MULTI-CHANNEL SECURITY THROUGH DATA FRAGMENTATION

摘要

This chapter presents a novel security framework developed for a multichannel communications architecture that achieves security by distributing messages and their authentication codes across multiple channels at the bit level. This method of transmission provides protection from confidentiality and integrity attacks without relying on encryption. The two communicating parties utilize existing key exchange mechanisms to pass initialization information. The framework operates by assigning to each message bit a fragment identifier using a hardware-based stream cipher as a pseudorandom number generator, and transmitting specific message fragments across each channel. This prevents the entirety of a message from being transmitted over a single channel and spreads the authentication across the available channels, enabling the sender and receiver to identify a compromised channel even in the presence of a sophisticated man-in-the-middle attack where the adversary forces message acceptance at the destination, perhaps by altering the message error detecting code. Under some conditions, the receiver can recover the original message without retransmission. The holistic framework is attractive for critical infrastructure communications because it provides availability while defending against confidentiality and integrity attacks.