Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information Security Practice and Experience

ISPEC 2016: Information Security Practice and Experience pp 330–343Cite as

Authenticated CAN Communications Using Standardized Cryptographic Techniques

  • Conference paper
  • First Online:

  • 1276 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10060))

Abstract

In the near future, connected vehicles are expected to offer the commuters even more convenience and self-autonomy, but at the same time be exposed to much more attacks. A particularly insidious threat to vehicles security is that an attacker may exploit the vulnerabilities of in-vehicle communication network to attack vehicles, such as spoofing CAN bus messages. In this paper, we are thus motivated to propose a solution for achieving authenticated CAN communications, towards ameliorating the threats faced by the in-vehicle communication network. Strictly aiming for practicality and acceptance by the industry, our solution has two salient features: (1) it relies on the industry-wide recognized in-vehicle communication architecture, without requiring addition of any extra hardware; (2) it makes use of standardized cryptographic techniques, without invoking any proprietary cryptographic primitives and mechanisms.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Staggs, J.: How to hack your mini cooper: reverse engineering can messages on passenger automobiles. Institute for Information Security

    Google Scholar 

  2. Valasek, C., Miller, C.: A survey of remote automotive attack surfaces. http://www.ioactive.com/pdfs/IOActive_Remote_Attack_Surfaces.pdf

  3. Car Industry Three Years Behind Todays Cyber Threats. https://threatpost.com/car-industry-three-years-behind-todays-cyber-threats/116524/

  4. Miller, C., Valasek, C.: Adventures in automotive networks and control units. http://www.ioactive.com/pdfs/IOActive_Adventures_in_Automotive_Networks_and_Control_Units.pdf

  5. Miller, C., Valasek, C.: Car Hacking: For Poories

    Google Scholar 

  6. Smith, C.: Car Hacker’s Handbook (2016)

    Google Scholar 

  7. Valasek, C., Miller, C.: Remote Exploitation of an Unaltered Passenger Vehicle. http://www.ioactive.com/pdfs/IOActive_Remote_Car_Hacking.pdf

  8. Car hacked on 60 minutes. Accessed July 2016 [Online]. http://www.cbsnews.com/news/car-hacked-on-60-minutes/

  9. Samy kamkar - home. https://samy.pl/

  10. Wolf, M., Weimerskirch, A., Wollinger, T.: State of the art: embedding security in vehicles. EURASIP J. Embedded Syst. 1, 1–16 (2007)

    Article  Google Scholar 

  11. SAE J3061 (2016). http://standards.sae.org/wip/j3061/

  12. Approaches for Vehicle Information Security, Information Technology Promotion Agency, Japan (2013)

    Google Scholar 

  13. E-safety vehicle intrusion protected applications (EVITA). http://evita-project.org/. Accessed July 2016

  14. Preparing Secure Vehicle-to-X Communication Systems (PRESERVER). https://www.preserve-project.eu/. Accessed July 2016

  15. Open Vehicular Secure Platform (OVERSEE). https://www.oversee-project.com/index.php?id=2. Accessed July 2016

  16. Bruton, J.A.: Securing CAN Bus Communication: An Analysis of Cryptographic Approaches (2014)

    Google Scholar 

  17. Markantonakis, K., Mayes, K.: Secure Smart Embedded Devices, Platforms and Applications (2013)

    Google Scholar 

  18. Brooks, R.R., Yun, S.B., Deng, J.: Cyber-Physical Security of Automotive Information Technology. Elsevier Inc., Amsterdam (2012)

    Google Scholar 

  19. Van Herrewege, A., Singelee, D., Verbauwhede, I.: CANAuth – a simple, back- ward compatible broadcast authentication protocol for CAN bus. In: ECRYPT Workshop on Lightweight Cryptography 2011 (2011)

    Google Scholar 

  20. Groza, B., Murvay, S., Herrewege, A., Verbauwhede, I.: LiBrA-CAN: a lightweight broadcast authentication protocol for controller area networks. In: Pieprzyk, J., Sadeghi, A.-R., Manulis, M. (eds.) CANS 2012. LNCS, vol. 7712, pp. 185–200. Springer, Heidelberg (2012). doi:10.1007/978-3-642-35404-5_15

    Chapter  Google Scholar 

  21. Ziermann, T., Wildermann, S., Teich, J.: CAN+: a new backward-compatible controller area network (CAN) protocol with up to 16x higher data rates. In: Design, Automation & Test in Europe Conference & Exhibition (DATE 2009), pp. 1088–1093. IEEE (2009)

    Google Scholar 

  22. Perrig, A., Canetti, R., Tygar, J., Song, D.: Efficient authentication and signing of multicast streams over lossy channels. In: Proceedings of the IEEE Symposium on Security and Privacy (SP 2000), Berkeley, CA, USA, pp. 56–73, May 2000

    Google Scholar 

  23. Perrig, A., Szewczyk, R., Wen, V., Culler, D., Tygar, J.D.: SPINS: security protocols for sensor networks. In: Seventh Annual International Conference on Mobile Computing and Networks (MobiCOM 2001), Rome, Italy, July 2001

    Google Scholar 

  24. Studer, A., Bai, F., Bellur, B., Perrig, A.: Flexible, extensible, and efficient VANET authentication. J. Commun. Netw. 11(6), 574–588 (2009)

    Article  Google Scholar 

  25. Hartkopp, O., Reuber, C., Schilling, R.: MaCAN - message authenticated CAN. In: 10th International Conference on Embedded Security in Cars (ESCAR 2012), Berlin, Germany, vol. 6 (2012)

    Google Scholar 

  26. Hazem, A., Fahmy, H.A.: LCAP - a lightweight CAN authentication protocol for securing in-vehicle networks. In: 10th International Conference on Embedded Security in Cars (ESCAR 2012), Berlin, Germany, vol. 6 (2012)

    Google Scholar 

  27. Kurachi, R., Matsubara, Y., Takada, H., Adachi, N., Miyashita, Y., Horihata, S.: CaCAN centralised authentication system in CAN. In: 12th International Conference on Embedded Security in Cars (ESCAR 2014) (2014)

    Google Scholar 

  28. Radu, A.-I., Garcia, F.D.: LeiA: a lightweight authentication protocol for CAN. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9878. Springer, Heidelberg (2016). doi:10.1007/978-3-319-45741-3_15

    Google Scholar 

  29. Wolf, M., Weimerskirch, A., Paar, C.: Security in automotive bus systems. Workshop on Embedded Security in Cars (2004)

    Google Scholar 

  30. Researchers Hacked a Model S, But Tesla’s Already Release a Patch (2015). https://www.wired.com/2015/08/researchers-hacked-model-s-teslas-already/

  31. ISO, IEC 9798-2: Information technology - Security techniques - Entity authentication - Part 2: Mechanisms using symmetric encipherment algorithms

    Google Scholar 

  32. Basin, D., Cremers, C., Meier, S.: Provably repairing the ISO/IEC 9798 standard for entity authentication. In: 1st International Conference on Theory and Practice of Software, POST 2012, pp. 129–148 (2012)

    Google Scholar 

Download references

Acknowledgments

This work is supported by National Natural Science Funds of China (Grant No. 61402199) and Natural Science Funds of Guangdong (Grant No. 2015A030310017).

Author information

Authors and Affiliations

  1. Huawei Shield Lab, Singapore, 117674, Singapore

    Zhuo Wei, Yanjiang Yang & Tieyan Li

Authors
  1. Zhuo Wei
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yanjiang Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tieyan Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zhuo Wei .

Editor information

Editors and Affiliations

  1. Huawei International, Singapore, Singapore

    Feng Bao

  2. University of Surrey, Guilford, Surrey, United Kingdom

    Liqun Chen

  3. Singapore Management University, Singapore, Singapore

    Robert H. Deng

  4. Guangzhou University, Guangzhou, Guangdong, China

    Guojun Wang

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing AG

About this paper

Cite this paper

Wei, Z., Yang, Y., Li, T. (2016). Authenticated CAN Communications Using Standardized Cryptographic Techniques. In: Bao, F., Chen, L., Deng, R., Wang, G. (eds) Information Security Practice and Experience. ISPEC 2016. Lecture Notes in Computer Science(), vol 10060. Springer, Cham. https://doi.org/10.1007/978-3-319-49151-6_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-49151-6_23

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-49150-9

  • Online ISBN: 978-3-319-49151-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation