<div class="csl-bib-body">
<div class="csl-entry">Annessi, R. (2019). <i>Securing group communication in critical Infrastructures</i> [Dissertation, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2019.43914</div>
</div>
-
dc.identifier.uri
https://doi.org/10.34726/hss.2019.43914
-
dc.identifier.uri
http://hdl.handle.net/20.500.12708/5375
-
dc.description.abstract
Communication networks have become an essential part of increasingly interconnected modern societies. Group communication is a ubiquitous concept in todays communication networks, and comprises broadcast, multicast, and anycast communication. Since group communication facilitates efficient data transmission to numerous receivers, it is more and more needed generally and specifically in critical infrastructures such as sensor data collection in Smart Grids, clock synchronization, and 5G networks. Surprisingly, no generally applicable method exists as yet to secure group communication from adversarial attacks. For this reason, group communication is often times either not secured at all or application-specific security measures are deployed that are not generally applicable and whose security is hard to assess. In this thesis, we tackle a fundamental challenge in securing group communication: data origin authentication. We evaluate various data origin authentication schemes that were proposed during the last twenty-five years for their suitability to secure group communication for critical infrastructures in general and suggest a new classification for data origin authentication schemes that covers developments in recent years. With the advent of novel high-speed signature schemes, we furthermore suggest a new class of data origin authentication schemes: unrestricted-time highspeed signing. In this way, we revise the common assumption that signing every packet individually is computationally unfeasible. To validate the unrestricted-time high-speed signing class suggested in this thesis, we evaluate it for a set of applications in critical infrastructures: sensor data collection in Smart Grids, group communication in 5G networks, and clock synchronization. For clock synchronization we additionally propose a novel set of security measures against a wealth of attacks including delay attacks and discover a fundamental limitation in clock synchronization protocols: they can either be precise or secure. An additional challenge may become prevalent when data origin authentication schemes are used on a large scale or in high-speed environments: subliminal channels in signatures. We analyze several high-speed signature schemes for their susceptibility to subliminal channels and find all of them to be susceptible. As a proof of concept, we introduce a method that exploits such subliminal channel for private botnet command and control communication over public blockchains. Given the results on data origin authentication, subliminal channels, and clock synchronization, we are" "confident that this thesis contributes to the foundation of secure group communication in critical infrastructures."
en
dc.language
English
-
dc.language.iso
en
-
dc.rights.uri
http://rightsstatements.org/vocab/InC/1.0/
-
dc.subject
Gruppenkommunikation
de
dc.subject
Netzwerksicherheit
de
dc.subject
Digitale Signaturen
de
dc.subject
group communication
en
dc.subject
network security
en
dc.subject
digital signatures
en
dc.title
Securing group communication in critical Infrastructures
en
dc.type
Thesis
en
dc.type
Hochschulschrift
de
dc.rights.license
In Copyright
en
dc.rights.license
Urheberrechtsschutz
de
dc.identifier.doi
10.34726/hss.2019.43914
-
dc.contributor.affiliation
TU Wien, Österreich
-
dc.rights.holder
Robert Annessi
-
dc.publisher.place
Wien
-
tuw.version
vor
-
tuw.thesisinformation
Technische Universität Wien
-
dc.contributor.assistant
Fabini, Joachim
-
tuw.publication.orgunit
E389 - Telecommunications
-
dc.type.qualificationlevel
Doctoral
-
dc.identifier.libraryid
AC15332105
-
dc.description.numberOfPages
181
-
dc.identifier.urn
urn:nbn:at:at-ubtuw:1-122630
-
dc.thesistype
Dissertation
de
dc.thesistype
Dissertation
en
tuw.author.orcid
0000-0002-4501-3951
-
dc.rights.identifier
In Copyright
en
dc.rights.identifier
Urheberrechtsschutz
de
tuw.advisor.staffStatus
staff
-
tuw.assistant.staffStatus
staff
-
tuw.advisor.orcid
0000-0002-5391-467X
-
tuw.assistant.orcid
0000-0002-8285-1591
-
item.languageiso639-1
en
-
item.fulltext
with Fulltext
-
item.openaccessfulltext
Open Access
-
item.mimetype
application/pdf
-
item.openairetype
doctoral thesis
-
item.grantfulltext
open
-
item.openairecristype
http://purl.org/coar/resource_type/c_db06
-
item.cerifentitytype
Publications
-
crisitem.author.dept
E389 - Telecommunications
-
crisitem.author.parentorg
E350 - Fakultät für Elektrotechnik und Informationstechnik