Refine
Document Type
- Conference Proceeding (2) (remove)
Conference Type
- Konferenzartikel (2)
Language
- English (2)
Has Fulltext
- no (2)
Is part of the Bibliography
- yes (2) (remove)
Keywords
- security (2) (remove)
Institute
Open Access
- Closed Access (2)
Cryptographic protection of messages requires frequent updates of the symmetric cipher key used for encryption and decryption, respectively. Protocols of legacy IT security, like TLS, SSH, or MACsec implement rekeying under the assumption that, first, application data exchange is allowed to stall occasionally and, second, dedicated control messages to orchestrate the process can be exchanged. In real-time automation applications, the first is generally prohibitive, while the second may induce problematic traffic patterns on the network. We present a novel seamless rekeying approach, which can be embedded into cyclic application data exchanges. Although, being agnostic to the underlying real-time communication system, we developed a demonstrator emulating the widespread industrial Ethernet system PROFINET IO and successfully use this rekeying mechanism.
The provisioning of security for highly dynamic wireless networks, as for Car2X applications is still a major topic, as very specific requirements have to be solved. Those include a perfect privacy level and advanced real-time behavior, and the necessity to work with a public infrastructure (PKI) to support secure authentication.
This contribution analyzes these requirements, discusses the existing approaches, performs a gap analysis and elaborates on proposals to fill these gaps. It describes work in progress within the KoFAS-initiative for the development of a cooperative pedestrian protection system (CPPS).