Resumen
Automotive communication networks, represented by the CAN bus, are acclaimed for enabling real-time communication between vehicular ECUs but also criticized for their lack of effective security mechanisms. Various attacks have demonstrated that this security deficit renders a vehicle vulnerable to adversarial control that jeopardizes passenger safety. A recent standardization effort led by AUTOSAR has provided general guidelines for developing next-generation automotive communication technologies with built-in security mechanisms. A key security mechanism is message authentication between ECUs for countering message spoofing and replay attack. While many message authentication schemes have been proposed by previous work, the important issue of session key establishment with AUTOSAR compliance was not well addressed. In this paper, we fill this gap by proposing an AUTOSAR-compliant key management architecture that takes into account practical requirements imposed by the automotive environment. Based on this architecture, we describe a baseline session key distribution protocol called SKDC that realizes all designed security functionalities, and propose a novel secret-sharing-based protocol called SSKT that yields improved communication efficiency. Both SKDC and SSKT are customized for CAN/CAN-FD bus deployment. We implemented the two protocols on commercial microcontroller boards and evaluated their performance with hardware experiment and extrapolation analysis. The result shows while both protocols are performant, SSKT achieves superior computation and communication efficiency at scale.
| Idioma original | English |
|---|---|
| Título de la publicación alojada | Proceedings - 36th Annual Computer Security Applications Conference, ACSAC 2020 |
| Páginas | 681-693 |
| Número de páginas | 13 |
| ISBN (versión digital) | 9781450388580 |
| DOI | |
| Estado | Published - dic 7 2020 |
| Evento | 36th Annual Computer Security Applications Conference, ACSAC 2020 - Virtual, Online, United States Duración: dic 7 2020 → dic 11 2020 |
Serie de la publicación
| Nombre | ACM International Conference Proceeding Series |
|---|
Conference
| Conference | 36th Annual Computer Security Applications Conference, ACSAC 2020 |
|---|---|
| País/Territorio | United States |
| Ciudad | Virtual, Online |
| Período | 12/7/20 → 12/11/20 |
Nota bibliográfica
Publisher Copyright:© 2020 ACM.
Financiación
This work was supported in part by US National Science Foundation under grant CNS-1837519 and by Virginia Commonwealth Cyber Initiative (CCI).
| Financiadores | Número del financiador |
|---|---|
| Virginia Commonwealth Cyber Initiative | |
| U.S. Department of Energy Chinese Academy of Sciences Guangzhou Municipal Science and Technology Project Oak Ridge National Laboratory Extreme Science and Engineering Discovery Environment National Science Foundation National Energy Research Scientific Computing Center National Natural Science Foundation of China | CNS-1837519 |
| U.S. Department of Energy Chinese Academy of Sciences Guangzhou Municipal Science and Technology Project Oak Ridge National Laboratory Extreme Science and Engineering Discovery Environment National Science Foundation National Energy Research Scientific Computing Center National Natural Science Foundation of China | |
| Center for Cultural Innovation |
ASJC Scopus subject areas
- Software
- Human-Computer Interaction
- Computer Vision and Pattern Recognition
- Computer Networks and Communications