Contents I. Introduction
Multicast authentication is a security primitive that enables each receiver in the multicast group to verify if received data originates from the claimed sender and was not altered on the way. In this paper, we focus on multicast authentication of time-critical messages. Our work is motivated by the need for authenticating time-critical multicast data in the power grid, which is one of the largest cyber-physical critical infrastructures and is being transformed today with the design and development of advanced real-time control applications [1]. These applications aim to allow timely control of power flow over physical power networks based on data from monitoring and control devices such as PMUs (Phasor Measurement Units) and relays. One of the goals of such systems is to prevent cascading failures that lead to blackouts [3]. For example, in the NASPI (North American SynchroPhasor Initiative) [2], each PMU senses and multicasts system environment data to control centers at a frequency of 30 samples per second. To provide exact control and in-time abnormality detection, such data often needs to be processed fast with low processing delay (several milliseconds at most). Given the nature of critical decisions based on this data, authentication is essential to prevent adversaries from forcing catastrophic decisions by modifying or forging data. Another example is found in current substation communication systems where critical messages related to transient faults (e.g., caused by lightning) need to be shared in a multicast manner across LANs within 4 ms [4]. Hence, efficient multicast authentication of time-critical data is crucially important to the power grid as well as other similar critical infrastructures. We believe time-critical multicast authentication has wide applicability in many delay sensitive applications.
