结合域含义的GOOSE 报文加解密方法

doi:10.3969/j.issn.1000-565X.2016.04.010

华南理工大学学报（自然科学版） ›› 2016, Vol. 44 ›› Issue (4): 63-70.doi: 10.3969/j.issn.1000-565X.2016.04.010

结合域含义的GOOSE 报文加解密方法

王智东^1,2 王钢¹许志恒¹ 童晋方¹石泉¹ 朱革兰^1†

1．华南理工大学电力学院，广东广州 510640; 2．华南理工大学广州学院电气工程学院，广东广州 510800

收稿日期:2015-05-14 修回日期:2016-01-29 出版日期:2016-04-25 发布日期:2016-04-12
通信作者: 朱革兰(1968-) ，女，博士，助理研究员，主要从事电力系统及自动化研究． E-mail:glzhu1@scut.edu.cn
作者简介:王智东(1980-) ，男，博士生，主要从事电力通信及其信息安全研究． E-mail: zdwang@ scut． edu． cn
基金资助:
国家自然科学基金资助项目( 51477057)

Encryption and Decryption Methods of GOOSE Packets Based on Domain Implication

WANG Zhi-dong^1,2 WANG Gang¹ XU Zhi-heng¹ TONG Jin-fang¹ SHI Quan¹ ZHU Ge-lan¹

1.School of Electric Power,South China University of Technology,Guangzhou 510640,Guangdong,China; 2.School of Electrical Engineering,Guangzhou College of South China University of Technology,Guangzhou 510800,Guangdong,China

Received:2015-05-14 Revised:2016-01-29 Online:2016-04-25 Published:2016-04-12
Contact: 朱革兰(1968-) ，女，博士，助理研究员，主要从事电力系统及自动化研究． E-mail:glzhu1@scut.edu.cn
About author:王智东(1980-) ，男，博士生，主要从事电力通信及其信息安全研究． E-mail: zdwang@ scut． edu． cn
Supported by:
Supported by the National Natural Science Foundation of China( 51477057)

摘要/Abstract

摘要： 尽管加密方法由于耗时较大而不被IEC62351 推荐用于GOOSE 等实时报文，但许多电力工程实践中仍加密GOOSE 报文以加强网络信息安全性．文中以经典的对称加密算法Ｒijndael 为例，从密钥长度、分组长度和分组模式等方面分析影响GOOSE 报文加密耗时的因素．结合GOOSE 的域含义，提出基于关键信息的GOOSE 加密方法，在保证报文信息保密的基础上减少耗时; 同时，利用GOOSE 报文的StNum、SqNum 和T 等具有时间同步意义的信息防止经典的报文重放攻击，利用GOOSE 报文的CＲC 验证码保障报文的完整性．嵌入式平台的耗时特性表明，文中提出的GOOSE 报文加解密方法满足GOOSE报文的实时性要求．

关键词: GOOSE 报文, 对称加密, 完整性, 实时性

Abstract: Although IEC62351 suggests no encryption algorithm for GOOSE and other real-time packets due to the huge time consumption of encryption algorithms,many practical power projects still encrypt GOOSE packets to strengthen the security of network information.In this paper,the classical Rijndael symmetric encryption algorithm is adopted as an example to analyze such factors affecting the time consumption of GOOSE packets encryption as the secret key length,the packet length and the packet mode.Then,in order to reduce the time consumption without weakening the packet confidentiality,a GOOSE encryption method based on critical information is proposed with the combination of packet domain implication.Moreover,GOOSE messages such as StNum,SqNum and T,which possess time synchronization functions，are used to prevent replay attacks,and the CRC verification code in GOOSE packets is used to ensure the integrity of the message.Finally,the time-consuming characteristics of the proposed GOOSE encryption and decryption algorithms are tested on an embedded platform,and the results show that the proposed method meets the real-time requirements of power systems well.

Key words: GOOSE packet, symmetric encryption, integrity, real-time performance

中图分类号:

王智东王钢许志恒童晋方石泉朱革兰. 结合域含义的GOOSE 报文加解密方法[J]. 华南理工大学学报（自然科学版）, 2016, 44(4): 63-70.

WANG Zhi-dong WANG Gang XU Zhi-heng TONG Jin-fang SHI Quan ZHU Ge-lan. Encryption and Decryption Methods of GOOSE Packets Based on Domain Implication[J]. Journal of South China University of Technology (Natural Science Edition), 2016, 44(4): 63-70.

[1]	杨东刘战强贺蒙庞继有叶洪涛. 钛合金TC4 低塑性滚压表面完整性的实验研究[J]. 华南理工大学学报（自然科学版）, 2017, 45(1): 137-144.
[2]	孔金星胡锟夏志辉李亮. 纯铁车削刀具磨损对表面完整性的影响[J]. 华南理工大学学报（自然科学版）, 2016, 44(2): 74-80.
[3]	苗德成奚建清刘勇贾连印. 一种高效的分布式数据库完整性技术[J]. 华南理工大学学报(自然科学版), 2012, 40(1): 131-137.

结合域含义的GOOSE 报文加解密方法

Encryption and Decryption Methods of GOOSE Packets Based on Domain Implication

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 3

编辑推荐

Metrics

本文评价