Evaluating Cryptographic Algorithms in IEC 61850 Networks
| Autor: | Leonardo F. Soares, Rafael B. Scarselli, Igor M. Moraes |
|---|---|
| Rok vydání: | 2019 |
| Předmět: |
021110 strategic
defence & security studies business.industry Computer science 0211 other engineering and technologies 020206 networking & telecommunications Cryptography 02 engineering and technology Encryption Digital signature IEC 61850 Symmetric-key algorithm 0202 electrical engineering electronic engineering information engineering Key (lock) business Algorithm |
| Zdroj: | NOF |
| DOI: | 10.1109/nof47743.2019.9015196 |
| Popis: | We evaluate in this paper several cryptographic algorithms applied to the GOOSE protocol in IEC 61850 communication networks for electric power substations. International Electrotechnical Commission (IEC) in its standards suggests to use RSA algorithm for digital signature of GOOSE messages and at the same time defines a maximum communication latency of 3 ms for critical messages. In this context, the challenge is to answer if we can use RSA in practice to sign GOOSE critical messages. We perform several experiments with low-processing-power devices to emulate Intelligent Electronic Devices (IEDs) to answer this question. Our results confirm RSA cannot be used to sign critical GOOSE messages, as suggested by IEC, if we are using such kind of devices. The time to sign, transmit, receive, and recover the message is often much close to 3 ms in our experiments. On the other hand, we show that symmetric cryptography algorithms satisfy this time constraint. For example, with AES algorithm with CMAC, we can encrypt the entire payload of a 459-byte message, send, and receive it in much less time than 3 ms. The challenge that is still open in this context is how to distribute the keys securely to use symmetric cryptography. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|