Optimization Of RSSP-Ⅱ Protocol Core Algorithm And Security Verification

CTCS-3 is one of the Cutting-edge train control systems.It has the characteristics of large scale,redundant configuration and complex structure.The probability of dangerous events is very small,and once it occurs,it will cause huge losses Loss.It is based on GSM-R to achieve the two-way and independent transmission of train ground information,and the train control system is produced by the wireless block center.It has certain redundancy and improves the safety and reliability of the system.Therefore,it has high requirements for the safety of data transmission.Moreover,due to the intervention of GSM-R network,the network mode is changed from closed to open,which is convenient to guarantee the safe transmission of key information required by train operation,the security channel of data Tran-smission is founded between safety related equipment.The security communication protocol should be established at the transport layer to confirm that security-related messages are not leaked.RSSP-Ⅱis a universal transfer protocol of railway signal security.The establishment of the protocol make sure the confidentiality of information transmitted by relevant interface devices in a closed or open transmission system.This protocol is widely used in my country’s train control system,such as close RBC,RBC/TSRS,RBC/CBI and other interface devices.However,for a long time,there is a lack of theoretical research on the security of this protocol.This paper studies the security of MASL-MAC,the core message verification code algorithm in RSSP-Ⅱprotocol.First,carry out theoretical research and improvement on the security algorithm of the communication protocol.The most important part of the secure communication protocol is its underlying encryption algorithm.In view of the poor security and low efficiency of the message authentication code scheme MASL-MAC in the RSSP-Ⅱsecure communication protocol,this paper proposes the message authentication code MAC-AES_Talgorithm and MAC-AES_Salgorithm.The former is based on the improved advanced encryption standard AES_T.The verification code MAC-AES_Talgorithm uses an improved and more complete look-up table model in the AEST algorithm,and uses a fully expanded three-stage pipeline method in the wheel to improve the system clock frequency and data throughput.The latter uses the PN sequence generator to generate the S-box and the initial key advanced encryption standard AES_Sas the core algorithm of the MAC code.The confidentiality of the S-box ensures the security of the MAC authentication code.To a certain extent,the efficiency of the security information transmission of the RSSP-Ⅱprotocol has been improved.Second,address the security issues of the protocol after the improved algorithm.After comparing traditional protocol security analysis methods,formal modeling methods are used to model the key service process of the communication protocol based on the MAC-AES_Talgorithm and the communication protocol based on the MAC-AES_Salgorithm.First,analyze the structure and function of the RSSP-Ⅱprotocol,then use the communication sequence process CSP method to extract the corresponding model of the key communication process of the improved protocol,and finally use the model checking tool Casper-FDR to conduct a state search.The result is not found to be inconsistent with safety.The example of function definition proves that the improved RSSP-Ⅱprotocol process meets the requirements of safety function.Finally,on the basis of ensuring the security of the improved protocol.Taking into account the defects of excessive consumption of CPU system logic resources,poor overall flexibility and low efficiency when the software implements the RSSP-Ⅱprotocol,the key MAC authentication code algorithm of the RSSP-Ⅱprotocol itself does not require too many complicated calculations.Therefore,this paper uses hardware design to realize the generation process of MAC message authentication code based on AES_Talgorithm and MAC authentication code based on AES_Salgorithm.In the QuartusⅡenvironment,combined with Modelsim software,Verilog language is used to verify the message authentication code MAC-AES_Talgorithm and MAC-AES_Salgorithm is designed with modular hardware.The simulation results show that the MAC-AES_Talgorithm and the MAC-AES_Salgorithm have better real-time performance and security than the original algorithm.The MAC-AES_Salgorithm can run stably at higher frequencies.The MAC-AES_Talgorithm consumes less logic resources.In summary,the message authentication code scheme(MASL-MAC)in the existing RSSP-II secure communication protocol has the disadvantages of poor security and low efficiency.This paper proposes the MAC-AES_Talgorithm and the MAC-AES_Salgorithm for message authentication codes.The communication sequence process CSP method in formal modeling is used to model the key service process of the improved communication protocol.After verifying the improved core algorithm The security of the protocol improves the security information transmission performance of the RSSP-Ⅱprotocol to a certain extent.On the basis of ensuring the security of the improved protocol,QuartusⅡand Modelsim simulation software are used to verify the correctness and performance of the algorithm.