Multi-Phase Quantum Resistant Framework for Secure Communication in SCADA Systems

Supervisory Control and Data Acquisition (SCADA) systems are vulnerable to traditional cyber-attacks, such as man-in-the-middle, denial of service, eavesdropping, and masquerade attacks, as well as future attacks based on Grover's and Shor's algorithm implemented in quantum hardware. This...

Full description

Saved in:
Bibliographic Details
Published inIEEE transactions on dependable and secure computing Vol. 21; no. 6; pp. 5461 - 5478
Main Authors Ghosh, Sagarika, Zaman, Marzia, Joshi, Rohit, Sampalli, Srinivas
Format Journal Article
LanguageEnglish
Published Washington IEEE 01.11.2024
IEEE Computer Society
Subjects
Algorithms
Authentication
Confidentiality
Cryptography
Cybersecurity
Denial of service attacks
entanglement
Error detection
Hash based algorithms
Integrity
isogeny
Messages
network security
post-quantum cryptography
Protocols
Quantum computing
Quantum cryptography
Quantum entanglement
Resistance
SCADA networks
SCADA systems
Security
superposition
Supervisory control and data acquisition
Online AccessGet full text
ISSN1545-5971
1941-0018
DOI10.1109/TDSC.2024.3378474

Cover

More Information
Summary:Supervisory Control and Data Acquisition (SCADA) systems are vulnerable to traditional cyber-attacks, such as man-in-the-middle, denial of service, eavesdropping, and masquerade attacks, as well as future attacks based on Grover's and Shor's algorithm implemented in quantum hardware. This article proposes a quantum-robust scheme based on entanglement and supersingular isogeny-based cryptography. The scheme employs a modified Supersingular Isogeny Key Encapsulation (SIKE) to generate shared secret keys, also authenticating BBM92, a quantum key distribution protocol to generate a symmetric key. The article uses ASCON-128 and SHA-3 to encrypt and authenticate messages, and provides a comparative analysis of two entanglement-based quantum key distribution protocols. The proposed scheme is compared to the current SCADA standard, AGA-12, and is shown to provide confidentiality, integrity, intrusion resistance, message authentication, and scalability. The randomness of key pairs generated by our algorithm and RSA key pairs is 87.5% and 84.37%, respectively, addressing confidentiality and integrity. Using the BBM92 protocol, our proposed algorithm detects the presence of an adversary by generating an average error rate of 26.07% and information leakage of 76.01%. AGA-12 relies on SHA-1 hash function that Google has cracked recently. However, our algorithm includes SHA-3, a collision and quantum-resistant hash that provides message authentication.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:1545-5971
1941-0018
DOI:10.1109/TDSC.2024.3378474