Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check
- URL: http://arxiv.org/abs/2411.14394v1
- Date: Thu, 21 Nov 2024 18:26:05 GMT
- Title: Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check
- Authors: Alessandro Lotto, Alessandro Brighente, Mauro Conti,
- Abstract summary: We propose Authenticated Cyclic Redundancy Integrity Check (ACRIC)
ACRIC preserves backward compatibility without requiring additional hardware and is protocol agnostic.
We show that ACRIC offers robust security with minimal transmission overhead ( 1 ms)
- Score: 98.34702864029796
- License:
- Abstract: Integrating modern communication technologies into legacy systems, such as Industrial Control Systems and in-vehicle networks, invalidates the assumptions of isolated and trusted operating environments. Security incidents like the 2015 Ukraine power grid attack and the 2021 compromise of a U.S. water treatment facility demonstrate how increased interconnectivity, paired with insufficient security measures, expose these critical systems to cyber threats, posing risks to national and public safety. These attacks were favored by the lack of proper message authentication, highlighting its importance as a primary countermeasure to enhance system security. Solutions proposed in the literature remain largely unadopted in practice due to challenges such as preserving backward compatibility, additional hardware requirements, and limited computational resources on legacy devices. Moreover, many solutions are protocol-specific, necessitating complex and costly multiple implementations in heterogeneous systems. In this paper, we propose Authenticated Cyclic Redundancy Integrity Check (ACRIC), a novel security mechanism that overcomes these limitations by leveraging a cryptographic computation of the existing Cyclyic Redundancy Check (CRC) field to ensure message integrity protection and authentication. ACRIC preserves backward compatibility without requiring additional hardware and is protocol agnostic. This makes it applicable across various systems, suitable for diverse legacy network protocols including point-to-point and broadcast communications. Experimental results, supported by formal verification and real-world testing, demonstrate that ACRIC offers robust security with minimal transmission overhead (<< 1 ms). This proves ACRIC's practicality, cost-effectiveness, and suitability for real-world adoption.
Related papers
- AEAKA: An Adaptive and Efficient Authentication and Key Agreement Scheme for IoT in Cloud-Edge-Device Collaborative Environments [7.106119177152857]
We propose an adaptive and efficient authentication and key agreement scheme (AEAKA) for Cloud-Edge-Device IoT environments.
AEAKA is highly adaptive and scalable, capable of automatically and dynamically initiating different authentication methods based on device requirements.
It employs an edge-assisted authentication approach to reduce the load on third-party trust authorities.
arXiv Detail & Related papers (2024-11-14T06:55:27Z) - Enhancing Enterprise Security with Zero Trust Architecture [0.0]
Zero Trust Architecture (ZTA) represents a transformative approach to modern cybersecurity.
ZTA shifts the security paradigm by assuming that no user, device, or system can be trusted by default.
This paper explores the key components of ZTA, such as identity and access management (IAM), micro-segmentation, continuous monitoring, and behavioral analytics.
arXiv Detail & Related papers (2024-10-23T21:53:16Z) - Toward Mixture-of-Experts Enabled Trustworthy Semantic Communication for 6G Networks [82.3753728955968]
We introduce a novel Mixture-of-Experts (MoE)-based SemCom system.
This system comprises a gating network and multiple experts, each specializing in different security challenges.
The gating network adaptively selects suitable experts to counter heterogeneous attacks based on user-defined security requirements.
A case study in vehicular networks demonstrates the efficacy of the MoE-based SemCom system.
arXiv Detail & Related papers (2024-09-24T03:17:51Z) - Securing the Open RAN Infrastructure: Exploring Vulnerabilities in Kubernetes Deployments [60.51751612363882]
We investigate the security implications of and software-based Open Radio Access Network (RAN) systems.
We highlight the presence of potential vulnerabilities and misconfigurations in the infrastructure supporting the Near Real-Time RAN Controller (RIC) cluster.
arXiv Detail & Related papers (2024-05-03T07:18:45Z) - Quantum-Secure Certificate-Less Conditional Privacy-Preserving Authentication for VANET [4.8124555241328375]
Existing lattice-based authentication schemes fall short of addressing the potential challenges of the leakage of the master secret key and key-escrow problem.
This paper proposes the emphfirst quantum secure authentication scheme to eliminate the flaws while maintaining the system's overall efficiency intact.
arXiv Detail & Related papers (2024-03-20T16:50:36Z) - A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure.
This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus.
We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z) - Cybersecurity in Critical Infrastructures: A Post-Quantum Cryptography Perspective [0.0]
Implementing cryptosystems in industrial communication networks faces a trade-off between the security of the communications and the amortization of the industrial infrastructure.
New threat to cybersecurity has arisen with the theoretical proposal of quantum computers.
Many global agents have become aware that transitioning their secure communications to a quantum secure paradigm is a priority that should be established before the arrival of fault-tolerance.
arXiv Detail & Related papers (2024-01-08T10:02:48Z) - Practical quantum secure direct communication with squeezed states [55.41644538483948]
We report the first table-top experimental demonstration of a CV-QSDC system and assess its security.
This realization paves the way into future threat-less quantum metropolitan networks, compatible with coexisting advanced wavelength division multiplexing (WDM) systems.
arXiv Detail & Related papers (2023-06-25T19:23:42Z) - Recursively Feasible Probabilistic Safe Online Learning with Control Barrier Functions [60.26921219698514]
We introduce a model-uncertainty-aware reformulation of CBF-based safety-critical controllers.
We then present the pointwise feasibility conditions of the resulting safety controller.
We use these conditions to devise an event-triggered online data collection strategy.
arXiv Detail & Related papers (2022-08-23T05:02:09Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.