Rainbow Signature Scheme to Secure GOOSE Communications From Quantum Computer Attacks

The International Electrotechnical Commission (IEC) 62351-6 standard prescribes provisions to secure IEC 61850-8-1 generic object-oriented substation events (GOOSE) communications from cyber threats. The GOOSE authentication schemes recommended by IEC 62351-6 have shortcomings, such as long authenti...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on industry applications 2021-09, Vol.57 (5), p.4579-4586
Main Authors: Reshikeshan, Sree Subiksha, Koh, Myung Bae, Illindala, Mahesh
Format: Article
Language:English
Subjects:
Algorithms
Authentication
Communication system security
Computation
Cryptography
cyberphysical systems
Cybersecurity
Encryption
IEC Standards
industrial communication
information security
Libraries
linear codes
message authentication
multicast communications
network security
power system security
Quantum computers
Quantum computing
Rainbows
Security
substation automation
Substations
Verification
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The International Electrotechnical Commission (IEC) 62351-6 standard prescribes provisions to secure IEC 61850-8-1 generic object-oriented substation events (GOOSE) communications from cyber threats. The GOOSE authentication schemes recommended by IEC 62351-6 have shortcomings, such as long authentication-value computation times, large signature lengths, the usage of symmetric keys, and susceptibility to quantum computer attacks. To overcome these, this paper proposes the usage of the rainbow signature scheme (RSS), a quantum cryptographic method to secure GOOSE messages. The RSS offers fast signature generation and verification using asymmetric keys, making it very attractive to meet the time-latency and security requirements of the GOOSE protocol. The adaptation of the RSS cryptography method for its application to the GOOSE protocol is presented in this paper. The algorithms for key generation, signature computation and message verification are discussed in detail. A first-of-its-kind C library that incorporates security features within the GOOSE protocol in compliance with the IEC 62351-6-stipulated format, is developed. The superior features of the RSS in comparison with the other IEC 62351-6 security schemes are demonstrated.
ISSN:0093-9994
1939-9367
DOI:10.1109/TIA.2021.3093375