IEEE 1711.2:2019 pdf free download – IEEE Standard for Secure SCADACommunications Protocol (SSCP)
The KeY INDEx field is 2-octets and holds the most significant octet first. This field specifies an index to the256-octet pre-shared session secret used to create the key material for the session as defined in 4.5.1.
The HMAC field is the full-length output of the HMAC algorithm chosen from the generated session keysusing the device’s master authentication session key or slave authentication session key. For Channel Type 1,octets 0 to 12 of the pre-shared frame, concatenated with the generated master ‘s authentication session key,concatenated with the slave ‘s authentication session key is hashed.For Channel Type 2, the concatenation ofthe two authentication session keys is further concatenated by the master ‘s followed by the slave’s generatedencryption session keys as input to the HMAC.The keys are added to the HMAC calculation to help ensureboth communicating devices have generated the correct session keys before initiating session communication.
To perform a pre-shared key exchange, the master shall first transmit a pre-shared key exchange frame to theslave device.The HMAC for this frame is generated using the master ‘s authentication session key derived byusing the pre-shared secret at position KEY INDEx in the key matcrial creation process described in 4.5.1. TheKEY INDEx is a zero-reference counter that points to 256-octet blocks of data used for key creation.The slavedevice shall respond to an authentic pre-shared key exchange frame utilizing the frame content provided bythe mastcr.Before responding, the slave device shall update the SSCP header source and destination addressinformation to reflect a frame as being sent from the slave and calculate a new HMAC field generated usingthe slave’s authentication session key created using the shared secret at position KeY INDEx.The master deviceshall not accept the new session and key information until it receives and authenticates the slave device ‘sresponse pre-shared key exchange frame.
Pre-shared session secrets shall never be reused for key generation.A master device shall go through the listof prepared session secrets sequentially and shall not rollover and reuse any session secrets in the list whenthe end of the list is reached.Both master and slave devices shall store the index of the last session secret usedin non-volatile memory.Master devices shall not try to start a key exchange with a key index less than the lastkey index used and slave devices shall not accept pre-shared key exchange frames with key indexes less thanthe last key index used.A master will continue to transmit the pre-shared key exchange frame, at no less thanthe configured key exchange timeout intervals until it receives the response pre-shared key exchange or closeframe from the remote devicc.Master and slave device key indexes shall be resct to 0 when a new pre-sharedsession secret list is uploaded so that the first key exchange will start again at index 1.In order to prevent replayattacks, key indexes shall not be reused.After a session sccret has been used, stcps shall be taken to help ensurethe session secret is not reused. This may include zeroing the memory for that session secret.
The rate of sending pre-shared key exchange frames to a device shall be limited by the key exchange timeout.