TY - GEN
T1 - Integrity assurance in resource-bounded systems through stochastic message authentication
AU - Laszka, Aron
AU - Vorobeychik, Yevgeniy
AU - Koutsoukos, Xenofon
N1 - Funding Information:
This work was supported in part by the National Science Foundation under Award CNS-1238959 and by the Air Force Research Laboratory under Award FA8750-14-2-0180.
Publisher Copyright:
Copyright is held by the owner/author(s).
PY - 2015/4/21
Y1 - 2015/4/21
N2 - Assuring communication integrity is a central problem in security. However, overhead costs associated with cryptographic primitives used towards this end introduce significant practical implementation challenges for resource-bounded systems, such as cyber-physical systems. For example, many control systems are built on legacy components which are computationally limited but have strict timing constraints. If integrity protection is a binary decision, it may simply be infeasible to introduce into such systems; without it, however, an adversary can forge malicious messages, which can cause significant physical or financial harm. We propose a formal game-theoretic framework for optimal stochastic message authentication, providing provable integrity guarantees for resource-bounded systems based on an existing MAC scheme. We use our framework to investigate attacker deterrence, as well as optimal design of stochastic message authentication schemes when deterrence is impossible. Finally, we provide experimental results on the computational performance of our framework in practice.
AB - Assuring communication integrity is a central problem in security. However, overhead costs associated with cryptographic primitives used towards this end introduce significant practical implementation challenges for resource-bounded systems, such as cyber-physical systems. For example, many control systems are built on legacy components which are computationally limited but have strict timing constraints. If integrity protection is a binary decision, it may simply be infeasible to introduce into such systems; without it, however, an adversary can forge malicious messages, which can cause significant physical or financial harm. We propose a formal game-theoretic framework for optimal stochastic message authentication, providing provable integrity guarantees for resource-bounded systems based on an existing MAC scheme. We use our framework to investigate attacker deterrence, as well as optimal design of stochastic message authentication schemes when deterrence is impossible. Finally, we provide experimental results on the computational performance of our framework in practice.
UR - http://www.scopus.com/inward/record.url?scp=84986626760&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84986626760&partnerID=8YFLogxK
U2 - 10.1145/2746194.2746195
DO - 10.1145/2746194.2746195
M3 - Conference contribution
AN - SCOPUS:84986626760
T3 - ACM International Conference Proceeding Series
BT - Proceedings of the 2015 Symposium and Bootcamp on the Science of Security, HotSoS 2015
PB - Association for Computing Machinery
T2 - Symposium and Bootcamp on the Science of Security, HotSoS 2015
Y2 - 21 April 2015 through 22 April 2015
ER -