期刊文献+

一种高效的GOOSE报文完整性认证方法 被引量:11

Efficient Integrity Authentication Method for GOOSE Packet
下载PDF
导出
摘要 当前主流研究采用HASH信息验证码(HMAC)认证方法保障面向通用对象的变电站事件(GOOSE)报文的完整性,但分析发现HMAC对经典的GOOSE这类短报文来说效率并不高。设计一种直接采用密钥和顺序调整后的报文作为HASH函数输入的GOOSE报文认证方法,利用GOOSE报文显性长度域、统一报文格式和时序性等属性,降低碰撞攻击和避免长度扩展攻击、重放攻击等风险;将GOOSE心跳报文的时变内容置于待认证报文末端,可重复利用同系列心跳报文中相同内容的HASH压缩运算的中间结果。嵌入式平台验证结果表明算法的高效性。 Today's popular study suggests HASH message authentication code(HMAC)method for generic object oriented substation event(GOOSE)to insure message integrity.However,elaborate study finds that HMAC method is not efficient to classic message whose length is short.An authentication method of getting the encrypted key and sequence adjusted information as direct inputs of the HASH function is proposed.GOOSE attributes of explicit length,unified message format and time factor are used in the method to resist length-expanded attacks and replay attacks.The time-varying content of heartbeat GOOSE is reorganized at the end of the message so that the intermediate result of HASH compressive computation to the unvaried content of the same series of heartbeats GOOSE can be efficiently used.Testing results in the embedded platform have proved the high efficiency of the proposed method.
出处 《电力系统自动化》 EI CSCD 北大核心 2017年第2期173-177,共5页 Automation of Electric Power Systems
基金 国家自然科学基金资助项目(51477057)~~
关键词 实时报文 完整性 认证 算法效率 real-time packet integrity authentication algorithm efficiency
  • 相关文献

参考文献4

二级参考文献46

  • 1韩小涛,聂一雄,尹项根.基于OPNET的变电站二次回路通信系统仿真研究[J].电网技术,2005,29(6):67-71. 被引量:44
  • 2廖建容,段斌,谭步学,孙璐.基于口令的变电站数据与通信安全认证[J].电力系统自动化,2007,31(10):71-75. 被引量:26
  • 3IEC Std.61850.IEC Standard for Communication Network and Systems in Substations[S].2003.
  • 4Premaratne U,Samarabandu J,Sidhu T,et al.Evidence theory based decision fusion for masquerade detection in IEC61850 automated substations[C]//Proc Int Conf Information and Automation for Sustainabilty.Colombo:IEEE,2008:194-199.
  • 5Hoyos J,Dehus M,Brown T X.Exploiting the GOOSE protocol:A practical attack on cyber-infrastructure[C]//Globecom Workshops (GC Wkshps),Anaheim,California,USA:IEEE,2012:1508-1513.
  • 6IEC62351-6 TS Ed1 Security for IEC 61850 profiles[S].2005.
  • 7Lim I H,Hong S,Choi M S,et al.Security protocols against cyber attacks in the distribution automation system[J].IEEE Transactions on Power Delivery,2010,25(1):448-455.
  • 8IEEE PSRC H6 Working Group.Application consideration of IEC61850/UCA2 for substation ethernet local area network communication for protection and control[R].2005.
  • 9McCabe J D.Network analysis,Architecture,and Design.Third edition[M].Burlington,USA:Morgan Kaufmann publisher,2007.
  • 10Krawczyk H,Bellare M,Canetti R.HMAC:Keyed-Hashing for Message Authentication[C]//Internet Engineering Task Force,Request for Comments (RFC) 2104,New York:IETF,1997:1-11.

共引文献129

同被引文献127

引证文献11

二级引证文献89

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部