This content is not included in
your SAE MOBILUS subscription, or you are not logged in.
A Controller Area Network Bus Identity Authentication Method Based on Hash Algorithm
Technical Paper
2021-01-5077
ISSN: 0148-7191, e-ISSN: 2688-3627
Annotation ability available
Sector:
Language:
English
Abstract
With the development of vehicle intelligence and the Internet of Vehicles, how to protect the safety of the vehicle network system has become a focus issue that needs to be solved urgently. The Controller Area Network (CAN) bus is currently a very widely used vehicle-mounted bus, and its security largely determines the degree of vehicle-mounted information security. The CAN bus lacks adequate protection mechanisms and is vulnerable to external attacks such as replay attacks, modifying attacks, and so on. On the basis of the existing work, this paper proposes an authentication method that combines Hash-based Message Authentication Code (HMAC)-SHA256 and Tiny Encryption Algorithm (TEA) algorithms. This method is based on dynamic identity authentication in challenge/response made and combined with the characteristics of the CAN bus itself as it achieves the identity authentication between the gateway and multiple electronic control units (ECUs). In the authentication process, dynamic passwords are used to complete the identity authentication. In order to verify the validity of the authentication method proposed in this article, we built the authentication model in Matlab/Simulink and analyzed the authentication process in Matlab/canTool. Through data stream recording, busload analysis, and attack experiments using network attack models, it is shown that the authentication method proposed in this paper has a low busload, and it can achieve multi-node verification. Through comparison with Message Authentication Code (MAC) and Challenge/Response method, it can effectively deal with the replay attacks and modifying attacks. This method is a safe and reliable authentication method, which improves the safety of the CAN bus.
Authors
Topic
Citation
Zhang, Z., Wang, L., Wu, Y., and Li, F., "A Controller Area Network Bus Identity Authentication Method Based on Hash Algorithm," SAE Technical Paper 2021-01-5077, 2021, https://doi.org/10.4271/2021-01-5077.Also In
References
- Hoppe , T. , Kiltz , S. , and Dittmann , J. Security Threats to Automotive Can Networks—Practical Examples and Selected Short-Term Countermeasures Reliability Engineering and System Safety 96 1 2011 11 25
- Koscher , K. , Czeskis , A. , Roesner , F. , Patel , S. et al. Experimental Security Analysis of a Modern Automobile the 31st IEEE Symposium on Security and Privacy, S&P 2010 Berkeley/Oakland, CA 2010 https://doi.org/10.1109/SP.2010.34
- Checkoway , S. , Mccoy , D. , Anderson , D. , Kantor , B. et al. Comprehensive Experimental Analyses of Automotive Attack Surfaces The Usenix Conference on Security Bellevue, WA 2012
- Kang , M.J. and Kang , J.W. A Novel Intrusion Detection Method Using Deep Neural Network for In-Vehicle Network Security The Vehicular Technology Conference Nanjing, China 2016 https://doi.org/10.1109/VTCSpring.2016.7504089
- Chen , D. 2019
- Limin , Z. and Renfa , L. A Secure Vehicle CAN Network Protocol Based on AES-CCM Algorithm Automotive Technology Paper 515 8 2018 57 62 https://doi.org/10.19620/j.cnki.1000-3703.20180665
- Zhang , J. Identity Authentication Technology and Its Development Trend Information Communication 2015 02 125 126 https://doi.org/10.3969/j.issn.1002-0802.2009.10.063
- Schweppe , H. and Roudier , Y. Security and Privacy for In-Vehicle Networks 2012 IEEE 1st International Workshop on Vehicular Communications, Sensing ,and Computing (VCSC) Seoul, Korea 2012 https://doi.org/10.1109/VCSC.2012.6281235
- Schweppe , H. , Roudier , Y. , Weyl , B. , Apvrille , L. et al. Car2x Communication: Securing the Last Meter—A Cost-Effective Approach for Ensuring Trust in Car2x Applications Using In-Vehicle Symmetric Cryptography The Proceedings of the 74th IEEE Vehicular Technology Conference, VTC Fall 2011 San Francisco, CA 2011 https://doi.org/10.1109/VETECF.2011.6093081
- Groza , B. and Murvay , P.S. Broadcast Authentication in a Low Speed Controller Area Network The International Conference on E-Business and TelecommuNications Rome, Italy 2012 https://doi.org/10.1007/978-3-64235755-8_23
- Groza , B. and Murvay , S. Efficient Protocols for Secure Broadcast in Controller Area Networks IEEE Transactions on Industrial Informatics 9 4 2013 2034 2042 https://doi.org/10.1109/TII.2013.2239301
- Groza , B. , Murvay , S. , Van Herrewege , A. , and Verbauwhede , I. Libra-Can: A Lightweight Broadcast Authentication Protocol for Controller Area Networks The International Conference on Cryptology and Network Security Darmstadt, Germany 2012 https://doi.org/10.1007/978-3-642-35404-5_15
- Woo , S. , Jo , H.J. , Kim , I.S. , and Lee , D.H. A Practical Security Architecture for In-Vehicle CAN-FD IEEE Transactions on Intelligent Transportation Systems 17 8 2016 2248 2261 https://doi.org/10.1109/TITS.2016.2519464
- Woo , S. , Jo , H.J. , and Lee , D.H. A Practical Wireless Attack on the Connected Car and Security Protocol for In-Vehicle Can IEEE Transactions on Intelligent Transportation Systems 16 2 2014 1 14 https://doi.org/10.1109/TITS.2014.2351 612
- Wu , S. 2018
- Lin , C.W. and Sangiovanni-Vincentelli , A. Cyber-Security for the Controller Area Network (Can) Communication Protocol The 2012 International Conference on CyberSecurity New York, America 2013 https://doi.org/10.1109/CyberSecurity.2012.7
- Wheeler , D.J. and Needham , R.M. TEA, a Tiny Encryption Algorithm Berlin, Heidelberg Springer 1994 https://doi.org/10.1007/3-540-60590-8_29
- Feng , L. , Qiang , H. , and Yu , L. Vehicle-Mounted Network Security Communication Based on CAN-FD Bus Journal of Tongji University: Natural Science Edition 47 03 2019 386 391