This content is not included in
your SAE MOBILUS subscription, or you are not logged in.
Secure Key Management - A Key Feature for Modern Vehicle Electronics
Technical Paper
2013-01-1418
ISSN: 0148-7191, e-ISSN: 2688-3627
Annotation ability available
Sector:
Language:
English
Abstract
The need for vehicular data security and privacy protection is already enormous and increases even further. Prominent application areas are for instance theft protection, anti-counterfeiting, secure data storage and secure communication inside the vehicle and from the vehicle to the outside world. However, most of the vehicular security and privacy protection solutions involve modern cryptography and require availability of cryptographic keys in the vehicle and in related backend infrastructure. A central aspect for ensuring this availability and a controlled usage of such cryptographic keys is a secure key management, which affects the whole lifecycle of the key, from creation and distribution, usage, backup and update up to key deactivation. Even though secure key management is quite well understood in the standard computer world, the situation in the automotive world is quite different, as we have different functional requirements (e.g., sporadic low-bandwidth connections) and different security requirements (e.g., physical insider attacks).
We hence analyze the requirements and give best practice approaches for a secure key management solution in the automotive context. We highlight potential security concerns that are encountered during each phase on a lifecycle of a cryptographic key used in a typical vehicular security solution. Knowing the security vulnerabilities, we will introduce open solutions and best practice approaches for secure key management implementation both in the embedded in-vehicle domain as well as for the supporting backend infrastructure.
Recommended Content
Journal Article | Model-based Application of ISO 26262: The Hazard Analysis and Risk Assessment |
Technical Paper | Securing Connected Vehicles End to End |
Journal Article | In-Vehicle Driver State Detection Using TIP-II |
Authors
Topic
Citation
Schleiffer, C., Wolf, M., Weimerskirch, A., and Wolleschensky, L., "Secure Key Management - A Key Feature for Modern Vehicle Electronics," SAE Technical Paper 2013-01-1418, 2013, https://doi.org/10.4271/2013-01-1418.Also In
References
- BlueKrypt Cryptographic Key Length Recommendation http://www.keylength.com
- Bono , S. , Green , M. , Stubblefield , A. , Rubin , A. , Juels , A. , Szydlo , M. Security Analysis of a Cryptographically-Enabled RFID Device USENIX Security Symposium August 2005
- The eSTREAM Project http://www.ecrypt.eu.org/stream/project.html
- EVITA Project Deliverable 3.2: Secure On-board Architecture Specification 2010
- Gendrullis , T. , Wolf , M. Design, Implementation, and Evaluation of a Vehicular Hardware Security Module 14th International Conference on Information Security and Cryptology (ICISC 2011) Seoul, Korea December 2011
- Hersteller-Initiative Software (HIS) SHE - Secure Hardware Extension Version 1.1 2009
- Trusted Computing Group (TCG) TPM Specification 1.2 Revision 116 2011
- Weimerskirch , A. Secure Software Flashing SAE Int. J. Passeng. Cars - Electron. Electr. Syst. 2 1 83 86 2009 10.4271/2009-01-0272
- Weimerskirch , A. , Paar , C. , and Wolf , M. Cryptographic Component Identification: Enabler for Secure Inter-vehicular Networks 62 nd IEEE Vehicular Technology Conference September 25 28 2005 Dallas, TX, USA