Abstract— Supervisory Control and Data-Acquisition (SCADA) systems are used for monitoring industrial devices. However, their security faces the threat of being compromised by the use of open access networks. The emergence of quantum computers and associated attacks have put traditional cryptography at stake. This paper proposes a novel scheme in SCADA networks where BB84 and Diffie-Hellman protocol are used to generate a quantum key which is further used in ID-based signcryption. Unlike other signcryption approaches, it does not require third-party involvement. The proposed scheme secures the public channel while creating a quantum key and detects intrusions.
Keywords— SCADA systems, quantum cryptography, digital signature, signcryption, quantum channel, BB84 protocol
INTRODUCTION
SCADA systems are used as control systems for monitoring industrial, infrastructural, and facility processes. They are used in industrial fields such as oil mining, electric grids, traffic system control, water treatment systems, and space station systems. Modern SCADA systems have been exposed to a range of attacks because they use open access networks. Failure to secure SCADA systems can be catastrophic [2]. For example, a malicious user can take control of the power supply to a city. Therefore, the security of the SCADA system is crucial.
The transformation of quantum computing from theory to practice in the recent past has not only brought with it potential advantages but also increasing threats. According to Shor’s algorithm, a quantum computer can crack RSA and other traditional cryptography approaches because they can process numbers way faster than any classical computer [13]. The rapid emergence of quantum computer has put traditional encryption in danger which means no field where computer science is useful will be safe whether it’s bank payment, cryptocurrencies, smart cities or power grid. Thus, technologies must be made quantum-safe.
In this letter, we have proposed a quantum-based security scheme which does not require a third party for a key generation and attains the five main security goals which are integrity, confidentiality, authentication, availability, and non-repudiation. Since quantum cryptography is based on principles of quantum mechanics, it can resist threats of a quantum computer [12], [13]. Moreover, due to the worldwide academic effort of researchers, the world’s first chip-based Quantum Key Distribution has been developed by the University of Bristol’s Quantum Engineering Technology labs (QETLabs) [1].
In this scheme, the BB84 protocol [11], [12] is used along with Diffie-Hellman (D-H) protocol. The quantum key will be used for encrypting the data and generating a digital signature by using the component’s unique ID and timestamp. It is a signcryption scheme without any third-party involvement. Hence, a secure communication channel will be established between the Remote Terminal Unit (RTU) and the supervisory system of a SCADA infrastructure.
BACKGROUND
SCADA Communication structure
SCADA systems consist of several entities in a hierarchical structure [3]. They are used in monitoring various kinds of infrastructure and industries. They are structured by the integration of data acquisition systems, data transmission systems and Human-Machine Interface (HMI). A SCADA network has two sections: Hardware and Software. HMI is used as a software whereas hardware has four components as given below [3], [4].
Master Station Unit or Master Terminal Unit (MSU/MTU) is the control center of a SCADA network.
Sub-MSU or Sub-MTU acts as a sub-control center. However, it is not needed in some cases. The MSU can connect to the slave station units directly.
Slave Station Units are Remote Terminal Unit (RTU), Intelligent End Device (IED) and Programmable Logic Controller (PLC). They are used to monitor sensors and actuators.
A Communication link between the MSU and Slave Station Units. Various kinds of communication link may be used such as Ethernet, optical fiber line, satellite, and wireless.
Figure 1: SCADA network architecture [3]
B. Quantum Computer
Traditional computers are the digital electronic computers which encode information in bits. Each bit can be 0 or 1. They execute algorithms on bits using simple logic operations such as AND, XOR, OR and NOT [16]. Instead, quantum computers encode information in qubits. The value of qubits is based on the superposition and entanglement principle. According to the superposition principle, each qubit can represent 0 or 1 or both at the same time [13]. An entanglement occurs when two superposed qubits are allied with each other. Therefore, the number of qubits is directly proportional to the number of states held by the set of qubits [12], [13].
The D-wave company launched its first commercial quantum computer named D-Wave One in 2011, which is being used by National Aeronautics and Space Administration (NASA) of the U.S. for deep space exploration. By 2013, they increased the number of qubits and published the 512-qubit D-Wave Two system. Google is also scheming to use a quantum computer for big data mining [12].
The capacity and speed of quantum computer solving mathematical problems make them a threat to traditional cryptography. All the encryption schemes are based on mathematical logic. Cracking these schemes will be possible for quantum computers. Therefore, a quantum-physics-based cryptography approach is needed similar to the approach used for quantum computers [16].
C. Chip-based Quantum Key Distribution
The microchip circuits developed at QETLabs can generate and distribute keys encoded in qubits by using the quantum properties of superposition and entanglement. This chip presents an opportunity to apply Quantum Key Distribution (QKD) to resource-constrained devices. Besides being cost-effective, it will proliferate the functionality of Wireless Sensor Networks (WSNs) [1], [17].
SECURITY THREATS FACED BY SCADA NETWORKS
A lot of reports have been developed by organizations based on the security requirements of SCADA networks [4]. Like any other system or network, the SCADA network faces the following key threats [2], [4].
Loss of availability can cause power outages and can have a negative impact on the efficiency of power supply chains. Thus, achieving availability as a security goal should be the primary objective of a SCADA network.
Loss of integrity is a scenario when the data has been modified by an attacker and thus, the changed data is received by the receiver. This type of scenario can be achieved by launching a Man-in-the-Middle attack, which can further result in malware injection and IP spoofing.
Loss of confidentiality can be achieved by eavesdropping on a channel. This leads to the loss of privacy and stealing of data as private data is exposed.
Repudiation is where the sender denies the data has been sent by them at that time. Generally, repudiation attacks are very difficult to prove.
Lack of authentication in Distributed Network Protocol 3.0 (DNP 3) used in SCADA systems which can lead to impersonation attacks [18].
LITERATURE SURVEY
Any successful attack on SCADA will have a negative effect on the society. Due to this reason, organizations have been putting a lot of effort to develop standards, protocols and security schemes. The security schemes are based on either symmetric key cryptography or asymmetric key cryptography.
LKH protocol [15] and SKMA protocol [14] are key management schemes based on symmetric key algorithm [4]. However, it does not provide proper authentication system. In the case of SKMA, there are pre-shared keys embedded in the systems manually. The session keys are generated by using the master pre-shared keys.
Another key algorithm for updating and refreshing the keys dynamically is Long Term Key Management Architecture for SCADA systems [3]. In this article, the pre-shared keys are not installed manually. Rather, they are generated using set-up generation program installed in each and every SCADA node. The authors have assumed that MSUs and sub-MSUs are trustworthy.
Identity-based Key Management architecture for SCADA system is built on public-key cryptosystem [5]. The authors have used a pairing algorithm for each and every node of the SCADA system which are MSU, sub-MSU, and RTU. It has been concluded by researchers that public key-based techniques are time-consuming and even costs more power than symmetric key based schemes, but they are way more secure and are suitable for using hybrid infrastructure [6].
Traditional security protocols used in SCADA systems such as IEC 60870, DNP3, IEC 61850 and Modbus lack proper security services. However, the new protocol AGA-12 provides security features to the SCADA systems. It uses cryptographic suites to secure the communication between RTU and MTUs [18].
Moreover, in any wired or wireless infrastructure such as smart grids, power grids or even smart homes, a signcryption scheme needs a trusted third party as it is based on identity-based cryptosystem [7], [8], [9], [10].
Consequently, we are proposing a novel idea where signcryption will be achieved without any trusted third party. Our proposed scheme will not only attain all the security goals for the SCADA networks but will also save the cost of third-party involvement. The system will be safe from both, traditional and quantum computer attacks.
PROPOSED SECURITY SCHEME
Quantum Cryptography is based on Heisenberg’s Uncertainty Principle and Principle of Polarization of Photons [11]. Furthermore, the No-Cloning Theorem makes quantum cryptography a feasible scheme to resist the threats of both quantum and traditional computer. The most popular protocol of Quantum Key Distribution (QKD) is the BB84 protocol and is the most suitable for IoT applications [12].
The proposed model has four phases.
Phase A: Pre-shared Key Establishment by Diffie-Hellman Protocol.
Phase B: Generation of Quantum Key by BB84 Protocol.
Phase C: Signcryption.
Phase D: Unsigncryption.
Each phase is explained in section A, B, C, and D respectively. Phase A and Phase B is the Key generation. Phase C and Phase D is signcryption and unsigncryption.
Figure 2: The proposed scheme model
Pre-shared Key establishment
This is the first phase of the security scheme. While generating a quantum key in section B, the sub-MTU and the RTU use both of the channels: a quantum channel and classical channel. To secure the classical channel, Diffie-Hellman protocol is used to generate a common secret key for both the components.
Quantum Key Distribution (BB84 Protocol)
BB84 protocol [12] is used in this phase to generate a quantum key. The BB84 protocol uses two Basis: Horizontal-vertical linear and Diagonal directions. Since the key generation is based on the polarization of light, each photon is polarized using one of the two Basis randomly. The protocol uses two channels: Quantum Channel, which is used for key generation and distribution, and Classical Channel, which is used for information transmission and eavesdrop detection. This phase has further steps:
Quantum Key Distribution (QKD): The RTU (sender) generates the initial qubits by randomly using the Basis and sends it to the sub-MTU (receiver) via the quantum channel.
Key Sifting: The sub-MTU reads each qubit with either of the two Basis randomly. The series of qubits received by the sub-MTU is called the raw bit. Since the sub-MTU has randomly read the qubits, it will send the read bits to the RTU via the classical channel. Since the classical channel is not secured yet, the pre-shared key generated in section A, is used to encrypt the raw key. Thus, the encrypted raw key is sent to the RTU. The RTU tallies the generated key and the raw key. It then encrypts the correctly guessed bits with the pre-shared key and sends them to the sub-MTU via the classical channel. Both of the components discard the incorrect bits and obtain the sifted key.
Key Distillation has two steps:
Key Error Correction: The sifted key obtained by the two components will not be identical if there is any noise or eavesdropper present. Therefore, the keys are processed for removal of errors and the bits known by an eavesdropper. In this step, the actual error rate is measured by using a traditional error correction algorithm and the obtained error rate is used to determine the number of bits known by the eavesdropper. Finally, the errors in the key are corrected.
Privacy Amplification: Depending upon the value of the error rate, the key is compressed by an appropriate factor to reduce the information about the key known by the eavesdropper.
Signcryption
Both the components have the finalized quantum key (Qk). The RTU executes the following steps.
Encryption: It makes a copy of the data, encrypts the data with the finalized quantum key.
Digital Signature: It hashes the copy of the data. It then encrypts the hash with its private key which is generated from its own unique ID. The ID will be an IP address and a timestamp. The obtained encrypted hash is the digital signature of the particular RTU.
The signcrypted data is sent to the sub-MTU over the classical channel.
Figure 3: Operations performed by the RTU being the sender
Un-Signcryption
The sub-MTU receives the signcrypted data and executes the following steps.
Decryption: The encrypted data is decrypted with the quantum key.
Validation: The encrypted hashed value is decrypted with the quantum key. The copied data is hashed by the same algorithm used by the RTU. Thus, the two obtained values are verified.
CONCLUSION
In this paper, we have proposed a scheme for securing communication in SCADA networks using the BB84 protocol which is a QKD protocol, Diffie-Hellman Key exchange protocol, and signcryption. This scheme does not use any trusted third party and yet, attains all the security goals: integrity, confidentiality, availability, authentication, and non-repudiation. It will resist the attacks of traditional and quantum computers. Besides eradicating the cost of maintaining a third party, the scheme acts as the Eavesdrop Detection System, a Cryptographic System as well as an ID-based Authentication System. The simulation of the scheme will be done on Python 3.6.0 and Quantum Toolbox in Python (QuTip) will be used for simulating the quantum key distribution.
References
P. Sibson, C. Erven, M. Godfrey, S. Miki, T. Yamashita, M. Fujiwara, M. Sasaki, H. Terai, M. G. Tanner, C. M. Natarajan, R. H. Had_eld, J. L. O’Brien, and M. G. Thompson, “Chip-based Quantum Key Distribution”, Research Gate, May 12, 2016, DOI: 10.1038/ncomms13984, Source: arXiv.
D. Kang, J.Lee, S.Kim, “Analysis on cyber threats to SCADA systems”, Transmission and Distribution Conference and Exposition: Asia and Pacific, T and D Asia 2009, pp. 1-4.
Hendra Saputra, Zhigang Zhao, “Long Term Kry Management Architecture SCADA Systems”, IEEE 4th World Forum on Internet of Things (WF-IoT), pp. 314 -319, May 2018.
Donghyun Choi, Hakman Kim, Dongho Won, and Seungjoo Kim, “Advanced Key-Management Architecture for secure SCADA Communications”, IEEE Journals & Magazines, volume:24, pp. 1154-1163, Issue:3.
Yong-Hun Lim, “IKMS- An ID-based Key Management Architecture for SCADA system”, International Conference on Networked Computing, IEEE conferences, pp. 139-144, 2011.
Abdalhossein Rezai, Parviz Keshavarzi, Zahra Moravej, “Key Management Issue in SCADA networks: A review, Engineering Science and Technology”, International Journal 20(2017), pp. 354-363.
Elif Ustundag Soykan, Seda Demirag Ersoz, Gurkan Soykan, “Identity based signcryption for Advanced Metering Infrastructure”, 3rd International Istanbul Smart Grid Congress and Fair (ICSG), pp 1-5, 2015.
Kahlid Alharbi, Xiaodong Lin, “Efficient and Privacy-Preserving Smart Grid Downlink Communication Using Identitty Based Signcyption”, 2016 IEEE Global Communications Conference, pp. 1-6, 2016.
Seyyed Mahdi Sedaghat, Mohammad Hassan Ameri, Javad Mohajeri, Mohammad Reza, “An efficient and secure Data Sharing in Smart Grid: Ciphertext-policy attribute-based signcryption”, 2017 Iranian Conference on Electrical Engineering (ICEE), IEEE conferences, pp. 2003-2008, 2017.
Yosef Ashibani, Qusay H. Mahmoud, “An Efficient and Secure Scheme for Smart Home Communication using Identity-Based Signcryption”, 2017 IEEE 36th International Performance Computing and Communications, IPCCC, pp. 1-7, 2017.
Charles H. Bennett, GillesBrassard, “Quantum cryptography: Public key distribution and coin tossing”, Theoretical Computer Science, Theoretical Aspects of Quantum Cryptography, Elsevier B.V., doi:10.1016/j.tcs.2014.05.025.
Sudhir K. Routray, Mahesh K. Jha, Laxmi Sharma, Rahul Nyamangoudar, Abhishek Javali, Sutapa Sarkar, “Quantum Cryptography for IoT: A Perspective”, 2017 International Conference on IoT and Application (ICIOT), IEEE Conferences, pp. 1-4, 2017.
Xin Zhang, Zhao Yang Dong, Zeya Wang, Chixin Xiao, Fengji Luo, “ Quantum Cryptography Based Cyber-Physical Security Technology for Smart Grids”, 10th International Conference on Advances in Power System Control, APSCOM 2015, pp. 1-6, 2015.
Robert Dawson, Colin Boyd, Ed Dawson and Juan Manuel Gonzaelez Nieto, “SKMA- A Key Management Architecture for SCADA Systems”, Conferences in Research and Practice in Information Technology Series, pp. 183-192, January 2006, doi: 10.1145/1151828.1151850.
PPT, Yiquan Hu, “Logical Key Hierarchical Protocol”, NC State University, Computer Science, March 31, 2003. [online]. Available: http://discovery.csc.ncsu.edu/Courses/csc774-S03/Presentations/02-LKH.pdf
Chang Linus, “How Secure is today’s encryption against quantum computers?”, 2017. [online]. Available: https://betanews.com/2017/10/13/current-encryption-vs-quantum-computers/.
Clark Caroline, “World’s first Chip-based Quantum Key Distribution”, KETS, February 2017. [online]. Available: http://kets-quantum.com/technology/worlds-first-chip-based-quantum-key-distirbution/.
Control Micro systems Inc., published: 2013, [online]. Available: https://www.plcsystems.ru/catalog/SCADAPack/doc/Security_Technical_Reference.pdf.