Abstract
The accelerating integration of computing and networking into industrial networks and critical infrastructure is driving rapid digitalization. While this shift enables transformative capabilities like remote monitoring and interconnected manufacturing, it also poses a significant cybersecurity risk. Expanding connectivity paired with increased interest from sophisticated adversaries has led to a surge in cyberattacks, risking equipment damage and human safety. To defend against these threats, we must overcome the stringent constraints of Industrial IoT (IIoT) devices, which often lack the resources for traditional cybersecurity measures. Critically, the IIoT must be protected by efficient message authentication to prevent data manipulations that could directly impact the physical environment. This dissertation addresses explicitly how to mitigate the overhead associated with message authentication, typically implemented using MAC schemes. A MAC is a cryptographic tag derived from a secret key and a message, appended to the message itself. Upon reception, the tag allows the recipient to verify that the message originates from the claimed source and has not been tampered with in transit. In the IIoT, where messages are often only a few bytes long, these, typically 16 byte long, tags add significant per-message overhead. To reduce this overhead, we design the SP-MAC scheme with optimal resilience to induced or random packet loss. SP-MAC allows for optimistic processing of incoming data with initially reduced security, which strengthens as subsequent messages are received. Alternatively, SP-MAC can be used as an aggregated MAC scheme, focusing on whether and when a message achieves full security while still aggregating authentication over multiple messages. We demonstrate that MAC aggregation, not only with SP-MAC, is feasible over lossy channels and can lead to a goodput increase of up to 50 % in DTLS 1.3. MACs also challenge the IIoT through processing overhead and latency overhead. To this end, we design RePeL, a procedure to retrofit security into legacy systems by embedding authentication data into unused protocol fields. IIoT devices can perform this embedding natively or offload it to Bump-in-the-Wire devices to reduce computational load. Complementing these efforts, we introduce BP-MAC, a lightweight MAC scheme optimized for low-latency authentication of short IIoT messages. Finally, we investigate how MAC-based message authentication can be applied to group communication, where usually expensive digital signatures would be used. With Caiba, we leverage the low bandwidth of bus communication systems to enable a dedicated authenticator node to overwrite authentication tags during transmission. By splitting tag verification between the authenticator and receivers, the latter are prevented from impersonating the sender, as they lack information to generate valid tags. Additionally, we introduce Madtls, a protocol that embeds middleboxes with least-privilege data access into end-to-end secured IIoT connections. Thus, end-to-end security can be deployed without sacrificing the performance benefits of middleboxes, which are often critical in IIoT environments. Together, these contributions demonstrate that efficient message authentication in resource-constrained IIoT environments is achievable through efficient resource utilization and scenario-specific optimizations. These findings pave the way for more secure, scalable, and resilient IIoT deployments in the face of evolving cyber threats.
