Rainbow Signature Scheme to Secure GOOSE Communications From Quantum Computer Attacks

Abstract

The International Electrotechnical Commission (IEC) 62351-6 standard prescribes provisions to secure IEC 61850-8-1 generic object-oriented substation events (GOOSE) communications from cyber threats. The GOOSE authentication schemes recommended by IEC 62351-6 have shortcomings, such as long authentication-value computation times, large signature lengths, the usage of symmetric keys, and susceptibility to quantum computer attacks. To overcome these, this paper proposes the usage of the rainbow signature scheme (RSS), a quantum cryptographic method to secure GOOSE messages. The RSS offers fast signature generation and verification using asymmetric keys, making it very attractive to meet the time-latency and security requirements of the GOOSE protocol. The adaptation of the RSS cryptography method for its application to the GOOSE protocol is presented in this paper. The algorithms for key generation, signature computation and message verification are discussed in detail. A first-of-its-kind C library that incorporates security features within the GOOSE protocol in compliance with the IEC 62351-6-stipulated format, is developed. The superior features of the RSS in comparison with the other IEC 62351-6 security schemes are demonstrated.