Automotive communication networks, represented by the CAN bus, are acclaimed for enabling real-time communication between vehicular ECUs but also criticized for their lack of effective security mechanisms. Various attacks have demonstrated that this security deficit renders a vehicle vulnerable to adversarial control that jeopardizes passenger safety. A recent standardization effort led by AUTOSAR has provided general guidelines for developing next-generation automotive communication technologies with built-in security mechanisms. A key security mechanism is message authentication between ECUs for countering message spoofing and replay attack. While many message authentication schemes have been proposed by previous work, the important issue of session key establishment with AUTOSAR compliance was not well addressed. In this paper, we fill this gap by proposing an AUTOSAR-compliant key management architecture that takes into account practical requirements imposed by the automotive environment. Based on this architecture, we describe a baseline session key distribution protocol called SKDC that realizes all designed security functionalities, and propose a novel secret-sharing-based protocol called SSKT that yields improved communication efficiency. Both SKDC and SSKT are customized for CAN/CAN-FD bus deployment. We implemented the two protocols on commercial microcontroller boards and evaluated their performance with hardware experiment and extrapolation analysis. The result shows while both protocols are performant, SSKT achieves superior computation and communication efficiency at scale.
|Title of host publication||Proceedings - 36th Annual Computer Security Applications Conference, ACSAC 2020|
|Number of pages||13|
|State||Published - Dec 7 2020|
|Event||36th Annual Computer Security Applications Conference, ACSAC 2020 - Virtual, Online, United States|
Duration: Dec 7 2020 → Dec 11 2020
|Name||ACM International Conference Proceeding Series|
|Conference||36th Annual Computer Security Applications Conference, ACSAC 2020|
|Period||12/7/20 → 12/11/20|
Bibliographical noteFunding Information:
This work was supported in part by US National Science Foundation under grant CNS-1837519 and by Virginia Commonwealth Cyber Initiative (CCI).
© 2020 ACM.
- Automotive communication networks
- key distribution
- message authentication
- secret sharing
ASJC Scopus subject areas
- Human-Computer Interaction
- Computer Vision and Pattern Recognition
- Computer Networks and Communications