Encrypting Controller using Fully Homomorphic Encryption for Security of Cyber-Physical Systems*

Abstract: In order to enhance security of cyber-physical systems, it is important to protect the signals from sensors to the controller, and from the controller to the actuator, because the attackers often steal and compromise those signals. One immediate solution could be encrypting the signals, but in order to perform computation in the controller, they should be decrypted before computation and encrypted again after computation. For this, the controller keeps the secret key, which in turn increases vulnerability from the attacker. In this paper, we introduce the fully homomorphic encryption (FHE) , which is an advanced cryptography that has enabled arithmetic operations directly on the encrypted variables without decryption. However, this also introduces several new issues that have not been studied for conventional controllers. Most of all, an encrypted variable has a finite lifespan, which decreases as an arithmetic operation is performed on it. Our solution is to run multiple controllers, and orchestrate them systematically. Also, in order to slow down the decrease of the lifespan, a tree-based computation of sequential matrix multiplication is introduced. We finally demonstrate the effectiveness of the proposed algorithm with quadruple water tank example.

[1]  Karl Henrik Johansson,et al.  The quadruple-tank process: a multivariable laboratory process with an adjustable zero , 2000, IEEE Trans. Control. Syst. Technol..

[2]  S. Shankar Sastry,et al.  Safe and Secure Networked Control Systems under Denial-of-Service Attacks , 2009, HSCC.

[3]  Chris Peikert,et al.  Better Key Sizes (and Attacks) for LWE-Based Encryption , 2011, CT-RSA.

[4]  Karl Henrik Johansson,et al.  Revealing stealthy attacks in control systems , 2012, 2012 50th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[5]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[6]  Quanyan Zhu,et al.  Game-Theoretic Methods for Robustness, Security, and Resilience of Cyberphysical Control Systems: Games-in-Games Principle for Optimal Cross-Layer Resilient Control Systems , 2015, IEEE Control Systems.

[7]  Shreyas Sundaram,et al.  Distributed Function Calculation via Linear Iterative Strategies in the Presence of Malicious Agents , 2011, IEEE Transactions on Automatic Control.

[8]  Hyungbo Shim,et al.  When adversary encounters uncertain cyber-physical systems: Robust zero-dynamics attack with disclosure resources , 2016, 2016 IEEE 55th Conference on Decision and Control (CDC).

[9]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2009, JACM.

[10]  Takahiro Fujita,et al.  Cyber-security enhancement of networked control systems using homomorphic encryption , 2015, 2015 54th IEEE Conference on Decision and Control (CDC).

[11]  Karl Henrik Johansson,et al.  Cyberphysical Security in Networked Control Systems: An Introduction to the Issue , 2015 .

[12]  Hyungbo Shim,et al.  Secure and robust state estimation under sensor attacks, measurement noises, and process disturbances: Observer-based combinatorial approach , 2015, 2015 European Control Conference (ECC).

[13]  Peng Liu,et al.  Secure Information Aggregation for Smart Grids Using Homomorphic Encryption , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[14]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[15]  Ralph Langner,et al.  Stuxnet: Dissecting a Cyberwarfare Weapon , 2011, IEEE Security & Privacy.

[16]  Léo Ducas,et al.  FHEW: Bootstrapping Homomorphic Encryption in Less Than a Second , 2015, EUROCRYPT.

[17]  Chris Peikert,et al.  Public-key cryptosystems from the worst-case shortest vector problem: extended abstract , 2009, STOC '09.

[18]  Oded Regev,et al.  Lattice-Based Cryptography , 2006, CRYPTO.

[19]  Karl Henrik Johansson,et al.  A secure control framework for resource-limited adversaries , 2012, Autom..

[20]  Jung Hee Cheon,et al.  Fully Homomophic Encryption over the Integers Revisited , 2015, EUROCRYPT.

[21]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[22]  Jill Slay,et al.  Lessons Learned from the Maroochy Water Breach , 2007, Critical Infrastructure Protection.

[23]  Jung Hee Cheon,et al.  Floating-Point Homomorphic Encryption , 2016, IACR Cryptol. ePrint Arch..

[24]  Craig Gentry,et al.  Fully Homomorphic Encryption over the Integers , 2010, EUROCRYPT.