Abstract
A number of successful attacks on automotive bus systems has been published recently. However, only a limited amount of detailed studies about attack surfaces as well as efficient security mechanisms have been proposed. Therefore, a general study of possible attacks regarding content manipulation on popular automotive bus systems is provided in this work. Additionally, a new authentication scheme for bus messages is proposed, which overcomes some of the limitations imposed by previously suggested technologies. Thereby, a combination of the upcoming SHA-3 standard with standard HMAC authentication is used to achieve a highly secure system, while keeping the introduced overhead very low.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Memorandum of Understanding for OEMs within the CAR 2 CAR Communication Consortium on Deployment Strategy for cooperative ITS in Europe, v 4.0102 (June 2011)
CANlog4. giN - Gesellschaft für industrielle Netzwerke (December 2013), http://gin.de/index.php?device=1004&lang=en
ISO 11898-1:2003 Road vehicles – Controller area network (CAN) – Part 1: Data link layer and physical signalling (February 2013)
ISO 17458-2:2013 Road vehicles – FlexRay communications system – Part 2: Data link layer specification (January 2013)
ISO/DIS 17987-3 Road vehicles – Local Interconnect Network (LIN) – Part 3: Protocol specification (November 2013)
TTX-Connexion. TTTech (December 2013), http://www.tttech.com/products/automotive/testing-tools/signal-routing/ttx-connexion/
Al-Kuwari, S., Wolthusen, D.: On the Feasibility of Carrying Out Live Real-Time Forensics for Modern Intelligent Vehicles. In: Forensics in Telecommunications, Information and Multimedia: Third International ICST Conf., pp. 207–223 (2010)
Bellare, M., Canetti, R., Krawczyk, H.: Keying Hash Functions for Message Authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: The Keccak sponge function family (June 2013), http://keccak.noekeon.org/
Chang, S., Perlner, R., Burr, W.E., Turan, M.S., Kelsey, J.M., Paul, S., Bassham, L.E.: Third Round Report of the SHA-3 Cryptographic Hash Algorithm Competition. Tech. rep., NIST (November 2012)
Dworkin, M.: Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication. NIST Special Publication 800-38B, NIST (May 2005)
Dworkin, M.: Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC. NIST Special Publication 800-38D, NIST (November 2007)
Groza, B., Murvay, S., van Herrewege, A., Verbauwhede, I.: LiBrA-CAN: A Lightweight Broadcast Authentication Protocol for Controller Area Networks. In: Pieprzyk, J., Sadeghi, A.-R., Manulis, M. (eds.) CANS 2012. LNCS, vol. 7712, pp. 185–200. Springer, Heidelberg (2012)
Koscher, K., et al.: Experimental Security Analysis of a Modern Automobile. In: 31st IEEE Symposium on Security and Privacy, vol. 31 (2010)
Krawczyk, H., Bellare, M., Canetti, R.: HMAC: Keyed-Hashing for Message Authentication. Tech. Rep. RFC2104, Network Working Group, IETF (February 1997)
Miller, C., Valasek, C.: Adventures in Automotive Networks and Control Units (2013), http://illmatics.com/car_hacking.pdf
Moser, M.: Trust Evaluation and Trust Assurance, Protection Profiles, 7th CAR 2 CAR Forum (November 2013)
MOST Cooperation: MOST Specification (July 2010)
M’Raihi, D., Bellare, M., Naccache, D., Ranen, O.: HOTP: An HMAC-Based One-Time Password Algorithm. Tech. Rep. RFC: 4226, Network Working Group, IETF (December 2005)
Nisch, P.: Security Issues in Modern Automotive Systems (June 2012), http://www.panisch.com/wp-content/uploads/2012/06/Security_Issues_in_Modern_Automotive_Cars.pdf
Paar, C., Pelzl, J.: Understanding Cryptography, 2nd edn. Springer (2010)
Schweppe, H., Roudier, Y.: Security Issues in Vehicular Systems: Threats, Emerging Solutions and Standards. In: 5th Conference on Network Architectures and Information Systems Security (May 2010)
Schweppe, H., Roudier, Y., Weyl, B., Apvrille, L.: Car2X Communication: Securing the Last Meter - A Cost-Effective Approach for Ensuring Trust in Car2X Applications Using In-Vehicle Symmetric Cryptography. In: 2011 IEEE Vehicular Technology Conference (VTC Fall), pp. 1–5 (September 2011)
Van Herrewege, A., Singelee, D., Verbauwhede, I.: CANAuth - A Simple, Backward Compatible Broadcast Authentication Protocol for CAN bus. In: ECRYPT Workshop on Lightweight Cryptography 2011 (January 2011)
Wolf, M., Weimerskirch, A., Paar, C.: Security in Automotive Bus Systems. In: Proceedings of the Workshop on Embedded Security in Cars (escar) 2004 (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Bittl, S. (2014). Attack Potential and Efficient Security Enhancement of Automotive Bus Networks Using Short MACs with Rapid Key Change. In: Sikora, A., Berbineau, M., Vinel, A., Jonsson, M., Pirovano, A., Aguado, M. (eds) Communication Technologies for Vehicles. Nets4Cars/Nets4Trains/Nets4Aircraft 2014. Lecture Notes in Computer Science, vol 8435. Springer, Cham. https://doi.org/10.1007/978-3-319-06644-8_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-06644-8_11
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-06643-1
Online ISBN: 978-3-319-06644-8
eBook Packages: Computer ScienceComputer Science (R0)