TRAKS: A Universal Key Management Scheme for ERTMS
Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
Standard
TRAKS: A Universal Key Management Scheme for ERTMS. / Thomas, Richard; Ordean, Mihai; Chothia, Tom; De Ruiter, Joeri.
ACSAC 2017 Proceedings of the 33rd Annual Computer Security Applications Conference. Association for Computing Machinery (ACM), 2017. p. 327-338.Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
Harvard
APA
Vancouver
Author
Bibtex
}
RIS
TY - GEN
T1 - TRAKS: A Universal Key Management Scheme for ERTMS
AU - Thomas, Richard
AU - Ordean, Mihai
AU - Chothia, Tom
AU - De Ruiter, Joeri
N1 - ACM New York, NY, USA ©2017 ISBN: 978-1-4503-5345-8
PY - 2017/12/4
Y1 - 2017/12/4
N2 - This paper presents a new Key Management and Distribution Scheme for use in the European Rail Traffic Management System (ERTMS). Its aim is to simplify key management and improve cross-border operations through hierarchical partitioning. The current scheme used in ERTMS involves the creation and distribution of 3DES keys to train and trackside entities, which are then used as part of the Euro Radio Protocol to provide message authentication. This results in the distribution of tens of thousands of keys using portable media, a prohibitively high burden on management and resourcing. We present a symmetric key solution, TRAKS, which has the benefit of being backwards compatible with the current ERTMS standard and being post-quantum secure. This new scheme reduces the number of cryptographic keys in circulation, and maintains the current security model. We achieve this by dynamically deriving unique keys from a shared secret, i.e. the line secret, which is combined with IDs of trains, and of signalling equipment. In addition to providing better key management, our scheme also adds authentication to the location data provided by EuroBalises.
AB - This paper presents a new Key Management and Distribution Scheme for use in the European Rail Traffic Management System (ERTMS). Its aim is to simplify key management and improve cross-border operations through hierarchical partitioning. The current scheme used in ERTMS involves the creation and distribution of 3DES keys to train and trackside entities, which are then used as part of the Euro Radio Protocol to provide message authentication. This results in the distribution of tens of thousands of keys using portable media, a prohibitively high burden on management and resourcing. We present a symmetric key solution, TRAKS, which has the benefit of being backwards compatible with the current ERTMS standard and being post-quantum secure. This new scheme reduces the number of cryptographic keys in circulation, and maintains the current security model. We achieve this by dynamically deriving unique keys from a shared secret, i.e. the line secret, which is combined with IDs of trains, and of signalling equipment. In addition to providing better key management, our scheme also adds authentication to the location data provided by EuroBalises.
KW - Hash functions and message authentication codes
KW - Authorization
KW - Mobile and wireless security
KW - Security and privacy
U2 - 10.1145/3134600.3134631
DO - 10.1145/3134600.3134631
M3 - Conference contribution
SP - 327
EP - 338
BT - ACSAC 2017 Proceedings of the 33rd Annual Computer Security Applications Conference
PB - Association for Computing Machinery (ACM)
T2 - 33rd Annual Computer Security Applications Conference (ACSAC 2017)
Y2 - 4 December 2017 through 8 December 2017
ER -