Efficient Physical Layer Key Agreement for FlexRay Networks

The FlexRay protocol provides deterministic and fault-tolerant communication for automotive applications with stringent requirements regarding reliability and real-time performance. But the lack of intrinsic security mechanisms makes FlexRay vulnerable to spoofing and DoS attacks while existing features are not sufficient to assure reliable communication in the presence of adversaries. Since adding cryptography mandates for secret shared keys, providing secure key establishment techniques is critical in assuring the intended security objectives. In this paper we propose a backward compatible key agreement scheme for FlexRay communication based on intrinsic characteristics of the FlexRay physical layer. In particular, we determine that the symbol window is suitable for implementing a covert channel based on physical properties of the bus which allows us to bootstrap a secure session key between two nodes or to re-enforce existing shared keys. We evaluate and discuss the performance of software-based implementations of the proposed mechanism on two different automotive embedded platforms relying only on the application level.

[1]  Rong Jin,et al.  Practical Secret Key Agreement for Full-Duplex Near Field Communications , 2014, IEEE Transactions on Mobile Computing.

[2]  Huie Chen,et al.  Security-Aware Scheduling for FlexRay-Based Real-Time Automotive Systems , 2019 .

[3]  Bogdan Groza,et al.  Accommodating Time-Triggered Authentication to FlexRay Demands , 2019, CECC.

[4]  Tolga Arul,et al.  Security and Safety Co-Engineering of the FlexRay Bus in Vehicular Networks , 2019, COINS.

[5]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[6]  Flavio D. Garcia,et al.  Beneath the Bonnet: A Breakdown of Diagnostic Security , 2018, ESORICS.

[7]  Bogdan Groza,et al.  Performance analysis of broadcast authentication protocols on CAN-FD and FlexRay , 2015, WESS.

[8]  Suhaib A. Fahmy,et al.  Extensible FlexRay Communication Controller for FPGA-Based Automotive Systems , 2015, IEEE Transactions on Vehicular Technology.

[9]  Robert Bosch,et al.  Plug-and-Secure Communication for CAN , 2015 .

[10]  Marianne Azer,et al.  Lightweight Authentication Protocol Deployment over FlexRay , 2016, INFOS '16.

[11]  Bogdan Groza,et al.  Practical Security Exploits of the FlexRay In-Vehicle Communication Protocol , 2018, CRiSIS.

[12]  Suhaib A. Fahmy,et al.  Security aware network controllers for next generation automotive embedded systems , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[13]  Kai Zeng,et al.  Physical layer key generation in wireless networks: challenges and opportunities , 2015, IEEE Communications Magazine.

[14]  Andreas Steininger,et al.  Automated Testing of FlexRay Clusters for System Inconsistencies in Automotive Networks , 2008, 4th IEEE International Symposium on Electronic Design, Test and Applications (delta 2008).

[15]  Zonghua Gu,et al.  Security-Aware Mapping and Scheduling with Hardware Co-Processors for FlexRay-Based Distributed Embedded Systems , 2016, IEEE Transactions on Parallel and Distributed Systems.

[16]  Erland Jonsson,et al.  A First Simulation of Attacks in the Automotive Network Communications Protocol FlexRay , 2008, CISIS.

[17]  Christof Paar,et al.  Security in Automotive Bus Systems , 2004 .

[18]  Jorge Guajardo,et al.  Physical Layer Group Key Agreement for Automotive Controller Area Networks , 2016, CHES.

[19]  Qian Wang,et al.  Probing Attacks on Physical Layer Key Agreement for Automotive Controller Area Networks , 2018, 2018 Asian Hardware Oriented Security and Trust Symposium (AsianHOST).

[20]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[21]  Dawn Song,et al.  The TESLA Broadcast Authentication Protocol , 2002 .

[22]  Michael Karner,et al.  Combining the Advantages of Simulation and Prototyping for the Validation of Dependable Communication Architectures: the TEODACS Approach , 2009 .