Identity-Based Key Exchange on In-Vehicle Networks: CAN-FD & FlexRay

Security has become critical for in-vehicle networks as they carry safety-critical data from various components, e.g., sensors or actuators, and current research proposals were quick to react with cryptographic protocols designed for in-vehicle buses, e.g., CAN (Controller Area Network). Obviously, the majority of existing proposals are built on cryptographic primitives that rely on a secret shared key. However, how to share such a secret key is less obvious due to numerous practical constraints. In this work, we explore in a comparative manner several approaches based on a group extension of the Diffie–Hellman key-exchange protocol and identity-based authenticated key agreements. We discuss approaches based on conventional signatures and identity-based signatures, garnering advantages from bilinear pairings that open road to several well-known cryptographic constructions: short signatures, the tripartite Diffie–Hellman key exchange and identity-based signatures or key exchanges. Pairing-based cryptographic primitives do not come computationally cheap, but they offer more flexibility that leads to constructive advantages. To further improve on performance, we also account for pairing-free identity-based key exchange protocols that do not require expensive pairing operations nor explicit signing of the key material. We present both computational results on automotive-grade controllers as well as bandwidth simulations with industry-standard tools, i.e., CANoe, on modern in-vehicle buses CAN-FD and FlexRay.

[1]  Dong Hoon Lee,et al.  A Practical Security Architecture for In-Vehicle CAN-FD , 2016, IEEE Transactions on Intelligent Transportation Systems.

[2]  Alberto L. Sangiovanni-Vincentelli,et al.  Security-Aware Modeling and Efficient Mapping for CAN-Based Real-Time Distributed Automotive Systems , 2015, IEEE Embedded Systems Letters.

[3]  Gianpiero Costantino,et al.  TOUCAN: A proTocol tO secUre Controller Area Network , 2019, AutoSec@CODASPY.

[4]  Qian Wang,et al.  Probing Attacks on Physical Layer Key Agreement for Automotive Controller Area Networks , 2018, 2018 Asian Hardware Oriented Security and Trust Symposium (AsianHOST).

[5]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[6]  Flavio D. Garcia,et al.  LeiA: A Lightweight Authentication Protocol for CAN , 2016, ESORICS.

[7]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[8]  Xiaoni Du,et al.  A pairing-free identity-based authenticated key agreement protocol with minimal message exchanges , 2010, Inf. Sci..

[9]  Kenneth G. Paterson,et al.  ID-based Signatures from Pairings on Elliptic Curves , 2002, IACR Cryptol. ePrint Arch..

[10]  Jorge Guajardo,et al.  Physical Layer Group Key Agreement for Automotive Controller Area Networks , 2016, CHES.

[11]  Antoine Joux,et al.  A One Round Protocol for Tripartite Diffie–Hellman , 2000, Journal of Cryptology.

[12]  Bogdan Groza,et al.  Security Solutions for the Controller Area Network: Bringing Authentication to In-Vehicle Networks , 2018, IEEE Vehicular Technology Magazine.

[13]  Hiroaki Takada,et al.  CaCAN: Centralized Authentication System in CAN (Controller Area Network) , 2016 .

[14]  Gianpiero Costantino,et al.  Trade-off analysis of safety and security in CAN bus communication , 2017, 2017 5th IEEE International Conference on Models and Technologies for Intelligent Transportation Systems (MT-ITS).

[15]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[16]  Gene Tsudik,et al.  Group key agreement efficient in communication , 2004, IEEE Transactions on Computers.

[17]  Paul C. van Oorschot,et al.  Authentication and authenticated key exchanges , 1992, Des. Codes Cryptogr..

[18]  Bogdan Groza,et al.  Efficient Protocols for Secure Broadcast in Controller Area Networks , 2013, IEEE Transactions on Industrial Informatics.

[19]  Qiyan Wang,et al.  VeCure: A practical security framework to protect the CAN bus of vehicles , 2014, 2014 International Conference on the Internet of Things (IOT).

[20]  Bogdan Groza,et al.  Security Shortcomings and Countermeasures for the SAE J1939 Commercial Vehicle Bus Protocol , 2018, IEEE Transactions on Vehicular Technology.

[21]  Whitfield Diffie,et al.  A Secure Audio Teleconference System , 1988, CRYPTO.

[22]  Robert Bosch,et al.  Plug-and-Secure Communication for CAN , 2015 .

[23]  Yongge Wang Efficient Identity-Based and Authenticated Key Agreement Protocol , 2013, Trans. Comput. Sci..

[24]  Alberto L. Sangiovanni-Vincentelli,et al.  Security-aware mapping for CAN-based real-time distributed automotive systems , 2013, 2013 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).