网络与信息安全学报2025,Vol.11Issue(3):45-66,22.DOI:10.11959/j.issn.2096-109x.2025038
RSSP-Ⅱ的安全分析及安全增强新方案
Security analysis of the RSSP-Ⅱ protocol and a novel security enhancement approach
摘要
Abstract
The railway signal safety protocol-Ⅱ(RSSP-Ⅱ),as the core security communication protocol of China's train control system(CTCS-3),played a crucial role in ensuring the security and reliability of train communica-tion.However,existing research revealed that RSSP-Ⅱ's message authentication security layer(MASL)had secu-rity vulnerabilities like key recovery and forgery,which might endanger the train control system's stable opera-tion.To address these security issues,the formal modeling method of colored Petri nets(CPN)was employed to analyze RSSP-Ⅱ,and the existence of security vulnerabilities in it was verified.Consequently,an improved proto-col,EN-RSSP(enhanced railway signal safety protocol),was proposed.The improvement primarily comprised three aspects.First,a temporary key pair for the communication devices of both parties was dynamically con-structed through a trusted third party in a secure channel.Next,session key negotiation was achieved based on the difficulty of the discrete logarithm problem in elliptic curve bilinear pairing combined with a hash function.Fi-nally,a dual-key encryption system made up of the session key and the pre-shared key of the communication de-vices of both parties was adopted to encrypt and transmit messages.Moreover,timestamps and CMAC(cipher-based message authentication code)were incorporated into the information exchange process to ensure the confi-dentiality and integrity of messages between devices.Security assessment of EN-RSSP and RSSP-Ⅱ was con-ducted using the CPN formal analysis tool.The results show that the improved protocol could not only effectively resist key recovery and forgery attacks,but also prevent replay attacks,thereby significantly enhancing the system's security.关键词
RSSP-Ⅱ/着色Petri网/形式化分析/安全评估Key words
RSSP-Ⅱ/coloured petri nets/formal analysis/security assessment分类
计算机与自动化引用本文复制引用
冯涛,铁小平,吴毅,石建明..RSSP-Ⅱ的安全分析及安全增强新方案[J].网络与信息安全学报,2025,11(3):45-66,22.基金项目
国家自然科学基金(61762060) (61762060)
甘肃省重点研发计划基金(23YFGA0060) (23YFGA0060)
甘肃省优秀博士生基金(23JRRA837) The National Natural Science Foundation of China(61762060),Key Research and Development Projects of Gansu Province(23YFGA0060),Gansu Province Excellent Doctoral Student Foundation(23JRRA837) (23JRRA837)
