Security Analysis and Improvement of Modbus Message in Distribution Network Based on SM9

doi:10.11930/j.issn.1004-9649.201811094

Abstract

Abstract: In order to ensure the information security in smart distribution network, more and more cryptographic algorithms are applied in the communication process. by SM2-based Modbus message security of distribution network was analyzed to find out such defects as its vulnerability to replay attack and tampering attack, and several other description errors. In order to improve this method, the authors in this paper propose a SM9-based protocol of identification algorithm suitable for Modbus TCP (transmission control protocol) message. At first, the process of SM9 digital signature is introduced, and then it is applied to Modbus TCP message communication added with the timestamp mechanism. And the security of the improved protocol is analyzed. Finally, the C language is used to realize the signature scheme, and its efficiency is compared with several other signature schemes. The results show that the improved protocol can not only resist replay attacks and tamper attacks, and ensure the data integrity and source reliability in the process of message communication, but also have a good advantage in running efficiency.

Key words: distribution network, national cryptographic algorithm, SM9, timestamp mechanism, security analysis

CLC Number:

TM76

QIU Fan, CHEN Lanlan, LIN Nan, ZUO Liming. Security Analysis and Improvement of Modbus Message in Distribution Network Based on SM9[J]. Electric Power, 2019, 52(10): 18-25.

Add to citation manager EndNote|Ris|BibTeX

URL: https://www.electricpower.com.cn/EN/10.11930/j.issn.1004-9649.201811094

https://www.electricpower.com.cn/EN/Y2019/V52/I10/18

References

[1] 秦红霞, 谭志海, 葛亮, 等. 智能配电网自愈控制系统技术研究与设计[J]. 电力系统保护与控制, 2014, 42(22):134-139 QIN Hongxia, TAN Zhihai, GE Liang, et al. Study and design of smart distribution grid self-healing control system technology[J]. Power System Protection and Control, 2014, 42(22):134-139
[2] VIJAYAPRIYA T, KOTHARI D P. Smart grid:an overview[J]. Smart Grid and Renewable Energy, 2011, 2(4):305.
[3] 高志远, 姚建国, 郭昆亚, 等. 智能电网对智慧城市的支撑作用研究[J]. 电力系统保护与控制, 2015, 43(11):148-153 GAO Zhiyuan, YAO Jianguo, GUO Kunya, et al. Study on the supporting role of smart grid to the construction of smart city[J]. Power System Protection and Control, 2015, 43(11):148-153
[4] PIATKOWSKA E, BAJRAKTARI A, CHHAJED D, et al. Tool support for data protection impact assessment in the smart grid[J]. e & i Elektrotechnik und Informationstechnik, 2017, 134(1):26-29.
[5] 张少敏, 李晓强, 王保义. 基于Hadoop的智能电网数据安全存储设计[J]. 电力系统保护与控制, 2013, 41(14):136-140 ZHANG Shaomin, LI Xiaoqiang, WANG Baoyi. Design of data security storage in smart grid based on Hadoop[J]. Power System Protection and Control, 2013, 41(14):136-140
[6] 王雷, 李乐为, 史金伟, 等. EMS与DMS间数据交互的数据传输与安全控制操作方法研究[J]. 电力系统保护与控制, 2018, 46(10):75-80 WANG Lei, LI Lewei, SHI Jinwei, et al. Research on data transmission and security control operation method of data interaction between EMS and DMS[J]. Power System Protection and Control, 2018, 46(10):75-80
[7] 余容, 黄剑, 何朝明. 基于SM4并行加密的智能电网监控与安全传输系统[J]. 电子技术应用, 2016, 42(11):66-69 YU Rong, HUANG Jian, HE Zhaoming. Smart grid monitoring and secure transmission system based on SM4 parallel encryption[J]. Application of Electronic Technique, 2016, 42(11):66-69
[8] 韩亚楠, 李发根. 适用于智能电网的组合公钥密码体制研究[J]. 密码学报, 2016, 3(4):340-351 HAN Yanan, LI Fagen. Research on combined public key cryptographic scheme for smart grid[J]. Journal of Cryptologic Research, 2016, 3(4):340-351
[9] 马李翠, 黎妹红, 吴倩倩, 等. 智能电网通信中动态密钥加密方法的研究与改进[J]. 北京邮电大学学报, 2017, 40(4):74-79 MA Licui,LI Meihong,WU Qianqian,et al. Research of dynamic key encryption algorithm in smart grid communication[J]. Journal of Beijing University of Posts and Telecommunications, 2017, 40(4):74-79
[10] LANG B, WANG J, CAO Z. Multidimensional data tight aggregation and fine-grained access control in smart grid[J]. Journal of Information Security and Applications, 2018, 40:156-165.
[11] 李学俊, 袁亚文, 金春花. 一种适用于广电网的属性基广播加密方案[J]. 计算机研究与发展, 2018, 55(7):1409-1420 LI Xuejun, YUAN Yawen, JIN Chunhua. An attribute-based broadcast encryption scheme suitable for the broadcasting network[J]. Journal of Computer Research and Development, 2018, 55(7):1409-1420
[12] 骆钊, 谢吉华, 顾伟, 等. 基于SM2密码体系的电网信息安全支撑平台开发[J]. 电力系统自动化, 2014, 38(6):68-74 LUO Zhao, XIE Jihua, GU Wei, et al. SM2-cryptosystem based information security supporting platform in power grid[J]. Automation of Electric Power Systems, 2014, 38(6):68-74
[13] LV Xixiang, MU Yi, LI Hui. Key management for smart grid based on asymmetric key-wrapping[J]. International Journal of Computer Mathematics, 2015, 92(3):498-512.
[14] 邓伟, 闻楷, 张浩, 等. 配电网数据加密认证方案的设计与分析[J]. 软件, 2017, 38(6):17-23 DENG Wei, WEN Kai, ZHANG Hao, et al. Design and analysis of data encryption and authentication scheme for distribution grid[J]. Computer Engineering & Software, 2017, 38(6):17-23
[15] 杨晓朋, 陈海涛, 梅力宸, 等. 量子密钥分发技术在智能变电站中的研究[J]. 电信科学, 2018(10):163-169 YANG Xiaopeng, CHEN Haitao, MEI Lichen, et al. Research on quantum key distribution technology in intelligent substation[J]. Telecommunications Science, 2018(10):163-169
[16] ZHENG Jiamin, TAN Yu'an, ZHANG Xiaosong, et al. Multi-domain lightweight asymmetric group key agreement[J]. Chinese Journal of Electronics, 2018, 27(5):1085-1091.
[17] ODELU V, DAS A K, WAZID M, et al. Provably secure authenticated key agreement scheme for smart grid[J]. IEEE Transactions on Smart Grid, 2018, 9(3):1900-1910.
[18] 邹晓峰, 肖远兴. 基于SM2的配电网Modbus报文安全性研究[J]. 电力系统保护与控制, 2018, 46(12):151-157 ZOU Xiaofeng, XIAO Yuanxing. Modbus telegram security of distribution network based on SM2[J]. Power System Protection and Control, 2018, 46(12):151-157
[19] 袁峰, 程朝辉. SM9标识密码算法综述[J]. 信息安全研究, 2016, 2(11):1008-1027 YUAN Feng, CHENG Zhaohui. Overview on SM9 identity-based cryptographic algorithm[J]. Journal of Information Security Research, 2016, 2(11):1008-1027
[20] LI J G, WANG Z W, ZHANG Y C. Provably secure certificate-based signature scheme without pairings[J]. Information Sciences, 2013, 233(7):313-320.
[21] SARDE P, BANERJEE A, DEWANGAN C L. A secure and an efficient ID-based multi-proxy multi-signature scheme from bilinear pairings[J]. International Journal of Computer Applications, 2017, 157(10):1-6.
[22] LI J G, HUANG X Y, ZHANG Y C, et al. An efficient short certificate-based signature scheme[J]. Journal of Systems & Software, 2012, 85(2):314-322.