Flexible multicast authentication for time-triggered embedded control network applications

Security for wired embedded networks is becoming a greater concern as connectivity to the outside world increases. Protocols used in these networks omit support for authenticating messages to prevent masquerade and replay attacks. The unique constraints of embedded control systems make incorporating...

Full description

Saved in:
Bibliographic Details
Main Authors: Szilagyi, C., Koopman, P.
Format: Conference Proceeding
Language:English
Subjects:
Communication system traffic control
Computer crime
Control systems
Costs
Cryptography
Data security
Embedded system
Message authentication
Protocols
Time division multiple access
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites
container_end_page 174
container_issue
container_start_page 165
container_title
container_volume
creator Szilagyi, C.
Koopman, P.
description Security for wired embedded networks is becoming a greater concern as connectivity to the outside world increases. Protocols used in these networks omit support for authenticating messages to prevent masquerade and replay attacks. The unique constraints of embedded control systems make incorporating existing multicast authentication schemes impractical. Our approach provides multicast authentication for time-triggered applications by validating truncated message authentication codes (MACs) across multiple packets. We extend this approach to tolerate occasional invalid MACs, analyze our approach through simulated attacks, and give an upper bound on the probability of successful attack. This approach allows a tradeoff among per-packet authentication cost, application level latency, tolerance to invalid MACs, and probability of induced failure, while satisfying typical embedded system constraints.
doi_str_mv 10.1109/DSN.2009.5270342
format conference_proceeding
fullrecord <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_5270342</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>5270342</ieee_id><sourcerecordid>5270342</sourcerecordid><originalsourceid>FETCH-LOGICAL-i217t-c7219c6a158b2bd9765a461455452933760dab54516a35b23e498b9179eca2ac3</originalsourceid><addsrcrecordid>eNpFUMtOwzAQNI9KtKV3JC7-gQR7bcfxERUKSBUcgAuXyk62xZBH5bgC_h5XVGIuu6PRjmaWkAvOcs6Zubp5fsyBMZMr0ExIOCITLkEmANfHZAxclZkwoE_-BVCnZMyVYBkrSzMik72BYVAafUZmw_DBEqSCUvAxeVs0-O1dg7TdNdFXdojU7uI7dnsSfd_RdR9o9C1mMfjNBgPWFFuHdZ2Wqu9i6BvaYfzqwye1221zuBvOyWhtmwFnhzklr4vbl_l9tny6e5hfLzOfOsSs0sBNVdjUxIGrjS6UlQWXSqWMRghdsNq6RHhhhXIgUJrSGa4NVhZsJabk8s_XI-JqG3xrw8_q8DDxC-2wWTU</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Flexible multicast authentication for time-triggered embedded control network applications</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Szilagyi, C. ; Koopman, P.</creator><creatorcontrib>Szilagyi, C. ; Koopman, P.</creatorcontrib><description>Security for wired embedded networks is becoming a greater concern as connectivity to the outside world increases. Protocols used in these networks omit support for authenticating messages to prevent masquerade and replay attacks. The unique constraints of embedded control systems make incorporating existing multicast authentication schemes impractical. Our approach provides multicast authentication for time-triggered applications by validating truncated message authentication codes (MACs) across multiple packets. We extend this approach to tolerate occasional invalid MACs, analyze our approach through simulated attacks, and give an upper bound on the probability of successful attack. This approach allows a tradeoff among per-packet authentication cost, application level latency, tolerance to invalid MACs, and probability of induced failure, while satisfying typical embedded system constraints.</description><identifier>ISSN: 1530-0889</identifier><identifier>ISBN: 1424444225</identifier><identifier>ISBN: 9781424444229</identifier><identifier>EISSN: 2158-3927</identifier><identifier>EISBN: 1424444217</identifier><identifier>EISBN: 9781424444212</identifier><identifier>DOI: 10.1109/DSN.2009.5270342</identifier><identifier>LCCN: 2009902897</identifier><language>eng</language><publisher>IEEE</publisher><subject>Communication system traffic control ; Computer crime ; Control systems ; Costs ; Cryptography ; Data security ; Embedded system ; Message authentication ; Protocols ; Time division multiple access</subject><ispartof>2009 IEEE/IFIP International Conference on Dependable Systems &amp; Networks, 2009, p.165-174</ispartof><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/5270342$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,2058,27925,54555,54920,54932</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/5270342$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Szilagyi, C.</creatorcontrib><creatorcontrib>Koopman, P.</creatorcontrib><title>Flexible multicast authentication for time-triggered embedded control network applications</title><title>2009 IEEE/IFIP International Conference on Dependable Systems &amp; Networks</title><addtitle>DSN</addtitle><description>Security for wired embedded networks is becoming a greater concern as connectivity to the outside world increases. Protocols used in these networks omit support for authenticating messages to prevent masquerade and replay attacks. The unique constraints of embedded control systems make incorporating existing multicast authentication schemes impractical. Our approach provides multicast authentication for time-triggered applications by validating truncated message authentication codes (MACs) across multiple packets. We extend this approach to tolerate occasional invalid MACs, analyze our approach through simulated attacks, and give an upper bound on the probability of successful attack. This approach allows a tradeoff among per-packet authentication cost, application level latency, tolerance to invalid MACs, and probability of induced failure, while satisfying typical embedded system constraints.</description><subject>Communication system traffic control</subject><subject>Computer crime</subject><subject>Control systems</subject><subject>Costs</subject><subject>Cryptography</subject><subject>Data security</subject><subject>Embedded system</subject><subject>Message authentication</subject><subject>Protocols</subject><subject>Time division multiple access</subject><issn>1530-0889</issn><issn>2158-3927</issn><isbn>1424444225</isbn><isbn>9781424444229</isbn><isbn>1424444217</isbn><isbn>9781424444212</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2009</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><recordid>eNpFUMtOwzAQNI9KtKV3JC7-gQR7bcfxERUKSBUcgAuXyk62xZBH5bgC_h5XVGIuu6PRjmaWkAvOcs6Zubp5fsyBMZMr0ExIOCITLkEmANfHZAxclZkwoE_-BVCnZMyVYBkrSzMik72BYVAafUZmw_DBEqSCUvAxeVs0-O1dg7TdNdFXdojU7uI7dnsSfd_RdR9o9C1mMfjNBgPWFFuHdZ2Wqu9i6BvaYfzqwye1221zuBvOyWhtmwFnhzklr4vbl_l9tny6e5hfLzOfOsSs0sBNVdjUxIGrjS6UlQWXSqWMRghdsNq6RHhhhXIgUJrSGa4NVhZsJabk8s_XI-JqG3xrw8_q8DDxC-2wWTU</recordid><startdate>20090101</startdate><enddate>20090101</enddate><creator>Szilagyi, C.</creator><creator>Koopman, P.</creator><general>IEEE</general><scope>6IE</scope><scope>6IH</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIO</scope></search><sort><creationdate>20090101</creationdate><title>Flexible multicast authentication for time-triggered embedded control network applications</title><author>Szilagyi, C. ; Koopman, P.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i217t-c7219c6a158b2bd9765a461455452933760dab54516a35b23e498b9179eca2ac3</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2009</creationdate><topic>Communication system traffic control</topic><topic>Computer crime</topic><topic>Control systems</topic><topic>Costs</topic><topic>Cryptography</topic><topic>Data security</topic><topic>Embedded system</topic><topic>Message authentication</topic><topic>Protocols</topic><topic>Time division multiple access</topic><toplevel>online_resources</toplevel><creatorcontrib>Szilagyi, C.</creatorcontrib><creatorcontrib>Koopman, P.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan (POP) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP) 1998-present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Szilagyi, C.</au><au>Koopman, P.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Flexible multicast authentication for time-triggered embedded control network applications</atitle><btitle>2009 IEEE/IFIP International Conference on Dependable Systems &amp; Networks</btitle><stitle>DSN</stitle><date>2009-01-01</date><risdate>2009</risdate><spage>165</spage><epage>174</epage><pages>165-174</pages><issn>1530-0889</issn><eissn>2158-3927</eissn><isbn>1424444225</isbn><isbn>9781424444229</isbn><eisbn>1424444217</eisbn><eisbn>9781424444212</eisbn><abstract>Security for wired embedded networks is becoming a greater concern as connectivity to the outside world increases. Protocols used in these networks omit support for authenticating messages to prevent masquerade and replay attacks. The unique constraints of embedded control systems make incorporating existing multicast authentication schemes impractical. Our approach provides multicast authentication for time-triggered applications by validating truncated message authentication codes (MACs) across multiple packets. We extend this approach to tolerate occasional invalid MACs, analyze our approach through simulated attacks, and give an upper bound on the probability of successful attack. This approach allows a tradeoff among per-packet authentication cost, application level latency, tolerance to invalid MACs, and probability of induced failure, while satisfying typical embedded system constraints.</abstract><pub>IEEE</pub><doi>10.1109/DSN.2009.5270342</doi><tpages>10</tpages><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 1530-0889
ispartof 2009 IEEE/IFIP International Conference on Dependable Systems & Networks, 2009, p.165-174
issn 1530-0889
2158-3927
language eng
recordid cdi_ieee_primary_5270342
source IEEE Electronic Library (IEL) Conference Proceedings
subjects Communication system traffic control
Computer crime
Control systems
Costs
Cryptography
Data security
Embedded system
Message authentication
Protocols
Time division multiple access
title Flexible multicast authentication for time-triggered embedded control network applications
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-02T20%3A01%3A23IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Flexible%20multicast%20authentication%20for%20time-triggered%20embedded%20control%20network%20applications&rft.btitle=2009%20IEEE/IFIP%20International%20Conference%20on%20Dependable%20Systems%20&%20Networks&rft.au=Szilagyi,%20C.&rft.date=2009-01-01&rft.spage=165&rft.epage=174&rft.pages=165-174&rft.issn=1530-0889&rft.eissn=2158-3927&rft.isbn=1424444225&rft.isbn_list=9781424444229&rft_id=info:doi/10.1109/DSN.2009.5270342&rft.eisbn=1424444217&rft.eisbn_list=9781424444212&rft_dat=%3Cieee_6IE%3E5270342%3C/ieee_6IE%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-i217t-c7219c6a158b2bd9765a461455452933760dab54516a35b23e498b9179eca2ac3%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=5270342&rfr_iscdi=true