nach oben

Erschienen in:

2019 | OriginalPaper | Buchkapitel

Enhancing CAN Security by Means of Lightweight Stream-Ciphers and Protocols

verfasst von : Aymen Boudguiga, Jerome Letailleur, Renaud Sirdey, Witold Klaudel

Erschienen in: Computer Safety, Reliability, and Security

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The Controller Area Network (CAN) is the most used standard for communication inside vehicles. CAN relies on frame broadcast to exchange data payloads between different Electronic Control Units (ECUs) which manage critical or comfort functions such as cruise control or air conditioning. CAN is distinguished by its simplicity, its real-time application compatibility and its low deployment cost. However, CAN major drawback is its lack of security support. Indeed, CAN does not provide protections against attacks such as intrusion, injection or impersonation. In this work, we propose a framework for CAN security based on Trivium and Grain, two well-known lightweight stream ciphers. We define a simple authentication and key exchange protocol for ECUs. In addition, we extend CAN with the support of confidentiality and integrity for at least critical frames.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Combining Safety and Security in Autonomous Cars Using Blockchain Technologies

Nächstes Kapitel Analysis of Security Overhead in Broadcast V2V Communications

All new automotive microcontrollers come with a secure memory area dedicated to keys storage. Freescale McKinley, Infineon AURIX or Boundary Devices Nitrogen6X and Sabrelite are examples of such microcontrollers.

Note that same SIMD instruction sets exist also for ARM architecture. They are called Scalable Vector Extension (SVE).

Robert, C.: This car runs on code. http://spectrum.ieee.org/transportation/systems/this-car-runs-on-code

Bosch: CAN Specification Version 2.0, September 1991

Hoppe, T., Kiltz, S., Dittmann, J.: Security threats to automotive CAN networks - practical examples and selected short-term countermeasures. In: Proceedings of the 27th International Conference on Computer Safety, Reliability, and Security (SAFECOMP 2008) (2008)

Nilsson, D.K., Larson, U.E.: Simulated attacks on CAN buses: vehicle virus. In: Proceedings of the Fifth International Conference on Communication Systems and Networks (AsiaCSN 2008) (2008)

Koscher, K., et al.: Experimental security analysis of a modern automobile. In: Proceedings of the 2010 IEEE Symposium on Security and Privacy (2010)

Checkoway, S., et al.: Comprehensive experimental analyses of automotive attack surfaces. In: Proceedings of the 20th USENIX Conference on Security

Schneider, D.: Jeep hacking 101

Tencent Keen Security Lab: Experimental security research of tesla autopilot

De Cannière, C., Preneel, B.: Trivium. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 244–266. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-68351-3_18CrossRef

10.

Ågren, M., Hell, M., Johansson, T., Meier, W.: Grain-128a: a new version of grain-128 with optional authentication. IJWMC 5, 48–59 (2011)CrossRef

11.

Oguma, H., Yoshioka, A., Nishikawa, M., Shigetomi, R., Otsuka, A., Imai, H.: New attestation based security architecture for in-vehicle communication. In: IEEE Global Telecommunications Conference (GLOBECOM 2008) (2008)

12.

Szilagyi, C., Koopman, P.: Flexible multicast authentication for time-triggered embedded control network applications. In: 2009 IEEE/IFIP International Conference on Dependable Systems Networks (2009)

13.

Schweppe, H., Roudier, Y., Weyl, B., Apvrille, L., Scheuermann, D.: Car2X communication: securing the last meter -A cost-effective approach for ensuring trust in Car2X applications using in-vehicle symmetric cryptography. In: 4th IEEE International Symposium on Wireless Vehicular Communications (WiVeC 2011) (2011)

14.

Lin, C.W., Sangiovanni-Vincentelli, A.: Cyber-security for the Controller Area Network (CAN) communication protocol. In: 2012 International Conference on Cyber Security (CyberSecurity 2012) (2012)

15.

Groza, B., Murvay, S., van Herrewege, A., Verbauwhede, I.: LiBrA-CAN: a lightweight broadcast authentication protocol for controller area networks. In: Pieprzyk, J., Sadeghi, A.-R., Manulis, M. (eds.) CANS 2012. LNCS, vol. 7712, pp. 185–200. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-35404-5_15CrossRef

16.

Groza, B., Murvay, S.: Efficient Protocols for secure broadcast in controller area networks. IEEE Trans. Industr. Inf. 9(4), 2034–2042 (2013)CrossRef

17.

Perrig, A., Canetti, R., Song, D., Tygar, J.D.: Efficient and secure source authentication for multicast. In: 2001 Network and Distributed System Security Symposium, pp. 35–46 (2001)

18.

Hoppen, T., Kiltz, S., Dittmann, J.: Security threats to automotive CAN networks-Practical examples and selected short-term countermeasures. Reliab. Eng. Syst. Saf. 96(1), 11–25 (2011)CrossRef

19.

Kleberger, P., Olovsson, T., Jonsson, E.: Security aspects of the in-vehicle network in the connected car. In: 2011 IEEE Intelligent Vehicles Symposium, pp. 528–533, June 2011

20.

Larson, U., Nilsson, D., Jonsson, E.: An approach to specification-based attack detection for in-vehicle networks. In: 2008 IEEE Intelligent Vehicles Symposium, pp. 220–225, June 2008

21.

Hoppe, T., Kiltz, S., Dittmann, J.: Adaptive dynamic reaction to automotive IT security incidents using multimedia car environment. In: Fourth International Conference on Information Assurance and Security (ISA 2008) (2008)

22.

Boudguiga, A., Klaudel, W., Boulanger, A., Chiron, P.: A simple intrusion detection method for controller area network. In: 2016 IEEE International Conference on Communications (ICC), pp. 1–7, May 2016

23.

Nürnberger, S., Rossow, C.: – vatiCAN – Vetted, authenticated CAN bus. In: Gierlichs, B., Poschmann, A.Y. (eds.) CHES 2016. LNCS, vol. 9813, pp. 106–124. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53140-2_6CrossRef

24.

Groza, B., Popa, L., Murvay, P.-S.: INCANTA - INtrusion detection in controller area networks with time-covert authentication. In: Hamid, B., Gallina, B., Shabtai, A., Elovici, Y., Garcia-Alfaro, J. (eds.) CSITS/ISSA -2018. LNCS, vol. 11552, pp. 94–110. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-16874-2_7CrossRef

25.

Bella, G., Biondi, P., Costantino, G., Matteucci, I.: TOUCAN: a protocol to secure controller area network. In: Proceedings of the ACM Workshop on Automotive Cybersecurity, AutoSec 2019, pp. 3–8. ACM, New York (2019)

26.

Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inform. Theory 29, 198–208 (1983)MathSciNetCrossRef

27.

ETSI TS 102 893 v1.1.1: Intelligent Transport Systems (ITS); Security; Threat, Vulnerability and Risk Analysis (TVRA). ETSI WG5 Technical report, pp. 1–29, March 2010

28.

Henniger, O., Apvrille, L., Fuchs, A., Roudier, Y., Ruddle, A., Weyl, B.: Security requirements for automotive on-board networks. In: 2009 9th International Conference on Intelligent Transport Systems Telecommunications, pp. 641–646, October 2009

29.

Monteuuis, J.P., Boudguiga, A., Zhang, J., Labiod, H., Servel, A., Urien, P.: Sara: Security automotive risk analysis method. In: Proceedings of the 4th ACM Workshop on Cyber-Physical System Security, CPSS 2018, pp. 3–14. ACM, New York (2018)

30.

Boudguiga, A., Boulanger, A., Chiron, P., Klaudel, W., Labiod, H., Seguy, J.C.: RACE: risk analysis for cooperative engines. In: 7th International Conference on New Technologies, Mobility and Security (NTMS 2015) (2015)

Titel: Enhancing CAN Security by Means of Lightweight Stream-Ciphers and Protocols
verfasst von: Aymen Boudguiga
Jerome Letailleur
Renaud Sirdey
Witold Klaudel
Verlag: Springer International Publishing
Buch: Computer Safety, Reliability, and Security
Print ISBN: 978-3-030-26249-5

Electronic ISBN: 978-3-030-26250-1

Copyright-Jahr: 2019
DOI: https://doi.org/10.1007/978-3-030-26250-1_19

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner