Modified Timed Efficient Stream Loss-tolerant Authentication to Secure Power Line Communication

This paper investigates the feasibility of Timed Efficient Stream Loss-tolerant Authentica- tion to serve security needs of Power Line Communication (PLC) system. PLC network has been identified as the ideal choice to function as the last mile network, deliver load management messages to smart meters. However, there is need to address the security concerns for load management messages delivered over power line communications. The ubiquitous nature of the power line communication infrastructure exposes load management systems (LMS) deployed over it to a security risk. Ordinarily, PLC network does not em- ploy any security measures on which the smart meters and data concentrators can depend on. Therefore, the need to provide a secure mechanism for communication of load man- agement system messages over a PLC network. In LMS, source authentication is of highest priority because we need to respond only to messages from an authenticated source. This is achieved by investigating suitable robust authentication protocols. In this paper we present modifications to Timed Efficient Stream Loss-tolerant Authentication for secure authentica- tion to secure messages for load management over PLC. We demonstrate that PLC can be used to securely and effectively deliver Load Management messages to smart meters, with minimal overhead.

Formal models and analysis of secure multicast in wired and wireless networks

The spreading of multicast technology enables the development of group communication and so dealing with digital streams becomes more and more common over the Internet. Given the flourishing of security threats, the distribution of streamed data must be equipped with sufficient security guarantees. To this aim, some architectures have been proposed, to supply the distribution of the stream with guarantees of, e.g., authenticity, integrity, and confidentiality of the digital contents. This paper shows a formal capability of capturing some features of secure multicast protocols. In particular, both the modeling and the analysis of some case studies are shown, starting from basic schemes for signing digital streams, passing through proto- cols dealing with packet loss and time-synchronization requirements, concluding with a secure distribution of a secret key. A process-algebraic framework will be exploited, equipped with schemata for analysing security properties and compositional principles for evaluating if a property is satisfied over a system with more than two components

SECURING TESLA BROADCAST PROTOCOL WITH DIFFIE- HELLMAN KEY EXCHANGE

ABSTRACT Broadcast communication is highly prone to attacks from unauthenticated users in the wireless medium. Techniques have been proposed to make the communication more secure. In this paper, TESLA broadcast protocol is used to ensure source authentication. Diffie-Hellman Key Exchange is used to share the cryptographic keys in a secured manner. A PKI is developed based on TESLA and Diffie-Hellman Key Exchange, assuming that all network nodes in the network are loosely synchronized in time

Integration of TESLA and FLUTE over satellite networks

Multicast research has explored the security challenges faced in group communications. Multicast transport and multicast security need to work in close collaboration to realise a multicast service. However, there has been comparatively little work to combine the two technologies. In this paper the authors is presenting an example of partially integrating Timed Efficient Stream Loss-Tolerant Authentication (TESLA) protocol and the File Delivery over Unidirectional Transport (FLUTE) protocol. The security concern raised by the proposed algorithm is analysed for satellite network. The proposed algorithm was implemented on a testbed with multicast tunnel between University of Surrey and University of Aberdeen and the results are presented in this paper

Formal models and analysis of secure multicast in wired and wireless networks

The spreading of multicast technology enables the develop- ment of group communication and so, dealing with digital streams be- comes more and more common over the Internet. Given the flourishing of security threats, the distribution of streamed data must be equipped with sufficient security guarantees. To this aim, some architectures have been proposed in the last few years, to supply the distribution of the stream with guarantees of, e.g., authenticity, integrity and confidentiality of the digital contents. This paper shows a formal capability of captur- ing some features of secure multicast protocols. In particular, both the modeling and the analysis of some case studies are shown, starting from basic schemes for signing digital streams, passing through protocols deal- ing with packet loss and time-synchronization requirements, concluding with a secure distribution of a secret key. A process-algebraic framework will be exploited, equipped with schemata for analysing security proper- ties and compositional principles for evaluating if a property is satisfied over a system with more than two components

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

LiS: Lightweight Signature Schemes for continuous message authentication in cyber-physical systems

Agency for Science, Technology and Research (A*STAR) RIE 202

IMPLEMENTING PROPOSED IEEE 1588 INTEGRATED SECURITY MECHANISM

The IEEE 1588 Precision Time Protocol is the industry standard for precise time synchronization, used in applications such as the power grid, telecommunications, and audio-video bridging, among many others. However, the standard\u27s recommendations on how to secure the protocol are lacking, and thus have not been widely adopted. A new revision of IEEE 1588 is currently being developed, which will include revised specifications regarding security. The aim of this thesis is to explore the feasibility of the proposed security mechanism, specifically as it would apply to use in the power grid, through implementation and evaluation. The security mechanism consists of two verification approaches, immediate and delayed; we implemented both approaches on top of PTPd, an existing open source implementation of PTP. We support the immediate verification security approach using manual key management at startup, and we support the delayed verification security approach emulating automated key management for a set of security parameters corresponding to one manually configured time period. In our experiments, we found that added performance cost for both verification approaches was within 30 μs, and PTP synchronization quality remained intact when security was enabled. This work should increase awareness and accelerate the adoption of the proposed security mechanism in the power industry