TY - GEN
T1 - Securing balise-based train control systems using cryptographic random fountains
AU - Harshan, J.
AU - Chang, Sang Yoon
AU - Kang, Seungmin
AU - Hu, Yih Chun
N1 - Funding Information:
ACKNOWLEDGEMENTS This work was supported by the National Research Foundation (NRF), Prime Ministers Office, Singapore, under its National Cybersecurity R&D Programme (Award No. NRF2014NCR-NCR001-31) and administered by the National Cybersecurity R&D Directorate and by the Human-Centered Cyber-physical Systems Programme at the Advanced Digital Sciences Center from Singapore’s Agency for Science, Technology and Research (A*STAR).
Publisher Copyright:
© 2017 IEEE.
PY - 2017/12/19
Y1 - 2017/12/19
N2 - In modern train control systems, a moving train retrieves its location information through passive transponders called balises, which are placed on the sleepers of the track at regular intervals. When the train-borne antenna energizes them using tele-powering signals, balises backscatter preprogrammed telegrams, which carry information about the train's current location. Since the telegrams are static in the existing implementations, the uplink signals from the balises could be recorded by an adversary and then replayed at a different location of the track, leading to what is well-known as the replay attack. Such an attack, while the legitimate balise is still functional, introduces ambiguity to the train about its location, can impact the physical operations of the trains. For balise-to-train communication, we propose a new communication framework referred to as cryptographic random fountains (CRF), where each balise, instead of transmitting telegrams with fixed information, transmits telegrams containing random signals. A salient feature of CRF is the use of challenge-response based interaction between the train and the balise for communication integrity. We present a thorough security analysis of CRF to showcase its ability to mitigate sophisticated replay attacks. Finally, we also discuss the implementation aspects of our framework.
AB - In modern train control systems, a moving train retrieves its location information through passive transponders called balises, which are placed on the sleepers of the track at regular intervals. When the train-borne antenna energizes them using tele-powering signals, balises backscatter preprogrammed telegrams, which carry information about the train's current location. Since the telegrams are static in the existing implementations, the uplink signals from the balises could be recorded by an adversary and then replayed at a different location of the track, leading to what is well-known as the replay attack. Such an attack, while the legitimate balise is still functional, introduces ambiguity to the train about its location, can impact the physical operations of the trains. For balise-to-train communication, we propose a new communication framework referred to as cryptographic random fountains (CRF), where each balise, instead of transmitting telegrams with fixed information, transmits telegrams containing random signals. A salient feature of CRF is the use of challenge-response based interaction between the train and the balise for communication integrity. We present a thorough security analysis of CRF to showcase its ability to mitigate sophisticated replay attacks. Finally, we also discuss the implementation aspects of our framework.
UR - http://www.scopus.com/inward/record.url?scp=85046688500&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85046688500&partnerID=8YFLogxK
U2 - 10.1109/CNS.2017.8228689
DO - 10.1109/CNS.2017.8228689
M3 - Conference contribution
AN - SCOPUS:85046688500
T3 - 2017 IEEE Conference on Communications and Network Security, CNS 2017
SP - 405
EP - 410
BT - 2017 IEEE Conference on Communications and Network Security, CNS 2017
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2017 IEEE Conference on Communications and Network Security, CNS 2017
Y2 - 9 October 2017 through 11 October 2017
ER -