摘要
针对CTCS-3级列控系统的核心安全通信协议——RSSP-Ⅱ的安全性进行分析。利用生日攻击原理,对RSSP-Ⅱ协议的核心消息鉴别码方案提出一种部分密钥恢复-伪造攻击方案。攻击结果表明,在截获232.5个已知明文的前提下,大约需要2^(57)次离线MAC计算,即可实时计算得到任意数量的伪造消息,且伪造消息中所包含的序列号、三重时间戳或机器周期等校验标识符均可通过接收端的检验,攻击的成功率约为0.63。
In this paper,an analysis was performed on the security of railway signal safety communication protocol Ⅱ(RSSP-Ⅱ ),which is the core communication security protocol of CTCS-level 3 train control system. Based on the principle of birthday attack, a partial key recovery-forgery attack scheme against the MAC scheme of RSSP-Ⅱ was proposed. The results indicated that an arbitrary number of forgery messages can be obtained by real time calculation with 232,5 intercepted known-plaintexts and 257 off-line MAC operations. Furthermore, the verification identifiers(i. e.,the sequence number, the triple time stamp or the execution cycle) of the forgery messages can be authenticated by the receiver, with the success rate of the attack being about 0. 63.
出处
《铁道学报》
EI
CAS
CSCD
北大核心
2016年第8期50-56,共7页
Journal of the China Railway Society
基金
国家自然科学基金(61401377
61371098)
铁道部科技研究开发计划(2012X004-A)
中央高校基本科研业务费专项资金(2682015CX068
SWJTU11CX041)
四川省科技厅基础研究计划(2015JY0182)
四川省科技支撑计划(2015GZ0088
2015GZ0104)
