abstract The Communication Based Train Control (CBTC) system is the development trend of railway signaling. The Chinese railway has made a strategy to develop the Chinese Train Control System (CTCS), which is divided into 5 levels (from level 0 to level 4). In level 3 and level 4, CBTC based on GSM-R network will be realized. Chinese railway is now developing the Radio Based Cab Signaling (RBCS) system as the first attempt on CBTC. Preliminary field tests of the approaching continuous RBCS based on a commercial radio data transceiver have been finished with satisfactory results. This year, a long and exhaustive test of GSM-R based RBCS will be carried out on the pilot project of the Qinghai- Tibet railway. Because the vital data related to operation safety is transmitted in the open communication network, it is easy to be modified or attacked maliciously. Therefore, data transmission safety is a vital factor to be considered in GSM-R based RBCS. This paper will focus on the data transmission safety in the GSM-R based RBCS, primarily about the cryptographic techniques and key management. words: Radio Based Cab Signaling, cipher algorithm, key management system, data transmission, safety. 1 Introduction With railway transportation developing towards high speed, informationization and networking, Communication Based Train Control (CBTC) is becoming the development trend of Chinese railway signaling. The Ministry of Railway (MOR) has made a strategy to develop Chinese Train Control System (CTCS),
2 518 Computers in Railways IX which is divided into 5 levels (from level 0 to level 4). In level 3 and level 4, CBTC based on GSM-R will be realized. Chinese railway is now developing RBCS as the first attempt on CBTC. RBCS transmits control information by means of radio. It consists of two parts: the Station Control Center (SCC) and the Onboard Equipment (OBE). RBCS can use either commercial radio data transceiver or GSM-R as the transmission media. The background to the development of RBCS is the construction of Qinghai- Tibet Railway [1]. Because of the special geographical and climate condition of Qinghai-Tibet Railway, the working stability and routine maintenance of track circuit will encounter many difficulties. So it is necessary to use radio to transmit control data to achieve two purposes. One purpose is to form a close-looped control by the bi-directional -station communication; another is to lower the maintenance cost by greatly reducing the trackside equipment. Preliminary field test of the approaching continuous RBCS based on commercial radio data transceiver has been finished with satisfactory results. Now the approaching continuous GSM-R based RBCS is under development, whose working principle can be briefly described as following. When a enters the effective working area of RBCS, the onboard equipment will apply for registration to the SCC. Upon receiving the registration information, the SCC will collect the cab signal information related to that from the station interlocking, and send it to the. After receiving the cab signal information, the onboard equipment will indicate the cab signal to the driver and relay it to the ATP onboard equipment. At the same time, position and speed, the return receipt of cab signal and so on will be sent back to the SCC in order to check out the correctness of the transmitted information. When the exits the RBCS effective working area, it will be deregistered by the SCC. Because the cab signal information related to operation safety is transmitted through the open GSM-R network, it is easy to be modified and attacked maliciously. So communication safety must be considered in GSM-R based RBCS. According to the characteristic of RBCS, this paper puts forward the implementation of the cipher techniques and key management system in the information transmission of RBCS system. 2 Cipher techniques Because of the opening of radio communication, it is necessary to encrypt the control information. In this paper, the Data Encryption Standard (DES) in Cipher Block Chaining (CBC) mode is adopted. 2.1 Data Encryption Standard (DES) DES is a symmetric algorithm, which means that the same algorithm is adopted for encryption and decryption (except the different sequences of cryptographic
3 Computers in Railways IX 519 keys). The plain text block length, the cipher text block length and the key length are all 64 bits. The algorithm of DES is public, so the safety of system totally depends on the confidentiality of key. The block diagram of the algorithm is shown in Figure 1 [3]. K(64bits) X(64bits) DES Y=DES K(X) (64bits ) Figure 1: DES block diagram. 2.2 Cipher Block Chaining (CBC) In the CBS mode, the previous cipher text block is fed back and added to the current plain text block. Figure 2 shows how CBC works. That is Y i = E K (X i +Y i-1 ) (E -- Encryption) Therefore Y i = E K (X i + E K (X i-1 +Y i-2 )) = E K (X i + E K (X i-1 + E K (X i-2 +Y i-3 ))) = The decryption is also simple. D K (Y i ) +Y i-1 = D K (E K (X i +Y i-1 )) +Y i-1 = X i +Y i-1 +Y i-1 = X i (D --Decryption) Note: the initialization vector Y 0 should be set to zero. K Transmission K Yi + Encrypion Decryption + Yi-1 Yi-1 Figure 2: Structure of cipher block chaining.
4 520 Computers in Railways IX 2.3 Implementation of the cipher technique in RBCS In the implementation of the abovementioned cipher technique in RBCS system, the block length is 64 bits. The original telegram is padded with zeros so as to produce a telegram whose length is an exact multiple of 64 bits. The bits used for padding will not be transmitted. A triple-encryption algorithm is adopted with the aim to enhance the safety of data transmission. The length of key k is 192 bits, which is divided into three 64-bit keys k 1,k 2,k 3. Some of these keys are used for encrypting each bit of the message, with the aim to protect data confidentiality; other keys are used for generating Message Authentication Code (MAC) that is put at the end of the message, with the aim to protect data authenticity and integrity. To these two kinds of keys, there are two corresponding algorithms [4]. Transmission Encryption Decryption k1 k2 k3 k3 k2 k1 Yi + EDES DDES EDES DDES EDES DDES + Yi Yi-1 Yi-1 Figure 3: Block diagram of message encryption Message encryption The block diagram of message encryption is shown in Figure 3. E K (X) =EDES K3 (DDES K2 (EDES K1 (X))) D K (X) =DDES K1 (EDES K2 (DDES K3 (X))) Where EDES stands for DES Encryption,and DDES for DES Decryption). After the message in the GSM-R based RBCS is encrypted, the format of the transmitted message is as following: Header Called address Calling address Message length Encrypted message Footer Message authentication code The block diagram of MAC is shown in Figure 4. Let message X be constituted by the 64-bit blocks X 1,X 2,,X q L i =EDES K1 (X i +L i-1 )
5 Computers in Railways IX 521 N i =EDES K3 (DDES K2 (EDES K1 (X i +L i-1 ))) i=1, 2,, q The MAC of message X is equal to N q. The received message will be computed to generate MAC in the receiving end. If the MAC is equal to MAC that is sent from the sending end, the message is accepted; otherwise, the message is regarded as invalid and rejected. K1 K2 K3 + Li Mi EDES DDES EDES Ni Li-1 Figure 4: Block diagram of MAC. After the MAC is generated, the format of the transmitted message with MAC is as following: Header Called address Calling address Message length Message MAC Footer 3 Implementation of key management system in RBCS In the data transmission of RBCS, it is necessary to adopt effective and simple cipher algorithms. However, the confidentiality of encryption system depends on the confidentiality of keys. Therefore, key management is a critical part of safety of radio transmission. management deals with the problems during the whole process from key generation to key deletion. It is difficult to design a safe cipher algorithm, while it is more difficult for key management. In this section, the network structure, system structure and working flow of key management system in RBCS will be introduced. The implementation of key management in GSM-R based RBCS will be explained in detail. 3.1 Network structure of key management system (KMS) The network structure of KMS in RBCS is shown in Figure 5. OBE, SCC and Distribution Center (KDC) communicate with each other. OBE and SCC exchange control information through GSM-R network; the key used for the communication is the KMAC key. The KDC communicates with OBE in order to distribute the KMAC key through GSM-R; the encrypted key used for the communication is KTRANS key. The KDC communicates with SCC in order
6 522 Computers in Railways IX to distribute the KMAC key through the fixed network; the encrypted key used for the communication is the KTRANS key. KDC generates the Base KMAC and the Encryption KTRANS. Firstly, the KDC distributes Encryption KTRANS to OBE and SCC. Secondly, it distributes Base KMAC protected by Encryption KTRANS. Base KMAC and Encryption KTRANS will be stored in the interface as shown in Figure 5. When OBE and SCC communicate with each other, encryption and decryption of control information is finished in the interface. OBE Onboard Computer SCC Station Computer Interface Interface Mobile Terminal KMAC Fixed network KTRANS KDC KTRANS Figure 5: Network structure of KMS. KRA(1) KDC(1) KRA(2) KDC(2) KVA(1,1) KVA(1,2) KVA(2,1) SCC(1,1) SCC(1,2) SCC(1,3) SCC(2,4) up down (KDC Distribution Center (KVA KMAC Validity Area KRA KDC Responsibility Area) SCC Station Control Center) Figure 6: Example of system structure of KMS. 3.2 System Structure of KMS An example of KMS of RBCS is shown in Figure 6. Each will have a communication key (KMAC key) per KVA. This communication key will enable the to communicate with all the SCCs from the KVA. So a will need
7 Computers in Railways IX 523 three KMAC keys to pass through three KVAs. A SCC will have permanently one KMAC key for each that might come into its own KVA. 3.3 Workflow of KMS The workflow of KMS in RBCS is shown in Figure 7. Generation Distribution Changing Recovery Update normal operation Deletion Figure 7: Workflow of KMS in RBCS Generation KDC generates the necessary keys during the normal operation of the system. There are three kinds of keys: Base key KMAC Dedicated for a pair of users for a long time. The KMAC keys are used to protect the authenticity and the data integrity of control information between OBE and SCC Session key KSMAC Used for data exchange between two communication entities only once. The function of session keys is to avoid the frequent change of the base keys. The session keys KSMAC is generated from base keys KMAC, under the agreement between the communication entities and having nothing to do with KDC, with the aim to protect the integrity of communication between OBE and SCC. The session is only effective during each communicating, and will be deleted when the communication is finished encryption key KTRANS and K-KDC Used for encryption when transmitting the base keys. When KDC transmits base key KMAC to OBE and SCC, it uses KTRANS to protect the authentication, integrity and confidentiality of KMAC keys. When different KDCs need to communicate with each other in order to distribute keys, the keys K-KDC are used to protect the distributed keys.
8 524 Computers in Railways IX Distribution Distribution will be necessary in the following cases: initialization, change, update after being lost and outdate. There are three kinds of distributed keys: Distribution of KTRANS key The key of each entity of a KRA is controlled by its own KDC. This KDC will be responsible for distributing a secret key KTRANS to each and each SCC of its KRA Distribution of K-KDC key If different KDCs are going to communicate through an open network, they must use secret keys K-KDC in order to protect their communications Distribution of KMAC key The distribution of the KMAC keys will be finished in two steps: (1) Distribution of the own KMAC keys An own KMAC keys is a key between and SCC of the same KRA. This KDC is responsible to distribute keys for its s and SCCs. The own KMAC keys are transferred with the help of the KTRANS keys. (2) Distribution of the foreign KMAC keys The distribution of the KMAC key related to the SCCs of KRA(i) and the s of KRA(j i) will be done as following: firstly, the KDC(i) of KRA(i) creates the key KMAC and transmits it to the KDC (j). Secondly, the KDC(i) transmits the key KMAC to its own SCCs. Finally, the KDC (j) transmits the key KMAC to the s usage in normal operation Use keys to deal with the normal cipher operation, such as encryption, decryption and MAC generation changing, key recovery and key update When key peculation happens, it is necessary to change key; when keys are lost but not leaked, it is possible to recover the keys from the backup; when keys are outdate, it is possible to update the old keys with new keys. In all the above cases it is necessary to distribute the keys again Deletion For the keys that will never be used, all copies of them should be deleted permanently. 4 Conclusion Considering the communication safety of GSM-R based RBCS, a triple cipher algorithm of DES in CBS mode is proposed in this paper. The running time of the triple DES is about 100 µs on normal microprocessor [5], causing little overhead on the response time of RBCS. This paper also analyzes the structure
9 Computers in Railways IX 525 of key management system, with emphasis on the structure and workflow of KMS. This year, field test of GSM-R based RBCS will be carried out on the pilot project of Qinghai-Tibet railway, providing a good chance to evaluate the implementation of the cipher algorithms and KMS proposed in this paper. References [1] Wang Junfeng, Zhang Yong et al., Research on the Radio Based Cab Signalling System used for Qinghai-Tibet Railway, Journal of Railways, Vol.24, No.3, pp , [2] Wang Yumin, Liu Jianwei, Safety of communication network, dian University Press, pp , [3] UIC/ERRI A200, ETCS EURORADIO Sub-System Requirement Specification, Version 03.00, [4] UIC/ERRI A200, Management Functional Interface Specification, Version , [5] Li Chao, Zhang Yong, Using C8051F020 to Implement Error-Correcting Control for Data Transmission in Radio Based Cab Signaling System, Journal of Tianjin University suppl., No.1, 2004.
KMC-ETCS Entity Off-line KM FIS
ERTMS/ETCS KMC-ETCS Entity Off-line KM FIS REF : ISSUE: 110 DATE : 17-12-2015 Company Technical Approval Management approval ALSTOM ANSALDO AZD BOMBARDIER CAF SIEMENS THALES 110 KMC-ETCS Entity Off-line
More informationResearch and Design of Crypto Card Virtualization Framework Lei SUN, Ze-wu WANG and Rui-chen SUN
2016 International Conference on Wireless Communication and Network Engineering (WCNE 2016) ISBN: 978-1-60595-403-5 Research and Design of Crypto Card Virtualization Framework Lei SUN, Ze-wu WANG and Rui-chen
More informationBCA III Network security and Cryptography Examination-2016 Model Paper 1
Time: 3hrs BCA III Network security and Cryptography Examination-2016 Model Paper 1 M.M:50 The question paper contains 40 multiple choice questions with four choices and student will have to pick the correct
More information3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some
3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some popular block ciphers Triple DES Advanced Encryption
More informationCryptography and Network Security Chapter 7. Fourth Edition by William Stallings
Cryptography and Network Security Chapter 7 Fourth Edition by William Stallings Chapter 7 Confidentiality Using Symmetric Encryption John wrote the letters of the alphabet under the letters in its first
More informationContent of this part
UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Introduction to Cryptography ECE 597XX/697XX Part 5 More About Block Ciphers Israel Koren ECE597/697 Koren Part.5.1 Content of this
More informationSSL/TLS. How to send your credit card number securely over the internet
SSL/TLS How to send your credit card number securely over the internet The security provided by SSL SSL is implemented at level 4 The transport control layer In practice, SSL uses TCP sockets The underlying
More informationA New Method Of VPN Based On LSP Technology
2nd Joint International Information Technology, Mechanical and Electronic Engineering Conference (JIMEC 2017) A New Method Of VPN Based On LSP Technology HaiJun Qing 1, 2 1, 2, ChaoXiang Liang, LiPing
More information(2½ hours) Total Marks: 75
(2½ hours) Total Marks: 75 N. B.: (1) All questions are compulsory. (2) Makesuitable assumptions wherever necessary and state the assumptions made. (3) Answers to the same question must be written together.
More informationCryptographic Concepts
Outline Identify the different types of cryptography Learn about current cryptographic methods Chapter #23: Cryptography Understand how cryptography is applied for security Given a scenario, utilize general
More informationECE 646 Fall 2009 Final Exam December 15, Multiple-choice test
ECE 646 Fall 2009 Final Exam December 15, 2009 Multiple-choice test 1. (1 pt) Parallel processing can be used to speed up the following cryptographic transformations (please note that multiple answers
More informationAdvanced Encryption Standard and Modes of Operation. Foundations of Cryptography - AES pp. 1 / 50
Advanced Encryption Standard and Modes of Operation Foundations of Cryptography - AES pp. 1 / 50 AES Advanced Encryption Standard (AES) is a symmetric cryptographic algorithm AES has been originally requested
More informationCIS 6930/4930 Computer and Network Security. Topic 3.2 Secret Key Cryptography Modes of Operation
CIS 6930/4930 Computer and Network Security Topic 3.2 Secret Key Cryptography Modes of Operation 1 Cipher Feedback Mode (CFB) IV Key 64 64 64 64 64 M 1 M 2 M 3 M 4 64 64 64 46 + padding 64 64 64 64 C 1
More informationSmart-card-loss-attack and Improvement of Hsiang et al. s Authentication Scheme
Smart-card-loss-attack and Improvement of Hsiang et al. s Authentication Scheme Y.. Lee Department of Security Technology and Management WuFeng niversity, hiayi, 653, Taiwan yclee@wfu.edu.tw ABSTRAT Due
More informationCSCI 454/554 Computer and Network Security. Topic 3.2 Secret Key Cryptography Modes of Operation
CSCI 454/554 Computer and Network Security Topic 3.2 Secret Key Cryptography Modes of Operation Processing with Block Ciphers Most ciphers work on blocks of fixed (small) size How to encrypt long messages?
More informationACOS 3 Contact Card. Functional Specification. Subject to change without prior notice
ACOS 3 Contact Card Functional Specification Subject to change without prior notice Table of Contents 1.0. Introduction... 3 1.1. Features...3 1.2. Technical Specifications...3 1.2.1. Electrical...3 1.2.2.
More informationQuestioning the Feasibility of UMTS GSM Interworking Attacks
Questioning the Feasibility of UMTS GSM Interworking Attacks Christoforos Ntantogian 1, Christos Xenakis 2 1 Department of Informatics and Telecommunications, University of Athens, Greece 2 Department
More informationUnderstanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl
Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl www.crypto-textbook.com Chapter 5 More About Block Ciphers ver. November 26, 2010 Last modified 10-2-17
More informationLecture III : Communication Security Mechanisms
Lecture III : Communication Security Mechanisms Internet Security: Principles & Practices John K. Zao, PhD (Harvard) SMIEEE Computer Science Department, National Chiao Tung University 2 X.800 : Security
More informationStudy on Computer Network Technology of Digital Library
International Symposium on Computers & Informatics (ISCI 2015) Study on Computer Network Technology of Digital Library Yanming Sui LinYi University, Linyi, China suiyanming@lyu.edu.cn Abstract With the
More information/CENELEC Phase 4/EIR/HL/Interface/Non-Functional Interface Requirements
Project Interface /CENELEC Phase 4/EIR/HL/Interface/ Version: 7.0 Printed by: Holter Printed on: 22 May 2003 Generated from DOORS V5.2 Copyright (c) 2003 UIC / Euro-Interlocking Contents 1 Introduction
More informationProcessing with Block Ciphers
AIT 682: Network and Systems Security Topic 3.2 Secret Cryptography Modes of Operation Instructor: r. Kun Sun rocessing with Block Ciphers Most ciphers work on blocks of fixed (small) size How to encrypt
More informationCSC/ECE 574 Computer and Network Security. Processing with Block Ciphers. Issues for Block Chaining Modes
CSC/C 574 Computer and Network Security Topic 3.2 Secret Cryptography Modes of Operation CSC/C 574 r. eng Ning 1 rocessing with Block Ciphers Most ciphers work on blocks of fixed (small) size How to encrypt
More informationUNIT III NETWORK LAYER 1. What are the network support layers and the user support layers? Network support layers: The network support layers are Physical layer, Data link layer and Network layer. These
More informationRequest for Comments: 2420 Category: Standards Track September The PPP Triple-DES Encryption Protocol (3DESE)
Network Working Group H. Kummert Request for Comments: 2420 Nentec GmbH Category: Standards Track September 1998 Status of this Memo The PPP Triple-DES Encryption Protocol (3DESE) This document specifies
More informationLecture 1 Applied Cryptography (Part 1)
Lecture 1 Applied Cryptography (Part 1) Patrick P. C. Lee Tsinghua Summer Course 2010 1-1 Roadmap Introduction to Security Introduction to Cryptography Symmetric key cryptography Hash and message authentication
More informationThe question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).
Time: 3hrs BCA III Network security and Cryptography Examination-2016 Model Paper 2 M.M:50 The question paper contains 40 multiple choice questions with four choices and students will have to pick the
More informationUNIT - IV Cryptographic Hash Function 31.1
UNIT - IV Cryptographic Hash Function 31.1 31-11 SECURITY SERVICES Network security can provide five services. Four of these services are related to the message exchanged using the network. The fifth service
More informationT Cryptography and Data Security
T-79.4501 Cryptography and Data Security Lecture 10: 10.1 Random number generation 10.2 Key management - Distribution of symmetric keys - Management of public keys Stallings: Ch 7.4; 7.3; 10.1 1 The Use
More informationTinySec: A Link Layer Security Architecture for Wireless Sensor Networks. Presented by Paul Ruggieri
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastry,, David Wagner Presented by Paul Ruggieri 1 Introduction What is TinySec? Link-layer security architecture
More informationBut where'd that extra "s" come from, and what does it mean?
SSL/TLS While browsing Internet, some URLs start with "http://" while others start with "https://"? Perhaps the extra "s" when browsing websites that require giving over sensitive information, like paying
More informationTo Enhance Homomorphic Encryption scheme for Key Management and Key Sharing in Cloud Computing
International Journal of Emerging Trends in Science and Technology To Enhance Homomorphic Encryption scheme for Key Management and Key Sharing in Cloud Computing Author Preeti Ahuja Punjabi University
More informationChapter 13 Location Privacy
Chapter 13 Location Privacy Security aspects of mobile communication Implicit addressing Pseudonyms Communication mixes [NetSec], WS 2007/2008 13.1 Security Aspects of Mobile Communication Mobile communication
More informationCHAPTER 6. SYMMETRIC CIPHERS C = E(K2, E(K1, P))
CHAPTER 6. SYMMETRIC CIPHERS Multiple encryption is a technique in which an encryption algorithm is used multiple times. In the first instance, plaintext is converted to ciphertext using the encryption
More informationTechnological foundation
Technological foundation Carte à puce et Java Card 2010-2011 Jean-Louis Lanet Jean-louis.lanet@unilim.fr Cryptology Authentication Secure upload Agenda Cryptology Cryptography / Cryptanalysis, Smart Cards
More informationCIS 4360 Secure Computer Systems Symmetric Cryptography
CIS 4360 Secure Computer Systems Symmetric Cryptography Professor Qiang Zeng Spring 2017 Previous Class Classical Cryptography Frequency analysis Never use home-made cryptography Goals of Cryptography
More informationCIS 4360 Introduction to Computer Security Fall WITH ANSWERS in bold. First Midterm
CIS 4360 Introduction to Computer Security Fall 2010 WITH ANSWERS in bold Name:.................................... Number:............ First Midterm Instructions This is a closed-book examination. Maximum
More informationLecture 6: Symmetric Cryptography. CS 5430 February 21, 2018
Lecture 6: Symmetric Cryptography CS 5430 February 21, 2018 The Big Picture Thus Far Attacks are perpetrated by threats that inflict harm by exploiting vulnerabilities which are controlled by countermeasures.
More information: Practical Cryptographic Systems March 25, Midterm
650.445: Practical Cryptographic Systems March 25, 2010 Instructor: Matthew Green Midterm Name: As with any exam, please do not collaborate or otherwise share information with any other person. You are
More informationMOTP: An Identity Authentication Scheme for M-Commerce
Chinese Journal of Electronics Vol.22, No.1, Jan. 2013 MOTP: An Identity Authentication Scheme for M-Commerce ZHU Xiaomin 1, SHANG Xiaopu 2, WANG Chuanchen 2 and ZHANG Runtong 2 (1.School of Mechanical,
More informationT Cryptography and Data Security
T-79.159 Cryptography and Data Security Lecture 10: 10.1 Random number generation 10.2 Key management - Distribution of symmetric keys - Management of public keys Kaufman et al: Ch 11.6; 9.7-9; Stallings:
More informationAn efficient and practical solution to secure password-authenticated scheme using smart card
An efficient and practical solution to secure password-authenticated scheme using smart card R. Deepa 1, R. Prabhu M.Tech 2, PG Research scholor 1, Head of the Department 2 Dept.of Information Technology,
More information1. Diffie-Hellman Key Exchange
e-pgpathshala Subject : Computer Science Paper: Cryptography and Network Security Module: Diffie-Hellman Key Exchange Module No: CS/CNS/26 Quadrant 1 e-text Cryptography and Network Security Objectives
More informationConventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation Location of Encryption Devices Key Distribution
Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49 1 Conventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation
More informationImproved Attack on Full-round Grain-128
Improved Attack on Full-round Grain-128 Ximing Fu 1, and Xiaoyun Wang 1,2,3,4, and Jiazhe Chen 5, and Marc Stevens 6, and Xiaoyang Dong 2 1 Department of Computer Science and Technology, Tsinghua University,
More informationRAIM: Redundant Array of Independent Motes
Platzhalter für Bild, Bild auf Titelfolie hinter das Logo einsetzen RAIM: Redundant Array of Independent Motes Dominik Schürmann, Felix Büsching, Sebastian Willenborg, Lars Wolf Motivation: Store Data
More informationHierarchical Modeling and Verification for Highspeed Train Control Center by Time Automation
JOURNAL OF SOFTWARE, VOL. 9, NO. 6, JUNE 2014 1553 Hierarchical Modeling and Verification for Highspeed Train Control Center by Time Automation Lei Yuan State Key Laboratory of Rail Traffic Control and
More informationCipher Suite Configuration Mode Commands
The Cipher Suite Configuration Mode is used to configure the building blocks for SSL cipher suites, including the encryption algorithm, hash function, and key exchange. Important The commands or keywords/variables
More informationEuropean Train Control System Over IP The Challenges
Dr Tomas Magyla PhD, MSc, BSc, Dipl. Eng, MIRSE, MRTSA, MIET, MAPM SUMMARY The paper presents a different way of implementing ETCS Application Level 2 train control system using Internet Protocol based
More informationNew attacks on the MacDES MAC Algorithm. 1st July Two new attacks are given on a CBC-MAC algorithm due to Knudsen and Preneel, [2],
New attacks on the MacDES MAC Algorithm Don Coppersmith IBM Research T. J. Watson Research Center Yorktown Heights, NY 10598, USA copper@watson.ibm.com Chris J. Mitchell Information Security Group Royal
More informationCity Research Online. Permanent City Research Online URL:
Komninos, N. & Dimitriou, T. (2006). Adaptive authentication and key agreement mechanism for future cellular systems. Paper presented at the 15th IST Mobile & Wireless Communications Summit, 04-08 June
More informationResearch on Hybrid Network Technologies of Power Line Carrier and Wireless MAC Layer Hao ZHANG 1, Jun-yu LIU 2, Yi-ying ZHANG 3 and Kun LIANG 3,*
2017 International Conference on Computer, Electronics and Communication Engineering (CECE 2017) ISBN: 978-1-60595-476-9 Research on Hybrid Network Technologies of Power Line Carrier and Wireless MAC Layer
More informationIntroduction to Symmetric Cryptography
Introduction to Symmetric Cryptography Tingting Chen Cal Poly Pomona 1 Some slides are from Dr. Cliff Zou. www.cs.ucf.edu/~czou/cis3360-12/ch08-cryptoconcepts.ppt Basic Cryptography Private Key Cryptography
More informationS Series Switches. MACsec Technology White Paper. Issue 1.0. Date HUAWEI TECHNOLOGIES CO., LTD.
S Series Switches MACsec Technology White Paper Issue 1.0 Date 2016-03-25 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2016. All rights reserved. No part of this document may be
More informationRESOLUTION MSC.210(81) (adopted on 19 May 2006) PERFORMANCE STANDARDS AND FUNCTIONAL REQUIREMENTS FOR THE LONG-RANGE IDENTIFICATION AND TRACKING OF
MSC 81/25/Add.1 RESOLUTION MSC.210(81) REQUIREMENTS FOR THE LONG-RANGE IDENTIFICATION THE MARITIME SAFETY COMMITTEE, RECALLING Article 28(b) of the Convention on the International Maritime Organization
More informationResearch and Implementation of Server Load Balancing Strategy in Service System
Journal of Electronics and Information Science (2018) 3: 16-21 Clausius Scientific Press, Canada Research and Implementation of Server Load Balancing Strategy in Service System Yunpeng Zhang a, Liwei Liu
More information9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng Basic concepts in cryptography systems Secret cryptography Public cryptography 1 2 Encryption/Decryption Cryptanalysis
More informationTest 2 Review. (b) Give one significant advantage of a nonce over a timestamp.
Test 2 Review Name Student ID number Notation: {X} Bob Apply Bob s public key to X [Y ] Bob Apply Bob s private key to Y E(P, K) Encrypt P with symmetric key K D(C, K) Decrypt C with symmetric key K h(x)
More informationISO/IEC INTERNATIONAL STANDARD
INTERNATIONAL STANDARD ISO/IEC 9797-1 Second edition 2011-03-01 Information technology Security techniques Message Authentication Codes (MACs) Part 1: Mechanisms using a block cipher Technologies de l'information
More informationChongqing, China. *Corresponding author. Keywords: Wireless body area network, Privacy protection, Data aggregation.
2016 International Conference on Computer, Mechatronics and Electronic Engineering (CMEE 2016) ISBN: 978-1-60595-406-6 The Data Aggregation Privacy Protection Algorithm of Body Area Network Based on Data
More informationDESIGN OF WEB SERVICE SINGLE SIGN-ON BASED ON TICKET AND ASSERTION
DESIGN OF WEB SERVICE SINGLE SIGN-ON BASED ON TICKET AND ASSERTION Abstract: 1 K.Maithili, 2 R.Ruhin Kouser, 3 K.Suganya, 1,2,3 Assistant Professor, Department of Computer Science Engineering Kingston
More informationCryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng 1 Outline Basic concepts in cryptography systems Secret key cryptography Public key cryptography Hash functions 2 Encryption/Decryption
More informationResearch on System Login Security Encryption Method Based on MD5
2016 International Conference on Control and Automation (ICCA 2016) ISBN: 978-1-60595-329-8 Research on System Login Security Encryption Method Based on MD5 Xi-mei ZHANG 1, Ying LI 2,Yi-Zhen CAO 3 and
More informationCryptography SSL/TLS. Network Security Workshop. 3-5 October 2017 Port Moresby, Papua New Guinea
Cryptography SSL/TLS Network Security Workshop 3-5 October 2017 Port Moresby, Papua New Guinea 1 History Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 2.2 Secret Key Cryptography CSC 474/574 Dr. Peng Ning 1 Agenda Generic block cipher Feistel cipher DES Modes of block ciphers Multiple encryptions Message
More informationCRYPTOGRAPHY AND NETWROK SECURITY-QUESTION BANK
CRYPTOGRAPHY AND NETWROK SECURITY-QUESTION BANK UNIT-1 1. Answer the following: a. What is Non-repudiation b. Distinguish between stream and block ciphers c. List out the problems of one time pad d. Define
More informationPRIVACY PRESERVING RANKED MULTI KEYWORD SEARCH FOR MULTIPLE DATA OWNERS. SRM University, Kattankulathur, Chennai, IN.
Volume 115 No. 6 2017, 585-589 ISSN: 1311-8080 (printed version); ISSN: 1314-3395 (on-line version) url: http://www.ijpam.eu ijpam.eu PRIVACY PRESERVING RANKED MULTI KEYWORD SEARCH FOR MULTIPLE DATA OWNERS
More informationCryptanalysis of a Markov Chain Based User Authentication Scheme
Cryptanalysis of a Markov Chain Based User Authentication Scheme Ruhul Amin, G.P. Biswas Indian School of Mines, Dhanbad Department of Computer Science & Engineering Email: amin ruhul@live.com, gpbiswas@gmail.com
More informationOverview of SSL/TLS. Luke Anderson. 12 th May University Of Sydney.
Overview of SSL/TLS Luke Anderson luke@lukeanderson.com.au 12 th May 2017 University Of Sydney Overview 1. Introduction 1.1 Raw HTTP 1.2 Introducing SSL/TLS 2. Certificates 3. Attacks Introduction Raw
More informationCMSC 414 S09 Exam 2 Page 1 of 6 Name:
CMSC 414 S09 Exam 2 Page 1 of 6 Name: Total points: 100. Total time: 115 minutes. 6 problems over 6 pages. No book, notes, or calculator Unless stated otherwise, the following conventions are used: K{X}
More informationRequest for Comments: 5109 December 2007 Obsoletes: 2733, 3009 Category: Standards Track. RTP Payload Format for Generic Forward Error Correction
Network Working Group A. Li, Ed. Request for Comments: 5109 December 2007 Obsoletes: 2733, 3009 Category: Standards Track RTP Payload Format for Generic Forward Error Correction Status of This Memo This
More informationETSI TS V5.3.0 ( )
TS 131 114 V5.3.0 (2003-03) Technical Specification Universal Mobile Telecommunications System (UMTS); USAT interpreter protocol and administration (3GPP TS 31.114 version 5.3.0 Release 5) 1 TS 131 114
More informationCSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L
CS 3461/5461: Introduction to Computer Networking and Internet Technologies Network Security Study: 21.1 21.5 Kannan Srinivasan 11-27-2012 Security Attacks, Services and Mechanisms Security Attack: Any
More informationSecurity Issues In Mobile IP
Security Issues In Mobile IP Zhang Chao Tsinghua University Electronic Engineering 1 OUTLINE 1.Introduction 2.Typical threats 3. Mobile IPv6 and new threats 4.Open issues 2 OUTLINE 1.Introduction 2.Typical
More informationComputer Networks. Wenzhong Li. Nanjing University
Computer Networks Wenzhong Li Nanjing University 1 Chapter 7. Network Security Network Attacks Cryptographic Technologies Message Integrity and Authentication Key Distribution Firewalls Transport Layer
More informationResearch on Software Scheduling Technology Based on Multi-Buffered Parallel Encryption
International Conference on Manufacturing Science and Engineering (ICMSE 2015) Research on Software Scheduling Technology Based on Multi-Buffered Parallel Encryption Zeng Rong 1, a, Xia Wei 2, Wang Hongkai
More informationStudy on data encryption technology in network information security. Jianliang Meng, Tao Wu a
nd International Workshop on Materials Engineering and Computer Sciences (IWMECS 05) Study on data encryption technology in network information security Jianliang Meng, Tao Wu a School of North China Electric
More informationBlock Cipher Modes of Operation
Block Cipher Modes of Operation Luke Anderson luke@lukeanderson.com.au 23 rd March 2018 University Of Sydney Overview 1. Crypto-Bulletin 2. Modes Of Operation 2.1 Evaluating Modes 2.2 Electronic Code Book
More informationSecurity Requirements
Message Authentication and Hash Functions CSCI 454/554 Security Requirements disclosure traffic analysis masquerade content modification sequence modification timing modification source repudiation destination
More informationCryptography CS 555. Topic 16: Key Management and The Need for Public Key Cryptography. CS555 Spring 2012/Topic 16 1
Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography CS555 Spring 2012/Topic 16 1 Outline and Readings Outline Private key management between two parties Key management
More informationNetwork Security Issues and Cryptography
Network Security Issues and Cryptography PriyaTrivedi 1, Sanya Harneja 2 1 Information Technology, Maharishi Dayanand University Farrukhnagar, Gurgaon, Haryana, India 2 Information Technology, Maharishi
More informationChapter 8 Web Security
Chapter 8 Web Security Web security includes three parts: security of server, security of client, and network traffic security between a browser and a server. Security of server and security of client
More informationA Group-oriented Access Control Scheme for P2P Networks 1
I.J. Wireless and Microwave Technologies, 2011, 1, 30-37 Published Online February 2011 in MECS (http://www.mecs-press.net DOI: 10.5815/ijwmt.2011.01.05 Available online at http://www.mecs-press.net/ijwmt
More information8. Network Layer Contents
Contents 1 / 43 * Earlier Work * IETF IP sec Working Group * IP Security Protocol * Security Associations * Authentication Header * Encapsulation Security Payload * Internet Key Management Protocol * Modular
More informationJournal of Discrete Mathematical Sciences & Cryptography Vol. ( ), No., pp. 1 10
Randomizing encryption mode Yi-Shiung Yeh 1, I-Te Chen 1, Chan-Chi Wang 2, 1 Department of Computer Science and Information Engineering National Chiao-Tung University 1001 Ta Hsueh Road Hsinchu 30050 Taiwan
More informationUnderstanding TETRA Security
Understanding TETRA Security Brian Murgatroyd Tetra Association former chairman Security and Fraud Prevention Group (SFPG) Warren Systems Independent Security Consultant brian@warrensystems.co.uk Agenda
More informationPayment Card Industry (PCI) PIN Transaction Security (PTS) Hardware Security Module (HSM) Evaluation Vendor Questionnaire Version 2.
Payment Card Industry (PCI) PIN Transaction Security (PTS) Hardware Security Module (HSM) Evaluation Vendor Questionnaire Version 2.0 May 2012 Document Changes Date Version Author Description April 2009
More informationA Design of Remote Monitoring System based on 3G and Internet Technology
National Conference on Information Technology and Computer Science (CITCS 2012) A Design of Remote Monitoring System based on 3G and Internet Technology Shouxian WEN Lei XU Xingguo SUN Xiaohui LI* Abstract
More informationAn Efficient DECT-Mobile IP Interworking for Mobile Computing
An Efficient DECT-Mobile IP Interworking for Mobile Computing Anthony Lo *, Winston Seah * and Edwin Schreuder + * Centre for Wireless Communications 1, National University of Singapore, 20 Science Park
More informationCPSC 481/681 SPRING 2006 QUIZ #1 7 MAR 2006 NAME:
CPSC 481/681 SPRING 2006 QUIZ #1 7 MAR 2006 NAME: There are 6 questions on this quiz. Each question is individually weighted. If you do not understand the question, please ask for clarification. 1 I. (24
More informationFirewalls, Tunnels, and Network Intrusion Detection
Firewalls, Tunnels, and Network Intrusion Detection 1 Firewalls A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.
More informationA Symmetric Cryptography Algorithm in Wireless Sensor Network Security
A Symmetric Cryptography Algorithm in Wireless Sensor Network Security https://doi.org/10.3991/ijoe.v13i11.7752 Juan Li Inner Mongolia Vocational College of Chemical Engineering, Inner Mongolia, China
More informationResearch and Design of Communication based on Train Real-time Ethernet message data
Research and Design of Communication based on Train Real-time Ethernet message data Jiachen Liu, Yi Qiao, Shunde Wang, Yang Li Institute of Electrical and Information Engineering, Dalian Jiaotong University,Dalian
More informationCryptography and Network Security. Prof. D. Mukhopadhyay. Department of Computer Science and Engineering. Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 38 A Tutorial on Network Protocols
More informationSSH Algorithms for Common Criteria Certification
The feature provides the list and order of the algorithms that are allowed for Common Criteria Certification. This module describes how to configure the encryption, Message Authentication Code (MAC), and
More informationBreaking Korea Transit Card with Side-Channel Attack
Breaking Korea Transit Card with Side-Channel Attack -Unauthorized Recharging- Black Hat Asia 2017 Tae Won Kim, Tae Hyun Kim, and Seokhie Hong Outline 1. Attack Goal & Scenario 2. Target Device Details
More informationNetwork Security Essentials
Network Security Essentials Applications and Standards Third Edition William Stallings Chapter 2 Symmetric Encryption and Message Confidentiality Dr. BHARGAVI H. GOSWAMI Department of Computer Science
More informationETSI TS V6.1.0 ( )
TS 102 224 V6.1.0 (2004-12) Technical Specification Smart cards; Security mechanisms for UICC based Applications - Functional requirements (Release 6) 2 TS 102 224 V6.1.0 (2004-12) Reference RTS/SCP-R0282r1
More informationNIST Cryptographic Toolkit
Cryptographic Toolkit Elaine Barker ebarker@nist.gov National InformationSystem Security Conference October 16, 2000 Toolkit Purpose The Cryptographic Toolkit will provide Federal agencies, and others
More informationsymmetric cryptography s642 computer security adam everspaugh
symmetric cryptography s642 adam everspaugh ace@cs.wisc.edu computer security Announcement Midterm next week: Monday, March 7 (in-class) Midterm Review session Friday: March 4 (here, normal class time)
More information