Highly Efficient Authentication for CAN by Identifier Reallocation With Ordered CMACs

Most of the existing works on securing the CAN bus are using the limited data-field of CAN frames to embed a cryptographic payload. Only very few works have suggested the use of the identifier field since identifiers are critical for the arbitration procedure and changing them at random would interfere with message priorities. To preserve priority on the bus, in this work we use an ordered CMAC buffer. In this way, we can authenticate the identifiers of CAN frames and check that the sender is a legitimate node while arbitration on the bus remains unaltered. Moreover, we determine that for real-world scenarios the achieved security level is very close to the length of the ID field despite the constraints from ordering. This procedure easily circumvents replay attacks and fuzz testing on the bus, which were exploited by many recent works. We prove the feasibility of our approach by testing practical implementations on automotive-grade microcontrollers and CAN-bus traffic allocations from a high-end vehicle. The computational requirements are some of the lowest achievable for securing CAN, with a dozen CMAC-AES computations being sufficient for extracting a table of one hundred identifiers.

[1]  Dong Hoon Lee,et al.  A Practical Security Architecture for In-Vehicle CAN-FD , 2016, IEEE Transactions on Intelligent Transportation Systems.

[2]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[3]  Hiroaki Takada,et al.  CaCAN: Centralized Authentication System in CAN (Controller Area Network) , 2016 .

[4]  Mauro Conti,et al.  TACAN: transmitter authentication through covert channels in controller area networks , 2019, ICCPS.

[5]  Lide Wang,et al.  Anomaly Detection for Controller Area Network in Braking Control System With Dynamic Ensemble Selection , 2019, IEEE Access.

[6]  Kang G. Shin,et al.  Viden: Attacker Identification on In-Vehicle Networks , 2017, CCS.

[7]  Radha Poovendran,et al.  Cloaking the Clock: Emulating Clock Skew in Controller Area Networks , 2017, 2018 ACM/IEEE 9th International Conference on Cyber-Physical Systems (ICCPS).

[8]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[9]  Huy Kang Kim,et al.  Intrusion detection system based on the analysis of time intervals of CAN messages for in-vehicle network , 2016, 2016 International Conference on Information Networking (ICOIN).

[10]  Stacy J. Prowell,et al.  Modeling inter-signal arrival times for accurate detection of CAN bus signal injection attacks: a data-driven approach to in-vehicle intrusion detection , 2017, CISRC.

[11]  Qiyan Wang,et al.  VeCure: A practical security framework to protect the CAN bus of vehicles , 2014, 2014 International Conference on the Internet of Things (IOT).

[12]  Geoffrey Smith,et al.  On the Foundations of Quantitative Information Flow , 2009, FoSSaCS.

[13]  Nathan Chenette,et al.  Order-Preserving Encryption Revisited: Improved Security Analysis and Alternative Solutions , 2011, CRYPTO.

[14]  Hiroaki Takada,et al.  IDH-CAN: A Hardware-Based ID Hopping CAN Mechanism With Enhanced Security for Automotive Real-Time Applications , 2018, IEEE Access.

[15]  Kazuomi Oishi,et al.  A Method of Preventing Unauthorized Data Transmission in Controller Area Network , 2012, 2012 IEEE 75th Vehicular Technology Conference (VTC Spring).

[16]  Bo Luo,et al.  Using ID-Hopping to Defend Against Targeted DoS on CAN , 2017, SCAV@CPSWeek.

[17]  Dong Hoon Lee,et al.  VoltageIDS: Low-Level Communication Characteristics for Automotive Intrusion Detection System , 2018, IEEE Transactions on Information Forensics and Security.

[18]  Daesung Moon,et al.  CAN ID Shuffling Technique (CIST): Moving Target Defense Strategy for Protecting In-Vehicle CAN , 2019, IEEE Access.

[19]  Alberto L. Sangiovanni-Vincentelli,et al.  Security-Aware Modeling and Efficient Mapping for CAN-Based Real-Time Distributed Automotive Systems , 2015, IEEE Embedded Systems Letters.

[20]  Gianpiero Costantino,et al.  TOUCAN: A proTocol tO secUre Controller Area Network , 2019, AutoSec@CODASPY.

[21]  Alberto L. Sangiovanni-Vincentelli,et al.  Security-aware mapping for CAN-based real-time distributed automotive systems , 2013, 2013 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[22]  Nei Kato,et al.  Attacker Identification and Intrusion Detection for In-Vehicle Networks , 2019, IEEE Communications Letters.

[23]  Christopher Huth,et al.  Scission: Signal Characteristic-Based Sender Identification and Intrusion Detection in Automotive Networks , 2018, CCS.

[24]  Geoffrey Smith,et al.  Min-entropy as a resource , 2013, Inf. Comput..

[25]  Kang G. Shin,et al.  Fingerprinting Electronic Control Units for Vehicle Intrusion Detection , 2016, USENIX Security Symposium.

[26]  Bogdan Groza,et al.  Security Solutions for the Controller Area Network: Bringing Authentication to In-Vehicle Networks , 2018, IEEE Vehicular Technology Magazine.