TRAKS: A Universal Key Management Scheme for ERTMS

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Colleges, School and Institutes

External organisations

  • Radboud University, Nijmegen, The Netherlands

Abstract

This paper presents a new Key Management and Distribution Scheme for use in the European Rail Traffic Management System (ERTMS). Its aim is to simplify key management and improve cross-border operations through hierarchical partitioning. The current scheme used in ERTMS involves the creation and distribution of 3DES keys to train and trackside entities, which are then used as part of the Euro Radio Protocol to provide message authentication. This results in the distribution of tens of thousands of keys using portable media, a prohibitively high burden on management and resourcing. We present a symmetric key solution, TRAKS, which has the benefit of being backwards compatible with the current ERTMS standard and being post-quantum secure. This new scheme reduces the number of cryptographic keys in circulation, and maintains the current security model. We achieve this by dynamically deriving unique keys from a shared secret, i.e. the line secret, which is combined with IDs of trains, and of signalling equipment. In addition to providing better key management, our scheme also adds authentication to the location data provided by EuroBalises.

Bibliographic note

ACM New York, NY, USA ©2017 ISBN: 978-1-4503-5345-8

Details

Original languageEnglish
Title of host publicationACSAC 2017 Proceedings of the 33rd Annual Computer Security Applications Conference
Publication statusPublished - 4 Dec 2017
Event33rd Annual Computer Security Applications Conference (ACSAC 2017) - Orlando, Florida, United States
Duration: 4 Dec 20178 Dec 2017

Conference

Conference33rd Annual Computer Security Applications Conference (ACSAC 2017)
CountryUnited States
CityOrlando, Florida
Period4/12/178/12/17

Keywords

  • Hash functions and message authentication codes, Authorization, Mobile and wireless security, Security and privacy