Integrity assurance in resource-bounded systems through stochastic message authentication

Assuring communication integrity is a central problem in security. However, overhead costs associated with cryptographic primitives used towards this end introduce significant practical implementation challenges for resource-bounded systems, such as cyber-physical systems. For example, many control systems are built on legacy components which are computationally limited but have strict timing constraints. If integrity protection is a binary decision, it may simply be infeasible to introduce into such systems; without it, however, an adversary can forge malicious messages, which can cause significant physical or financial harm. We propose a formal game-theoretic framework for optimal stochastic message authentication, providing provable integrity guarantees for resource-bounded systems based on an existing MAC scheme. We use our framework to investigate attacker deterrence, as well as optimal design of stochastic message authentication schemes when deterrence is impossible. Finally, we provide experimental results on the computational performance of our framework in practice.

[1]  Damith C. Ranasinghe Lightweight cryptography for low cost RFID , 2008 .

[2]  Mikael Gidlund,et al.  Future research challenges in wireless sensor and actuator networks targeting industrial automation , 2011, 2011 9th IEEE International Conference on Industrial Informatics.

[3]  Ronald L. Krutz,et al.  The CISSP Prep Guide: Mastering the Ten Domains of Computer Security , 2001 .

[4]  Nei Kato,et al.  A Lightweight Message Authentication Scheme for Smart Grid Communications , 2011, IEEE Transactions on Smart Grid.

[5]  Christof Paar,et al.  A Survey of Lightweight-Cryptography Implementations , 2007, IEEE Design & Test of Computers.

[6]  Vincent Conitzer,et al.  Stackelberg vs. Nash in Security Games: An Extended Investigation of Interchangeability, Equivalence, and Uniqueness , 2011, J. Artif. Intell. Res..

[7]  Gustavus J. Simmons,et al.  Authentication Theory/Coding Theory , 1985, CRYPTO.

[8]  Diana Maimut,et al.  Lightweight Cryptography for RFID Tags , 2012, IEEE Security & Privacy.

[9]  Amir Moradi,et al.  Lightweight Cryptography and DPA Countermeasures: A Survey , 2010, Financial Cryptography Workshops.

[10]  Quanyan Zhu,et al.  Game theory meets network security and privacy , 2013, CSUR.

[11]  Yee Wei Law,et al.  KLEIN: A New Family of Lightweight Block Ciphers , 2010, RFIDSec.

[12]  Yevgeniy Vorobeychik,et al.  Optimal interdiction of attack plans , 2013, AAMAS.

[13]  Lei Zhou,et al.  The Economic Cost of Publicly Announced Information Security Breaches: Empirical Evidence from the Stock Market , 2003, J. Comput. Secur..

[14]  Daniel W. Engels,et al.  The Hummingbird-2 Lightweight Authenticated Encryption Algorithm , 2011, RFIDSec.

[15]  S. Shankar Sastry,et al.  Research Challenges for the Security of Control Systems , 2008, HotSec.

[16]  Christof Paar,et al.  A survey of lighweight- cryptography implementations , 2007 .

[17]  Alok Aggarwal,et al.  Lightweight Cryptographic Primitives for Mobile Ad Hoc Networks , 2012, SNDS.