Abstract
Communication in modern cars is managed by a controller area network (CAN) bus protocol and its extensions for electronic control units (ECUs). The CAN bus is a preferred method for reliable real-time broadcast communication. However, unprotected CAN communications make the vehicles vulnerable to a variety of practical malicious wired/wireless attacks. In this work, we analyze the existing frame-level authentication protocol and identify weaknesses and limitations. To address this, we provide a protocol suite for entity authentication, key management, a secure message flow for remote transmission request frames and session key update to be applied for vehicle connection with external devices. We prove the security of our protocol in the random oracle model and assess its resistance against known attacks. We formally verify the security of our protocol using the Tamarin tool. Our simulation results indicate that our protocol improves efficiency.
| Original language | English |
|---|---|
| Article number | 9046809 |
| Pages (from-to) | 3107-3122 |
| Number of pages | 16 |
| Journal | IEEE Transactions on Information Forensics and Security |
| Volume | 15 |
| DOIs | |
| Publication status | Published - 2020 |
| Externally published | Yes |
Keywords
- CAN security
- car hacking
- control system security
- IVN security
- security protocols
- vehicle cybersecurity