Securing CAN FD by implementing AES-128, SHA256, and Message Counter based on FPGA

In this paper, we describe a real time implementation of security algorithms for automotive Electronic Control Units (ECUs). This algorithm deals with lack of security measures in CAN FD such as confidentiality, integrity, authentication. In order to achieve so, we discuss an integration of AES 128, SHA256 algorithms and a message Counter. Compared to other freshness approaches with some limitations, uniquely the message counter is padded to end of the message and then encrypted to save its freshness. This should lead to mitigation of replay attacks. Thus, implementing a hardware design based on a FPGA (virtex7) is proposed. Simulation results show that our real time hardware design ensures successfully data integrity, authenticity and mitigating replay attacks with relatively high throughput and less payload.