AES RSA-SM2 Algorithm against Man-in-the-Middle Attack in IEC 60870-5-104 Protocol

AES RSA-SM2 Algorithm against Man-in-the-Middle Attack in IEC 60870-5-104 Protocol

下载PDF

导出

摘要 The IEC60870-5-104 protocol lacks an integrated authentication mechanism during plaintext transmission, and is vulnerable to security threats, monitoring, tampering, or cutting off communication connections. In order to verify the security problems of 104 protocol, the 104 master-slave communication implemented DoS attacks, ARP spoofing and Ettercap packet filtering and other man-in-the-middle attacks. DoS attacks may damage the network functions of the 104 communication host, resulting in communication interruption. ARP spoofing damaged the data privacy of the 104 protocol, and Ettercap packet filtering cut off the communication connection between the master and the slave. In order to resist the man-in-the-middle attack, the AES and RSA hybrid encryption signature algorithm and the national secret SM2 elliptic curve algorithm are proposed. AES and RSA hybrid encryption increases the security strength of communication data and realizes identity authentication. The digital signature implemented by the SM2 algorithm can realize identity verification, ensure that the data has not been tampered with, and can ensure the integrity of the data. Both of them improve the communication security of the 104 protocol. The IEC60870-5-104 protocol lacks an integrated authentication mechanism during plaintext transmission, and is vulnerable to security threats, monitoring, tampering, or cutting off communication connections. In order to verify the security problems of 104 protocol, the 104 master-slave communication implemented DoS attacks, ARP spoofing and Ettercap packet filtering and other man-in-the-middle attacks. DoS attacks may damage the network functions of the 104 communication host, resulting in communication interruption. ARP spoofing damaged the data privacy of the 104 protocol, and Ettercap packet filtering cut off the communication connection between the master and the slave. In order to resist the man-in-the-middle attack, the AES and RSA hybrid encryption signature algorithm and the national secret SM2 elliptic curve algorithm are proposed. AES and RSA hybrid encryption increases the security strength of communication data and realizes identity authentication. The digital signature implemented by the SM2 algorithm can realize identity verification, ensure that the data has not been tampered with, and can ensure the integrity of the data. Both of them improve the communication security of the 104 protocol.

作者 Shan Shi Yong Wang Cunming Zou Yingjie Tian Shan Shi;Yong Wang;Cunming Zou;Yingjie Tian(College of Computer Science and Technology, Shanghai University of Electric, Shanghai, China;Third Institute of Ministry of Public Security, National Network and Information System Safety Product Quality Supervision and Testing Center, Shanghai, China;Institute of Electric Power Science, State Grid Shanghai Electric Power Company, Shanghai, China)

机构地区 College of Computer Science and Technology Third Institute of Ministry of Public Security Institute of Electric Power Science

出处《Journal of Computer and Communications》 2022年第1期27-41,共15页 电脑和通信（英文）

关键词 104 Protocol Man in the Middle Attack AES and RSA Hybrid Encryption Signature National Secret SM2 Algorithm 104 Protocol Man in the Middle Attack AES and RSA Hybrid Encryption Signature National Secret SM2 Algorithm

分类号 TP3 [自动化与计算机技术—计算机科学与技术]

引文网络
相关文献

参考文献6

1徐畅.AES和RSA混合加密技术在网络数据传输中的应用[J].无线互联科技,2016,13(13):142-144. 被引量：11
2肖振久,胡驰,姜正涛,陈虹.AES与RSA算法优化及其混合加密体制[J].计算机应用研究,2014,31(4):1189-1194. 被引量：34
3叶亮,陈文敏,曹霞.IEC60870-5-104协议在监控系统中的应用[J].电子测量技术,2018,41(6):134-137. 被引量：5
4马钧,张一斌.基于IEC60870-5-104的配电自动化通信安全协议[J].计算机科学,2013,40(11):81-84. 被引量：9
5江泽鑫.IEC60870-5-104规约安全性分析及攻击实验[J].信息技术与网络安全,2018,37(10):1-4. 被引量：5
6王勇,王相,刘丽丽,刘金永,武津园,李双飞,俞能海.配电网IEC60870-5-104协议的抗中间人攻击算法[J].信息安全学报,2019,4(6):56-66. 被引量：4

二级参考文献50

1胡亮,袁巍,于孟涛,初剑峰,刘方.单向性策略与AES密钥生成算法的改进[J].吉林大学学报（工学版）,2009,39(1):137-142. 被引量：11
2吴文玲,冯登国.分组密码工作模式的研究现状[J].计算机学报,2006,29(1):21-36. 被引量：39
3杨波.现代密码学[M].北京:清华大学出版社,2007.
4I[C TS 62351-1, I[C Technical Committee 57, Data and Com munications Security, Partl Communication Network and Sys- tem Security-Introduction to Security Issues[S]. 2007.
5I[C TS 62351-5, I[C Technical Committee 57, Data and Corn munieations Security,Part5:Security for I[C 60870 5 and deriv- atives[S]. 2009.
6Ma Jun, She Jun. Research on Cyber Security Segre-gation for Industrial Control Systems[J]. International Journal of Digital Content Technology and its Applications, 2011,5(8):9-15.
7Igure V M, Laughter S A,Williams R D. Security issues in SCA DA networks [J]. Computers and Security, 2006, 25 (7) 498- 5O6.
8III B C L, Buennemeyer T K , Thomas R W. Next generation SCADA security., best practices and elient puzzles[C]//Proc. 6th Annual. IEEE System, Information Assurance Workshop. 2005 : 426-427.
9Lim I H, Hong S, Lee S J, et al. Security Protocols Against cy ber attacks in the distribution automation system[J]. IEEE Transactions on Power Delivery, 2010,25 (1) : 448-454.
10Kim M,Metzner J J. A key exchange method for intelligent elec- tronic devices in distribution automation[J]. IEEE Transactions on Power Delivery, 2010,25 (3) : 1458-1463.

共引文献59

1谭淞镁.104协议在机组在线监测数据平台建设中的应用[J].水电厂自动化,2020(2):31-33. 被引量：1
2杨梅强,胡绍谦,尤小明,周晓飞,杨越.DNP3安全认证功能的探索与实现[J].湖北电力,2023,47(2):29-36. 被引量：1
3李丽,谭昕.基于改进RSA算法加密体制的数字签名[J].硅谷,2014,7(15):38-38.
4张常清,晏西国,卜庆凯.基于移动互联网的APP与服务器之间的通信设计[J].青岛大学学报（工程技术版）,2015,30(2):26-30. 被引量：12
5陈永锋,宋楠.分布式信息管理系统混合加密优化研究[J].西安建筑科技大学学报（自然科学版）,2015,47(2):293-296.
6付超,李灿平,陈金鹰.扩展Playfair和RSA混合加密的分析[J].通信与信息技术,2015(4):95-97.
7黄健.RSA公钥加密体制的安全性分析与改进[J].计算机与网络,2016,42(1):70-73. 被引量：6
8纪建强.基于Delphi的RSA加/解密的研究与实现[J].网络安全技术与应用,2016(1):113-115.
9张贵军,夏华栋,周晓根,张贝金.一种配电网络差分禁忌线路规划方法[J].计算机科学,2016,43(10):248-255. 被引量：5
10刘闫锋.高校分布式信息管理系统加密优化探析[J].陕西教育（高教版）,2016(12):64-65.

1Eman Mousavinejad,Xiaohua Ge,Senior Member,Qing-Long Han,Teng Joon Lim,Ljubo Vlacic.An Ellipsoidal Set-Membership Approach to Distributed Joint State and Sensor Fault Estimation of Autonomous Ground Vehicles[J].IEEE/CAA Journal of Automatica Sinica,2021,8(6):1107-1118. 被引量：3
2Youhai Shao,Yong Wang,Yun Yang,Xiang Wang.Research on a Secure Communication Protocol Based on National Secret SM2 Algorithm[J].Journal of Computer and Communications,2022,10(1):42-56. 被引量：1
3Hua Zhao,Mingyan Xu,Zhou Zhong,Ding Wang.A Fast Physical Layer Security-Based Location Privacy Parameter Recommendation Algorithm in 5G IoT[J].China Communications,2021,18(8):75-84.
4Hailin Chen,Gang Xu,Yuling Chen,Xiubo Chen,Yixian Yang,Ruibin Fan,Kaixiang Zhang,Huizhong Li.Cipherchain:A Secure and Efficient Ciphertext Blockchain via mPECK[J].Journal of Quantum Computing,2020,2(1):57-83. 被引量：2
5吴伟楠,陈鸣,邓理.IRDA:一种灵活获取NFV对象信息的机制[J].计算机技术与发展,2021,31(12):98-104. 被引量：1
6Yatong Jiang,Tao Shang,Jianwei Liu.SM algorithms-based encryption scheme for large genomic data files[J].Digital Communications and Networks,2021,7(4):543-550.
7黄宏程,鲍晓萌,胡敏.边缘网络中一种VNF需求预测方法[J].电讯技术,2021,61(12):1476-1483. 被引量：3
8ZHONG Xiaomei,XIAO Meihua,ZHANG Tong,YANG Ke,LUO Yunxian.Proving Mutual Authentication Property of RCIA Protocol in RFID Based on Logic of Events[J].Chinese Journal of Electronics,2022,31(1):79-88. 被引量：4
9Qi SUN,Jicheng CHEN,Yang SHI.Event-triggered robust MPC of nonlinear cyber-physical systems against DoS attacks[J].Science China(Information Sciences),2022,65(1):18-34. 被引量：1
10Junyan Guo,Ye Du,Xuesong Wu,Meihong Li.An Anti-Quantum Authentication Protocol for Space Information Networks Based on Ring Learning with Errors[J].Journal of Communications and Information Networks,2021,6(3):301-311.

Journal of Computer and Communications

2022年第1期

浏览历史

内容加载中请稍等...

AES RSA-SM2 Algorithm against Man-in-the-Middle Attack in IEC 60870-5-104 Protocol

参考文献6

二级参考文献50

共引文献59

相关作者

相关机构

相关主题

浏览历史