Message authentication on ARM-based PLCs: a hardware-based approach

Nowadays, the rapid expansion of the internet has made communications and data exchange essential to both personal and professional life, facilitating our activities. These interactions require constantly exchanging sensitive information, including personal data, online payments, and confidential business information. For this reason, data is now considered a valuable resource that significantly impacts individuals, society, and governments, so their significance is reflected in the increased importance of cybersecurity in ensuring data protection and user privacy. Every day, we hear about cybercrimes targeting large international companies. These attacks are becoming increasingly frequent and often result in sensitive data breaches resulting in privacy breaches. Various governments and companies are taking various measures to prevent these cybercrimes, for example writing laws to defend users' privacy, such as the General Data Protection Regulation (GDPR). Companies are now forced to implement encryption-based security measures to ensure secure data exchange and communications. Cryptography, a branch of mathematics, studies methods to make messages unreadable to unauthorized individuals, and when implemented into network protocols, it provides a secure means for data exchange and communications. Encryption, in the symmetrical case, uses a cryptographic algorithm and a secret key to obscure a message before being stored or sent to a recipient. The recipient will then use the same key to reverse decryption to read the message. However, encryption alone is not always sufficient, so we also implement methods for authenticating data to verify its origin and ensure that third parties have not tampered with the message. During my internship at Groupe SII in Sophia Antipolis, France, I worked on a cybersecurity project proposed by Schneider Electric. This project focused on developing and evaluating a new message authentication technique that uses a hardware cryptographic accelerator to provide low-level message authentication between Schneider Electric PLCs located on the same backplane and operating in real-time environments where speed is critical. This work aims to evaluate the performance and efficiency of this new approach by testing the accelerator and establishing a low-level authenticated communication to implement it in future releases.