Scribd Logo
Upload

Welcome to Scribd!

  • 37 views

    Poster Abstract: Lightweight Authentication Method For Controller Area Network

    Uploaded by

    SaiSai
    CAN Papers

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Poster Abstract: Lightweight Authentication Method For Controller Area Network

    Uploaded by

    SaiSai
    37 views1 page
    CAN Papers

    Original Title

    10

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    CAN Papers

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    37 views1 page

    Poster Abstract: Lightweight Authentication Method For Controller Area Network

    Uploaded by

    SaiSai
    CAN Papers

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    You are on page 1of 1

    2016 IEEE 22nd International Conference on Embedded and Real-Time Computing Systems and Applications

    Poster Abstract: Lightweight Authentication Method for Controller Area Network

    Ki-Dong Kang 1, Youngmi Baek 2, Seonghun Lee 3, Sang H. Son 1


    1
    Department of Information & Communication Engineering, DGIST, Daegu, Korea
    2
    CPS Global Center, DGIST, Daegu, Korea
    3
    Convergence Research Center for Future Automotive Technology, DGIST, Republic of Korea
    {kd_kang, ymbaek, shunlee, son}@dgist.ac.kr

    Abstract—In the age of smart and connected vehicles, there are


    significant issues in providing security for in-vehicle networking.
    Many security efforts for in-vehicle networks are still insufficient
    to build a lightweight security mechanism. Typically, it comes
    from the limitations of Controller Area Network (CAN) protocol
    common to in-vehicle network. We propose a lightweight
    authentication method based on one-way hash chain in CAN. In
    addition, we identify three technical challenges to be addressed for
    the proposed method and present our key idea to address them.
    Figure 2. One-way key chain for source authentication.
    Keywords-Controller Area Network; in-vehicle network security; There are three technical challenges to be addressed: (1) a
    authentication; Cyber-Physical Systems (CPS) limited length of hash chain, (2) securely sharing a seed with
    ECUs for re-initialization of hash chain, and (3) collision
    I. INTRODUCTION problem of one-way hash chain. They are due to limited
    These days, intelligent automotive cyber physical systems resources of ECUs, broadcast nature of CAN, and small payload
    (CPS) have received great attention because of its promise as the of CAN protocol, respectively. To address these challenges, we
    means of next generation mobility. Although they offer consider a tree based algorithm in our security protocol design.
    excellent potential for road safety, convenience, and efficiency,
    they make an automotive system more complicated and increase III. CONCLUSIONS AND FUTURE WORK
    the vulnerability. Especially, many researchers have We are developing a novel lightweight security protocol
    demonstrated that a real vehicle could be attacked from using one-way hash chain. In our effort, we focus on the
    anywhere by exploiting the various vulnerabilities of in-vehicle technical challenges by assessing the feasibility of adopting the
    network for automotive systems [2, 3]. Controller Area Network classical lightweight authentication method with one-way hash
    (CAN) is the most common in-vehicle network for exchanging chain to CAN environment. We plan to address them by using a
    information among ECUs [1]. The sources of security tree based algorithm. We expect that our lightweight
    vulnerabilities in CAN include: (1) no identification mechanism authentication protocol will be more efficient when compared to
    (no address of the sender and the receiver), and (2) a small existing authentication protocols while providing an sufficient
    payload size (maximum of only 8 bytes) to provide authentication for CAN.
    authentication. To counteract attacks on in-vehicle network,
    many authentication protocols have been proposed for CAN. ACKNOWLEDGMENT
    However, it is essential for them to keep control of their This research was supported in part by Global Research
    overhead in terms of bandwidth utilization, processing time, or Laboratory Program (2013K1A1A2A02078326) through NRF,
    authentication delay. We propose to use a novel lightweight DGIST Research and Development Program (CPS Global
    security protocol based on one-way hash chain, in order to Center) funded by the MSIP, and Institute for Information &
    provide the authentication in CAN. communications Technology Promotion (IITP) grant funded by
    II. AUTHENTICATION METHOD BASED ON HASH CHAIN the Korean government (MSIP) (No. B0101-15-0557, Resilient
    Cyber-Physical Systems Research).
    Lamport’s authentication scheme where one-way hash chain
    is first used has been considered as one of classical lightweight REFERENCES
    authentication methods [4]. In our authentication protocol, we [1] R. Bosch. Can specification version 2.0. Rober Bousch GmbH, Postfach,
    use the tip of one-way hash chain by inserting it into the 300240, 1991..
    extended ID field of data frame during transmission phase. Fig. [2] S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S.
    1 indicates a simple structure of data frame in CAN 2.0B Savage, K. Koscher, A. Czeskis, F. Roesner, T. Kohno, et al.
    protocol. The architecture of one-way hash chain is shown in Fig Comprehensive experimental analyses of automotive attack surfaces. In
    USENIX Security Symposium. San Francisco, 2011.
    2, and its tip value is utilized for source authentication.
    [3] K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway,
    D. McCoy, B. Kantor, D. Anderson, H. Shacham, et al. Experimental
    security analysis of a modern automobile. In Security and Privacy (SP),
    Figure 1. Data frame of CAN 2.0B standard. 2010 IEEE Symposium on, pages 447-462. IEEE, 2010.
    [4] L. Lamport. Password authentication with insecure communication.
    When we deploy an authentication method based on one- Communications of the ACM, 24(11):770-772, 1981
    way hash chain for CAN, we should address several challenges.

    978-1-5090-2479-7/16 $31.00 © 2016 IEEE 263


    101
    DOI 10.1109/RTCSA.2016.58

    You might also like