Visible to the public Securing GOOSE: The Return of One-Time Pads

TitleSecuring GOOSE: The Return of One-Time Pads
Publication TypeConference Paper
Year of Publication2019
AuthorsBoakye-Boateng, Kwasi, Lashkari, Arash Habibi
Conference Name2019 International Carnahan Conference on Security Technology (ICCST)
ISBN Number978-1-7281-1576-4
Keywordscomposability, cryptographic protocols, denial-of-service, devices attacks, Encryption, generic object-oriented substation event, GOOSE messages, hardware requirements, IEC 61850, IEC 62351, IEC standards, international standard, latency constraints, latency requirements, Metrics, object oriented security, One-Time Pads, power engineering computing, Protocols, pubcrawl, real-time communications, resilience, Resiliency, Secure GOOSE, securing GOOSE, security recommendations, smart grid security, Smart grids, smart power grids, substation automation, substation automation systems, substation security, Substations, Synthetic aperture sonar, telecommunication security

IEC 61850 is an international standard that is widely used in substation automation systems (SAS) in smart grids. During its development, security was not considered thus leaving SAS vulnerable to attacks from adversaries. IEC 62351 was developed to provide security recommendations for SAS against (distributed) denial-of-service, replay, alteration, spoofing and detection of devices attacks. However, real-time communications, which require protocols such as Generic Object-Oriented Substation Event (GOOSE) to function efficiently, cannot implement these recommendations due to latency constraints. There has been researching that sought to improve the security of GOOSE messages, however, some cannot be practically implemented due to hardware requirements while others are theoretical, even though latency requirements were met. This research investigates the possibility of encrypting GOOSE messages with One- Time Pads (OTP), leveraging the fact that encryption/decryption processes require the random generation of OTPs and modulo addition (XOR), which could be a realistic approach to secure GOOSE while maintaining latency requirements. Results show that GOOSE messages can be encrypted with some future work required.

Citation Keyboakye-boateng_securing_2019