Nuclear Engineering and Technology

Korean Nuclear Society (한국원자력학회)
권호 표지
DOI QR코드

DOI QR Code

Modeling cryptographic algorithms validation and developing block ciphers with electronic code book for a control system at nuclear power plants

  • JunYoung Son (Korea Atomic Energy Research Institute, Security Technology Research Department) ;
  • Taewoo Tak (Korea Atomic Energy Research Institute, Security Technology Research Department) ;
  • Hahm Inhye (Korea Atomic Energy Research Institute, Security Technology Research Department)
  • Received : 2022.02.20
  • Accepted : 2022.07.26
  • Published : 2023.01.25
Download PDF
⟨ Previous Next ⟩

Abstract

Nuclear power plants have recognized the importance of nuclear cybersecurity. Based on regulatory guidelines and security-related standards issued by regulatory agencies around the world including IAEA, NRC, and KINAC, nuclear operating organizations and related systems manufacturing organizations, design companies, and regulatory agencies are considering methods to prepare for nuclear cybersecurity. Cryptographic algorithms have to be developed and applied in order to meet nuclear cybersecurity requirements. This paper presents methodologies for validating cryptographic algorithms that should be continuously applied at the critical control system of I&C in NPPs. Through the proposed schemes, validation programs are developed in the PLC, which is a critical system of a NPP's I&C, and the validation program is verified through simulation results. Since the development of a cryptographic algorithm validation program for critical digital systems of NPPs has not been carried out, the methodologies proposed in this paper could provide guidelines for Cryptographic Module Validation Modeling for Control Systems in NPPs. In particular, among several CMVP, specific testing techniques for ECB mode-based block ciphers are introduced with program codes and validation models.

Keywords

Acknowledgement

This work was supported by a grant from the Ministry of Trade, Industry and Energy in Korea (20224B10100020).

References

  1. Cyber security programs for nuclear facilities. U.S, Nuclear Regulatory Commission, Regulatory Guide 5 (2010 Jan) 71. 
  2. Criteria for use of computers in safety systems of nuclear power plants. U.S, Nuclear Regulatory Commission, Regulatory Guide 1.152 (2011 July). Revision 3. 
  3. Regulatory Standard on Cyber Security for Nuclear Facilities, Korea, KINAC., 2016 Dec. RS 015. 
  4. Computer Security at Nuclear Facilities, IAEA, 2011. IAEA nuclear security series no. 17. Technical guidance. 
  5. Conducting Computer Security Assessments at Nuclear Facilities, IAEA, 2016. 
  6. D. Joan, R. Vincent, AES Proposal, Rijndael, The Rijndael Block Cipher, 1999 Sep 3. Belgium. 
  7. Computer Security Resource Center [Internet]: NIST; Available from: https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Validation. 
  8. Behrouz Forouzan, Cryptography and Network Security, Sep 8. 2008. ISBN 0-07-287022-2. 
  9. K.C. Kwon, G.Y. Park, J.Y. Kim, J.S. Lee, Qualification of safety-critical software for digital reactor safety system in nuclear power plant-s, Nuclear safety and Simulation 4 (2013 Oct 18). Number 3. 
  10. J. Lee, J. Lee, J. Kim, D. Kwon, C. Kim, A Description of the ARIA Encryption Algorithm. RFC 5794, Category:Informational, ISSN, 2013 Mar, 20170-1721. 
  11. L. Donald, J. Phillip, L. Arden, Security Requirements for Cryptographic Modules, U.S. NIST, FIPS PUB 140-2. Category: Computer security, 2001 May 25. 
  12. Announcing the Advanced Encryption Standard, NIST, Federal Information Processing Standards Publication 197, 2001 Nov 26. 
  13. McGrew D. A, Viega J: the Galois/Counter Mode of Operation (GCM). 
  14. M. Dworkin, Recommendation for Block Cipher Modes of Operation Galois/Counter Mode (GCM) and GMAC, U.S. NIST, 2007 Nov. Special publication 800-38D. 
  15. Korea Cryptographic Module Validation Program [Internet]: NIS; Available from: https://eng.nis.go.kr/EAF/1_7_2_2.do. 
  16. Description of Known Answer Tests and Monte Carlo Tests for Advanced Encryption Standard Candidate Algorithm Submissions, 1998 Feb. 
  17. Specifications of Cryptographic Algorithm Implementation Testing, IPA, JCMVP, 2009 Apr 1. 
  18. J.Y. Son, J.W. Lee, J.G. Choi, H.S. Yoon, Cryptographic Algorithm Function Validation Modeling for Nuclear I&C Systems, NPIC & HMIT, 2019 Feb. 
  19. Security Requirements for Cryptographic Modules, U.S. NIST vol. 22, FIPS PUB 140-3, Category: Information security, Subcategory:Cryptography, 2019 Mar.