This paper presents and evaluates an advance hybrid key management architecture for supervisory control and data acquisition (SCADA) networks (HSKMA), which supports all three types of communications: unicast, multicast, and broadcast. The HSKMA is based on the elliptic curve cryptography and symmetric cryptography. While the elliptic curve cryptography is used for communication between master station unit (MSU) and sub-MSUs, the symmetric cryptographic algorithm is used for communication between sub-MSUs and slave stations that have limited computational resources. Our analysis shows that the HSKMA has the following distinctive advantages: 1) it supports the security requirement such as availability, forward security, and backward security, 2) it supports the required speed in the MODBUS implementation, and 3) it is suitable for the environments that have limited computational resources.

• 出版日期2016-11-25