Proof of aliveness

In 2017, malware Triton was discovered in a petrol plant in Saudi Arabia, and it shut down the safety instrumented systems in the affected industrial control system without being noticed by the operators. If the malware was not discovered by a security company on time, it could leave the system running without any safety measures, and eventually lead to an explosion. To detect such attacks, one can track the running status of the devices in the field to know that they are still "alive". However, in practice, there yet does not exist an efficient and cryptographically secure mechanism/ protocol that can prove the aliveness of a device to control centers over an open network. This paper aims to tackle this practical problem by introducing a new cryptographic notion called Proof of Aliveness (PoA). We propose to use a one-way function (OWF) chain structure to build an efficient proof of aliveness, such that the prover sends every node on the OWF chain in a reverse order periodically, and it can be verified by a verifier with the possession of the tail (last node) of the OWF chain. However, the practicality of this construction is limited by the finite number of nodes on an OWF chain. We enhance our first PoA construction by linking multiple OWF chains together using a pseudo-random generator chain. By integrating one-time signature schemes into the structure, we can achieve auto-replenishment of aliveness-proofs, which implies that this PoA can be used forever without an interruption for reinitialization. To make our proposals more practical, we analyzed the security of the above PoA proposals in the standard model. Besides that, we also specifically defined a security model for the concept of PoA. Our PoA constructions are implemented and evaluated on Raspberry Pis for a demonstration of its performance.

[1]  Dan Boneh,et al.  T/Key: Second-Factor Authentication From Secure Hash Chains , 2017, CCS.

[2]  Nils Ole Tippenhauer,et al.  On Ladder Logic Bombs in Industrial Control Systems , 2017, CyberICPS/SECPRE@ESORICS.

[3]  Pradeep K. Khosla,et al.  SWATT: softWare-based attestation for embedded devices , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[4]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[5]  Silvio Micali,et al.  On-line/off-line digital signatures , 1996, Journal of Cryptology.

[6]  Donggang Liu,et al.  Multilevel μTESLA: Broadcast authentication for distributed sensor networks , 2004, TECS.

[7]  Binbin Chen,et al.  Secure and Efficient Software-based Attestation for Industrial Control Devices with ARM Processors , 2017, ACSAC.

[8]  Yookun Cho,et al.  HORSIC: An efficient one-time signature scheme for wireless sensor networks , 2012, Inf. Process. Lett..

[9]  Ahmad-Reza Sadeghi,et al.  PAtt: Physics-based Attestation of Control Systems , 2019, RAID.

[10]  Srinivas Devadas,et al.  Intel SGX Explained , 2016, IACR Cryptol. ePrint Arch..

[11]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[12]  Adrian Perrig,et al.  The BiBa one-time signature and broadcast authentication protocol , 2001, CCS '01.

[13]  Jian Weng,et al.  Pseudorandom generators from regular one-way functions: New constructions with improved parameters , 2013, Theor. Comput. Sci..

[14]  Oded Goldreich,et al.  Foundations of Cryptography: List of Figures , 2001 .

[15]  Yuval Ishai,et al.  Basing Weak Public-Key Cryptography on Strong One-Way Functions , 2008, TCC.

[16]  Luca Trevisan,et al.  Lower bounds on the efficiency of generic cryptographic constructions , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[17]  Mihir Bellare,et al.  The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs , 2006, EUROCRYPT.

[18]  Oded Goldreich,et al.  The Foundations of Cryptography - Volume 1: Basic Techniques , 2001 .

[19]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[20]  Ran Canetti,et al.  Timed Efficient Stream Loss-Tolerant Authentication (TESLA): Multicast Source Authentication Transform Introduction , 2005, RFC.

[21]  Hoeteck Wee,et al.  On obfuscating point functions , 2005, STOC '05.

[22]  Elaine Shi,et al.  Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems , 2005, SOSP '05.

[23]  Leslie Lamport,et al.  Constructing Digital Signatures from a One Way Function , 2016 .

[24]  Yalin Chen,et al.  Improved on an efficient user authentication scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment , 2016, IACR Cryptol. ePrint Arch..

[25]  Martin E. Hellman,et al.  A cryptanalytic time-memory trade-off , 1980, IEEE Trans. Inf. Theory.

[26]  Irfan Ahmed,et al.  CLIK on PLCs! Attacking Control Logic with Decompilation and Virtual PLC , 2019, Proceedings 2019 Workshop on Binary Analysis Research.

[27]  Jianying Zhou,et al.  A Modular Hybrid Learning Approach for Black-Box Security Testing of CPS , 2019, ACNS.

[28]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[29]  Volker Roth,et al.  Internet-facing PLCs as a network backdoor , 2015, 2015 IEEE Conference on Communications and Network Security (CNS).

[30]  Gordon W. Braudaway,et al.  Protecting publicly-available images with an invisible image watermark , 1996, Proceedings of International Conference on Image Processing.

[31]  John Kelsey,et al.  Recommendation for Random Number Generation Using Deterministic Random Bit Generators , 2014 .

[32]  Madhur Tulsiani,et al.  Time Space Tradeoffs for Attacks against One-Way Functions and PRGs , 2010, CRYPTO.

[33]  Haojun Zhang,et al.  Self-Updating Hash Chains and Their Implementations , 2006, WISE.

[34]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[35]  Ran Canetti,et al.  Efficient and Secure Source Authentication for Multicast , 2001, NDSS.

[36]  Amos Fiat,et al.  Rigorous time/space tradeoffs for inverting functions , 1991, STOC '91.

[37]  David M'Raïhi,et al.  TOTP: Time-Based One-Time Password Algorithm , 2011 .

[38]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[39]  S. Rajsbaum Foundations of Cryptography , 2014 .

[40]  Neil Haller,et al.  The S/KEY One-Time Password System , 1995, RFC.

[41]  Kai Sorensen,et al.  Federal Information Processing Standards Publication , 1985 .

[42]  Chris J. Mitchell,et al.  Comments on the S/KEY user authentication scheme , 1996, OPSR.

[43]  Moni Naor,et al.  Efficient cryptographic schemes provably as secure as subset sum , 2004, Journal of Cryptology.

[44]  Claudio Soriente,et al.  On the difficulty of software-based attestation of embedded devices , 2009, CCS.

[45]  Shiuh-Pyng Shieh,et al.  An efficient broadcast authentication scheme in wireless sensor networks , 2006, ASIACCS '06.

[46]  Xiao-Yuan Yang,et al.  A self-renewal hash chain scheme based on fair exchange idea(SRHC-FEI) , 2010, 2010 3rd International Conference on Computer Science and Information Technology.

[47]  Jonathan Katz,et al.  Fixing Cracks in the Concrete: Random Oracles with Auxiliary Input, Revisited , 2017, EUROCRYPT.

[48]  Vipul Goyal,et al.  How To Re-initialize a Hash Chain , 2004, IACR Cryptol. ePrint Arch..

[49]  Kevin Fu,et al.  Security and Privacy for Implantable Medical Devices , 2008, IEEE Pervasive Comput..

[50]  Haojun Zhang,et al.  A Novel Self-Renewal Hash Chain and Its Implementation , 2008, 2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing.