电网技术
電網技術
전망기술
POWER SYSTEM TECHNOLOGY
2014年
3期
736-743
,共8页
孙辰%刘东%凌万水%陆一鸣
孫辰%劉東%凌萬水%陸一鳴
손신%류동%릉만수%륙일명
配电终端%可信计算%三级认证%椭圆曲线%时间戳校验
配電終耑%可信計算%三級認證%橢圓麯線%時間戳校驗
배전종단%가신계산%삼급인증%타원곡선%시간착교험
distribution automation terminal units%trusted computing%3 level authentication%ellipse curve%time stamp checking
为解决配电自动化系统中配电远程终端的通信安全问题,基于可信计算理论和可信安全芯片技术提出一种适用于多种类型配电终端设备的分层三级可信认证机制,为遥测、遥信与遥控等数据信息的传输设计了安全流程,并提出一种量化反映终端设备状态完整性与真实性可信度的数学模型。在MATLAB环境下模拟配电终端与主站间数据信息的交互过程,使用具有不同密钥长度的10条椭圆曲线,分析了进行密码运算的时间开销以及可信机制所运用的椭圆曲线加密算法和时间戳校验机制的安全性,计算得出终端设备的真实性可信度。据此验证了该可信机制具有较强的保密性和较高的抵御重放攻击的准确性。
為解決配電自動化繫統中配電遠程終耑的通信安全問題,基于可信計算理論和可信安全芯片技術提齣一種適用于多種類型配電終耑設備的分層三級可信認證機製,為遙測、遙信與遙控等數據信息的傳輸設計瞭安全流程,併提齣一種量化反映終耑設備狀態完整性與真實性可信度的數學模型。在MATLAB環境下模擬配電終耑與主站間數據信息的交互過程,使用具有不同密鑰長度的10條橢圓麯線,分析瞭進行密碼運算的時間開銷以及可信機製所運用的橢圓麯線加密算法和時間戳校驗機製的安全性,計算得齣終耑設備的真實性可信度。據此驗證瞭該可信機製具有較彊的保密性和較高的牴禦重放攻擊的準確性。
위해결배전자동화계통중배전원정종단적통신안전문제,기우가신계산이론화가신안전심편기술제출일충괄용우다충류형배전종단설비적분층삼급가신인증궤제,위요측、요신여요공등수거신식적전수설계료안전류정,병제출일충양화반영종단설비상태완정성여진실성가신도적수학모형。재MATLAB배경하모의배전종단여주참간수거신식적교호과정,사용구유불동밀약장도적10조타원곡선,분석료진행밀마운산적시간개소이급가신궤제소운용적타원곡선가밀산법화시간착교험궤제적안전성,계산득출종단설비적진실성가신도。거차험증료해가신궤제구유교강적보밀성화교고적저어중방공격적준학성。
To ensure the communication security of remote terminal units in distribution automation system, based on the trusted computing theory and security chips technique a hierarchical 3 level authentication mechanism suitable to polytype distribution terminal equipments is proposed, and a secure process for security message transmission of data information from telemetering, telesignaling and remote control is designed, and a mathematical model, which can quantitatively reflect the confidence level of integrity and authenticity of terminal unit status, is put forward. Based on Matlab the interactive process of data information between distribution terminals and the master station is simulated, and utilizing 10 elliptic curves with different key lengths the time expenditure for crypto-operation as well as the securities of elliptic curve cryptography and the timestamp checking mechanism utilized by trusted mechanism are analyzed, and then the confidence level of authenticity of terminal equipments are calculated. Accordingly, those are validated that the proposed trusted mechanism possesses stronger confidentiality and higher accuracy against replay attacks.