Key management method for train-ground safety communication protocol of ctcs-3 train control system

Abstract

The present invention provides a key management method for the vehicle-ground security communication protocol of a CTCS-3 train control system, the method comprising: sharing the train-ground security communication protocol with safety-related equipment in the CTCS-3 train control system The required key management function is to generate the key book of the transmission key and the verification key offline, and store the key book in the security-related device, and apply the public key cryptosystem according to the key book of the transmission key The key book distributes transmission keys for safety-related equipment in the CTCS-3 train control system. After the transmission key distribution is completed, use the transmission key to continue to follow the CTCS-3 train control system train-ground security communication protocol. The method establishes a secure channel, and uses the secure channel to distribute verification keys for security-related devices. The method of the present invention implements the key management function through the safety-related equipment, changes the way of physically distributing the key in the key management process, reduces the risk caused by manual intervention in the key management, and improves the security of the key.

Description

technical field [0001] The invention relates to the technical field of train-ground safety communication, in particular to a key management method for a train-ground safety communication protocol of a CTCS-3 train control system. Background technique [0002] In CTCS (China Train Control System, China Train Control System)-3 level train control system, OBU (On board Unit, on-board train control equipment) and ground RBC (Raid Block Center, wireless block center) through such as figure 1 The GSM-R system shown realizes two-way data information exchange based on an open wireless network. In order to ensure the security of key train control information, CTCS-3 level train-ground communication protocol is formulated based on ETCSEuroradio functional interface specification and ETCS subset-037 protocol. This protocol is based on 3DES symmetric encryption algorithm to ensure the key data between train and ground secure transmission. [0003] The CTCS-3 train-to-ground communicat...

AI Technical Summary

Problems solved by technology

[0031] The 3DES encryption algorithm has high security, but the premise is that the two parties in the communication can distribute the shared key safely and reliably.

The above situation will lead to the loss of security of the transmission key, resulting in the loss of security of all subsequent processes related to the key

In addition, the distribution, update, and storage of the primary key and secondary key must rely on the key management center to complete, if the key management center crashes, is threatened by an attack, or the channel between the center and the security device is destroyed , or even the center is replaced by a maliciously disguised center, then the entire secure communication will no longer be safe

[0037] At present, in the CTCS-3 train control system, the management of the transmission key not only requires a special key management center, but also requires a safe and closed environment and strictly authorized personnel for its generation, distribution and installation, while GSM-R The network is an open network environment, so the transmission key management needs to set up a safe and closed environment for it and assign management personnel; and in the same key management area, the same transmission key is usually used uniformly, and different communication interfaces are also used. The same verification key value can be used uniformly, and the verification key is encrypted and protected by the transmission key, and since the transmission key does not change for a long time, the transmission key is likely to be cracked, and as long as there is a transmission key between communication interfaces If it is cracked, the communication in the entire area will lose security

Images