In this talk we introduce some industrial implementations of cryptography. It is focusing on the electric power industry with specific aspects to power generation, transmission, distribution, and retail in nuclear powerplants. The implications of storing sensitive personal data, invoicing, and customer’s money transfers will be described and discussed.
1. Industrial applications of cryptography
David Podhola
Prague College
david.po@praguecollege.cz
30. kvˇtna 2011
e
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 1 / 35
2. Abstract
In this topic industrial implementations of cryptography will be introduced.
It is focusing on the electric power industry with particular aspects to
power generation in nuclear powerplants, transmission, distribution and
retail. The implications of storing sensitive personal data as well as dealing
with invoicing and the customer’s money at the end will be described and
discussed.
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 2 / 35
3. Electricity
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 3 / 35
4. Electricity
“Phenomenon associated with stationary or moving electric charges.
The word comes from the Greek elektron (“amber”); the Greeks
discovered that amber rubbed with fur attracted light objects such as
feathers. Such effects due to stationary charges, or static electricity, were
the first electrical phenomena to be studied. Not until the early 19th
century were static electricity and electric current shown to be aspects of
the same phenomenon. The discovery of the electron, which carries a
charge designated as negative, showed that the various manifestations of
electricity are the result of the accumulation or motion of numbers of
electrons. The invention of the incandescent lightbulb (1879) and the
construction of the first central power station (1881) by Thomas Alva
Edison led to the rapid introduction of electric power into factories and
homes. See also James Clerk Maxwell.”1
1
Encyclopaedia Britannica
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 4 / 35
5. Electric power industry
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 5 / 35
6. Electric power industry
“The electric power industry provides the production and delivery of
electric energy, often known as power, or electricity, in sufficient quantities
to areas that need electricity through a grid connection. The grid
distributes electrical energy to customers. Electric power is generated by
central power stations or by distributed generation.
Many households and businesses need access to electricity, especially in
developed nations, the demand being scarcer in developing nations.
Demand for electricity is derived from the requirement for electricity in
order to operate domestic appliances, office equipment, industrial
machinery and provide sufficient energy for both domestic and commercial
lighting, heating, cooking and industrial processes. Because of this aspect
of the industry, it is viewed as a public utility as infrastructure.”2
2
Wikipedia
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 6 / 35
7. Current consumption of the Czech Republic
This whole industry is run and controlled by a lot of computers. They have
great numbers on their fingertips, but...
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 7 / 35
8. Threats
Threats:3
Intrusion: malicious attackers may intrude client or server by
searching vulnerabilities, and the stable service of control boards may
be threatened.
Impersonation: operators who don’t have the right accounts but can
enter , may impersonate operators who have the right accounts sand
the stable service of control boards may be threatened.
Tapping: malicious attackers may tap packets on the Internet, and
data sent and received may be threatened.
Obstruction: malicious attackers may attack client or server very
often, and smooth operation may be threatened.
Destruction: operators who have the right accounts may execute
illegal operations unjustly, and the stable service of control boards
may be threatened.
3
The Security Design of Remote Maintenance System for Nuclear Power Plants,
based on ISO/IEC 15408
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 8 / 35
9. What is cryptography?
The practice and study of hiding information.
Now is much more complex than just encryption to apparent nonsense.
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 9 / 35
10. Encryption and decryption
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 10 / 35
11. Public-key cryptography
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 11 / 35
12. Public-key cryptography
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 12 / 35
13. Public key infrastructure
CA = Certificate Authority RA = Registration Authority
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 13 / 35
14. My public key
I am not afraid to show you my public key!
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 14 / 35
15. Signing
If you have just your key, you can sign
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 15 / 35
16. Encryption
If you have both keys, you can encrypt
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 16 / 35
17. General attributes of public keys
Increased security and convenience.
private keys never need to transmitted or revealed to anyone
digital signatures
speed
vulnerable to impersonation (attack on a certification authority)
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 17 / 35
18. Electric power industry
The legal unbundling laid down in 2005 as part of the second European
energy market package applies in 11 out of 27 EU countries.
Generation
Transmission
Distribution (e.g. consumption measurements)
Retailing (e.g. end customer invoicing)
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 18 / 35
19. High level overview
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 19 / 35
20. Organizations involved - CEPS
CEPS jsc is a joint-stock company operating Transmission System (TS) of
the Czech Republic by law.
ensuring electricity transmission
ensuring balance between electricity generation and consumption at
any moment
maintenance, modernization and development of TS equipment
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 20 / 35
21. Organizations involved - OTE
A processing and reporting business balance of elektricity according to
data supplied by electricity market participants.
An organization of short-term markets and balancing market with
regulating energy in cooperation with transmission system operator.
The evaluation and settlement of imbalances between the agreed and
actual electricity supplies and consumption.
Publishing monthly and annual reports about Czech elektricity market.
Collecting metered data from deliveries and supplies for market
paticipants.
The evaluation and settlement of regulating energy.
Administration of registry for trading with greenhouse gas emission
allowances.
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 21 / 35
22. OTE CA
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 22 / 35
23. Electricity generation
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 23 / 35
24. Electricity generation
For nuclear powerplants Title 10 of the Code of Federal Regulations (10
CFR) Section 73.21(g)(3) states, in part, “. . . Safeguards Information
shall be transmitted only by protected telecommunication circuits
(including facsimile) approved by the NRC.” The Nuclear Regulatory
Commission (NRC) considers those encryption systems that the National
Institute of Standards and Technology (NIST) has determined conform to
the Security Requirements for Cryptographic Modules in Federal
Information Processing Standard (FIPS) 140-2, as being acceptable. The
Secretary of Commerce has made use of Cryptographic Module Validation
Program products mandatory and binding for Federal agencies when a
Federal agency determines that cryptography is necessary for protecting
sensitive information.
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 24 / 35
25. Stuxnet
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 25 / 35
26. Stuxnet
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 26 / 35
27. Transmission
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 27 / 35
28. Distribution
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 28 / 35
29. Distribution
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 29 / 35
30. Retailing
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 30 / 35
31. Communication
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 31 / 35
32. Communication
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 32 / 35
33. Communication
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 33 / 35
34. SmartGrid
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 34 / 35
35. Thank you!
David Podhola
david.po@praguecollege.cz, david@podhola.net
http://david.podhola.net
David Podhola (Prague College) Industrial applications of cryptography 30. kvˇtna 2011
e 35 / 35