TY - GEN
T1 - Key update at train stations
T2 - 12th EAI International Conference on Security and Privacy in Communication Networks, SecureComm 2016
AU - Chang, Sang Yoon
AU - Cai, Shaoying
AU - Seo, Hwajeong
AU - Hu, Yih Chun
N1 - Publisher Copyright:
© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2017.
PY - 2017
Y1 - 2017
N2 - Modern train systems adopt communication-based train control (CBTC), which uses wireless communications to better monitor and control the train operations. Despite the well-studied security issues in wireless networking in information technology applications, security implementations in trains have been lagging; many train systems rely on security by obscurity and forgo well-established security practices such as key updates. To secure train systems against increasingly evolving and persistent attackers and mitigate key breach (which can occur due to misuse of the key), we build a key update scheme, Key Update at Train Stations (KUTS), that leverages the inherent physical aspects of train operations (mobility/infrastructure-asymmetry between the stations and the trains and the operational differences when the trains are at stations and between the stations). Furthermore, by incorporating separation of key chain and use and on the entities providing the key seeds, KUTS protects the key seeds for future updates against the breach of the current key and is both key-collision irrelevant (thwarting known collision-based threats on one-way random functions) and system-compromise resilient (protecting the key secrecy even when the train system is compromised). We theoretically analyze KUTS’s effectiveness, security strength, and security properties. We also implement KUTS on various computing devices to study the performance overhead.
AB - Modern train systems adopt communication-based train control (CBTC), which uses wireless communications to better monitor and control the train operations. Despite the well-studied security issues in wireless networking in information technology applications, security implementations in trains have been lagging; many train systems rely on security by obscurity and forgo well-established security practices such as key updates. To secure train systems against increasingly evolving and persistent attackers and mitigate key breach (which can occur due to misuse of the key), we build a key update scheme, Key Update at Train Stations (KUTS), that leverages the inherent physical aspects of train operations (mobility/infrastructure-asymmetry between the stations and the trains and the operational differences when the trains are at stations and between the stations). Furthermore, by incorporating separation of key chain and use and on the entities providing the key seeds, KUTS protects the key seeds for future updates against the breach of the current key and is both key-collision irrelevant (thwarting known collision-based threats on one-way random functions) and system-compromise resilient (protecting the key secrecy even when the train system is compromised). We theoretically analyze KUTS’s effectiveness, security strength, and security properties. We also implement KUTS on various computing devices to study the performance overhead.
UR - http://www.scopus.com/inward/record.url?scp=85021697873&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85021697873&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-59608-2_7
DO - 10.1007/978-3-319-59608-2_7
M3 - Conference contribution
AN - SCOPUS:85021697873
SN - 9783319596075
T3 - Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
SP - 125
EP - 143
BT - Security and Privacy in Communication Networks -12th International Conference, SecureComm 2016, Proceedings
A2 - Deng, Robert
A2 - Yegneswaran, Vinod
A2 - Weng, Jian
A2 - Ren, Kui
PB - Springer
Y2 - 10 October 2016 through 12 October 2016
ER -