摘要
为提高列车控制系统中铁路安全通信协议的机密性,消除数据明文传输存在的潜在威胁,提出了基于国家商用密码算法的列控系统核心网络加密技术实施方案。通过硬件、软件结合构建加密保护方案:在信号安全数据网子网内或子网间串接密码机,实现硬件的数据帧加密;采用三重SM4加密算法对通信报文的数据帧加密,实现列控系统软件应用数据的加密。搭建列控系统测试环境对加密技术方案进行验证,试验结果表明:该加密方案在对列控系统的业务处理能力无影响的情况下,可以有效提高列控系统重要数据在传输过程中的机密性和完整性。基于国密算法的列控系统传输加密研究为列控系统提供了传输加密可借鉴的方法和应用实例,也为铁路信号系统数据的安全高效传输提供了新的思路。
In order to improve the confidentiality of railway safety communication protocols in train control system and eliminate the potential threats in data plain text transmission,a core network encryption technology implementation scheme for train control system based on national commercial cryptographic algorithm(NCCA)is proposed.By combining hardware and software,an encryption protection scheme is constructed:a cipher machine is connected in series within or between subnets of the signal safety data network to achieve encryption of hardware data frames.Adopting the triple SM4 encryption algorithm to encrypt the data frame of communication messages,the application data encryption within the train control system software is achieved.Establishing a testing environment for the train control system to verify the encryption technology scheme,the test results verify that the encryption scheme is feasible and has no impact on the business processing ability of the train control system.It can effectively improve the confidentiality and integrity of important data of the train control system in the transmission process.The encryption research work based on NCCA provides reference methods and application examples for transmission encryption in train control system,which also provides new ideas for the safe and efficient data transmission of railway signal systems.
作者
张成阳
王金成
黄翌虹
方志刚
唐丕强
卓鹏
ZHANG Chengyang;WANG Jincheng;HUANG Yihong;FANG Zhigang;TANG Piqiang;ZHUO Peng
出处
《铁道通信信号》
2024年第1期37-44,共8页
Railway Signalling & Communication
基金
中国国家铁路集团有限公司重点课题(N2021G054)。
关键词
列控系统
明文传输
传输加密
信息安全
国密算法
密码机
Train control system
Plain text transmission
Transmission encryption
Information safety
National Commercial Cryptographic Algorithm(NCCA)
Encryption machine