Unified data authenticated encryption for vehicular communication

Sensitive data are usually transferred within a vehicle using FlexRay protocol. To prevent the in-vehicle data from the manipulation and man-in-the-middle attacks through On Board Diagnostic (OBD-II) port, appropriate security schemes should be applied. In this paper, we propose a scheme to embed data integrity and confidentiality into the original FlexRay data frames and reuse the Cyclic Redundancy Check (CRC) field of existing FlexRay data frame to implement data integrity, which does not require to modify the current FlexRay protocol. We select a recently invented lightweight authenticated encryption scheme, AEGIS [5], to protect the dynamic frames, which achieves a shorter latency. We apply AES-CCM (Counter with CBC-MAC (CCM) [1]) to protect the static frames, whose latency is not stringent. We achieve a real-time 32-bit Message Authentication Code (MAC) for the static frames and an offline 64-bit MAC for the dynamic frames. In addition, we propose a unified architecture for implementing both AES-CCM and AEGIS, which reduces the required hardware resources. The experimental results show that our proposed design can achieve 3.71 Gbits/s and 9.44 Gbits/s for computing AES-CCM and AEGIS on automotive-grade XA Zynq-700 all programmable SoCs (XC7Z020), respectively. Compared to the state-of-the-art work of AES-CCM, our proposed design reduces 17.98% clock cycles.1

[1]  Marko Wolf Security engineering for vehicular IT systems : improving the trustworthiness and dependability of automotive IT applications , 2009 .

[2]  Ignacio Algredo-Badillo,et al.  FPGA Implementation and Performance Evaluation of AES-CCM Cores for Wireless Networks , 2008, 2008 International Conference on Reconfigurable Computing and FPGAs.

[3]  Bart Preneel,et al.  Minding Your MAC Algorithms ? , 2004 .

[4]  Yuhei Nagao,et al.  Implementation of 2.6 Gbps super-high speed AES-CCM security protocol for IEEE 802.11i , 2013, 2013 13th International Symposium on Communications and Information Technologies (ISCIT).

[5]  Francisco Rodŕıguez-Henŕıquez,et al.  An FPGA Implementation of CCM Mode Using AES , 2005, ICISC.

[6]  Anupam Chattopadhyay,et al.  Efficient Hardware Accelerator for AEGIS-128 Authenticated Encryption , 2014, Inscrypt.

[7]  Thomas C. Schmidt,et al.  Comparing time-triggered Ethernet with FlexRay: An evaluation of competing approaches to real-time for in-vehicle networks , 2010, 2010 IEEE International Workshop on Factory Communication Systems Proceedings.

[8]  An Braeken,et al.  Compact implementation of CCM and GCM modes of AES using DSP blocks , 2013, 2013 23rd International Conference on Field programmable Logic and Applications.

[9]  Bart Preneel,et al.  AEGIS: A Fast Authenticated Encryption Algorithm , 2013, Selected Areas in Cryptography.