Related papers: An Enhanced Online Certificate Status Protocol for Public Key Infrastructure with Smart Grid and Energy Storage System

An Enhanced Online Certificate Status Protocol for Public Key Infrastructure with Smart Grid and Energy Storage System

URL: http://arxiv.org/abs/2409.10929v2
Date: Wed, 18 Sep 2024 05:59:14 GMT
Title: An Enhanced Online Certificate Status Protocol for Public Key Infrastructure with Smart Grid and Energy Storage System
Authors: Hong-Sheng Huang, Cheng-Che Chuang, Jhih-Zen Shih, Hsuan-Tung Chen, Hung-Min Sun,
Abstract summary: We introduce the OCSP Stapling approach to optimize OCSP query costs in our smart grid environment. Our experimental results show that OCSP stapling increases both efficiency and security, creating a more robust architecture for the smart grid.
Score: 0.6757476692230008
License: http://creativecommons.org/licenses/by/4.0/
Abstract: The efficiency of checking certificate status is one of the key indicators in the public key infrastructure (PKI). This prompted researchers to design the Online Certificate Status Protocol (OCSP) standard, defined in RFC 6960, to guide developers in implementing OCSP components. However, as the environment increasingly relies on PKI for identity authentication, it is essential to protect the communication between clients and servers from rogue elements. This can be achieved by using SSL/TLS techniques to establish a secure channel, allowing Certificate Authorities (CAs) to safely transfer certificate status information. In this work, we introduce the OCSP Stapling approach to optimize OCSP query costs in our smart grid environment. This approach reduces the number of queries from the Device Language Message Specification (DLMS) server to the OCSP server. Our experimental results show that OCSP stapling increases both efficiency and security, creating a more robust architecture for the smart grid.

Related papers

An Efficient TLS 1.3 Handshake Protocol with VC Certificate Type [0.0]
The paper presents a step forward in the design and implementation of a Transport Layer Security (TLS) handshake protocol. It enables the use of Verifiable Credential (VC) while maintaining full compliance with RFC-8446 and preserving all the security features of TLS 1.3. Results pave the way for the adoption of Self-Sovereign Identity in large-scale Internet of Things (IoT) systems.
arXiv Detail & Related papers (2024-07-17T13:18:16Z)
Enc2DB: A Hybrid and Adaptive Encrypted Query Processing Framework [47.11111145443189]
We introduce Enc2DB, a novel secure database system following a hybrid strategy on and openGauss. We present a micro-benchmarking test and self-adaptive mode switch strategy that can choose the best execution path (cryptography or TEE) to answer a given query. We also design and implement a ciphertext index compatible with native cost model and querys to accelerate query processing.
arXiv Detail & Related papers (2024-04-10T08:11:12Z)
vSPACE: Voting in a Scalable, Privacy-Aware and Confidential Election [0.3749861135832073]
vSPACE presents a novel approach to secure, private, and scalable elections. It extends the TrueElect and ElectAnon protocols with the integration of AnonCreds SSI (Self-Sovereign Identity) vSPACE integrates Distributed Ledger Technology (DLT) for immutable and certifiable audit trails.
arXiv Detail & Related papers (2024-03-08T12:56:10Z)
Hybrid Online Certificate Status Protocol with Certificate Revocation List for Smart Grid Public Key Infrastructure [0.7249731529275341]
Hsu et al. proposed a cryptographic scheme within the public key infrastructure to bolster the security of smart grid meters. We introduce a Hybrid Online Certificate Status Protocol mechanism. Our simulations, mimicking meter behavior, demonstrated increased efficiency, creating a more robust architecture tailored to the smart grid meter landscape.
arXiv Detail & Related papers (2024-01-19T16:16:11Z)
A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z)
HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
arXiv Detail & Related papers (2024-01-17T00:56:23Z)
A Holistic Approach for Trustworthy Distributed Systems with WebAssembly and TEEs [2.0198678236144474]
This paper introduces a novel approach using WebAssembly to address these issues. We present the design of a portable and fully attested publish/subscribe system as a holistic approach. Our experimental results showcase most overheads, revealing a 1.55x decrease in message throughput when using a trusted broker.
arXiv Detail & Related papers (2023-12-01T16:37:48Z)
Establishing Dynamic Secure Sessions for ECQV Implicit Certificates in Embedded Systems [0.0]
We present a design that utilizes the Station to Station (STS) protocol with implicit certificates. We show that with a slight computational increase of 20% compared to a static ECDSA key derivation, we are able to mitigate many session-related security vulnerabilities.
arXiv Detail & Related papers (2023-11-19T22:40:21Z)
SOCI^+: An Enhanced Toolkit for Secure OutsourcedComputation on Integers [50.608828039206365]
We propose SOCI+ which significantly improves the performance of SOCI. SOCI+ employs a novel (2, 2)-threshold Paillier cryptosystem with fast encryption and decryption as its cryptographic primitive. Compared with SOCI, our experimental evaluation shows that SOCI+ is up to 5.4 times more efficient in computation and 40% less in communication overhead.
arXiv Detail & Related papers (2023-09-27T05:19:32Z)
Practical quantum secure direct communication with squeezed states [55.41644538483948]
We report the first table-top experimental demonstration of a CV-QSDC system and assess its security. This realization paves the way into future threat-less quantum metropolitan networks, compatible with coexisting advanced wavelength division multiplexing (WDM) systems.
arXiv Detail & Related papers (2023-06-25T19:23:42Z)
Security Limitations of Classical-Client Delegated Quantum Computing [54.28005879611532]
A client remotely prepares a quantum state using a classical channel. Privacy loss incurred by employing $RSP_CC$ as a sub-module is unclear. We show that a specific $RSP_CC$ protocol can replace the quantum channel at least in some contexts.
arXiv Detail & Related papers (2020-07-03T13:15:13Z)

This list is automatically generated from the titles and abstracts of the papers in this site.