Enhancing Industrial Cybersecurity: SoftHSM Implementation on SBCs for Mitigating MITM Attacks

TL;DR

This paper demonstrates that implementing SoftHSM on single-board computers can provide a cost-effective security solution to mitigate Man-in-the-Middle attacks in industrial systems by securely managing cryptographic keys and ensuring data protection.

Contribution

The study introduces a practical implementation of SoftHSM on SBCs for industrial cybersecurity, showing its effectiveness in protecting RSA keys and providing measurable performance metrics.

Findings

SoftHSM effectively protects RSA private keys from extraction.

The system achieves an average encryption time of 3.29 seconds.

Memory usage is efficient, with 37.24% for encryption and 24.24% for decryption.

Abstract

The rapid growth of industrial technology, driven by automation, IoT, and cloud computing, has also increased the risk of cyberattacks, such as Man-in-the-Middle (MITM) attacks. A standard solution to protect data is using a Hardware Security Module (HSM), but its high implementation cost has led to the development of a more affordable alternative: SoftHSM. This software-based module manages encryption and decryption keys using cryptographic algorithms. This study simulates the use of SoftHSM on a single-board computer (SBC) to enhance industrial system security and cost-effectively mitigate MITM attacks. The security system integrates AES and RSA cryptographic algorithms, with SoftHSM handling RSA key storage. The results show that HSM protects RSA private keys from extraction attempts, ensuring data security. In terms of performance, the system achieved an average encryption time of 3.29 seconds, a slot access time of 0.018 seconds, and a decryption time of 2.558 seconds. It also demonstrated efficient memory usage, with 37.24% for encryption and 24.24% for decryption, while consuming 5.20 V and 0.72 A during processing.