skip to main content
10.1145/2818362.2818369acmconferencesArticle/Chapter ViewAbstractPublication PagesesweekConference Proceedingsconference-collections
research-article

Performance analysis of broadcast authentication protocols on CAN-FD and FlexRay

Published: 04 October 2015 Publication History

Abstract

In the light of the numerous reported attacks, designing cryptographic protocols for in-vehicle embedded networks was a constant preoccupation in the past few years. While several research proposals appeared, a concrete performance analysis of such protocols over a realistic network configuration is still absent from the literature. In this work we address the performance for various authentication protocols that were recently proposed for the two most prominent vehicular buses: FlexRay and CAN-FD. While a real-world vehicular network is still out of reach for our work, we achieve a first step in this direction by using a CANoe based simulation for these protocols over state-of-the-art automotive buses. This allows us to draw a more realistic perspective on the efficiency of existing proposals for bus authentication. Our results suggest that sharing symmetric keys between groups of nodes is the most realistic proposal as it creates a balance between bandwidth efficiency and security level.

References

[1]
S. Bittl. Attack potential and efficient security enhancement of automotive bus networks using short MACs with rapid key change. In Communication Technologies for Vehicles, pages 113--125. Springer, 2014.
[2]
S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, and T. Kohno. Comprehensive experimental analyses of automotive attack surfaces. In USENIX Security 2011, 2011.
[3]
S. Corrigan. Controller area network physical layer requirements. Application Report, Texas Instruments, 2008.
[4]
B. Groza and P.-S. Murvay. Efficient Protocols For Secure Broadcast In Controller Area Networks. Industrial Informatics, IEEE Transactions on, 2012.
[5]
B. Groza, S. Murvay, A. Van Herrewege, and I. Verbauwhede. LiBrA-CAN: a lightweight broadcast authentication protocol for controller area networks. In Cryptology and Network Security, pages 185--200. Springer, 2012.
[6]
O. Hartkopp, C. Reuber, and R. Schilling. MaCAN-message authenticated CAN. In 10th Int. Conf. on Embedded Security in Cars (ESCAR 2012), 2012.
[7]
F. Hartwich. CAN with flexible data-rate. In 13th International CAN Conference (iCC2012), Hambach, Germany, 2012.
[8]
International Organization for Standardization. ISO/DIS 11898-1: Road vehicles - Controller Area Network - Part 1: Data link layer and physical signalling, 2015.
[9]
K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, and S. Savage. Experimental security analysis of a modern automobile. In Security and Privacy (SP), 2010 IEEE Symposium on, pages 447--462, May 2010.
[10]
R. Kurachi, Y. Matsubara, H. Takada, N. Adachi, Y. Miyashita, and S. Horihata. CaCAN - centralized authentication system in CAN (controller area network). In 14th Int. Conf. on Embedded Security in Cars (ESCAR 2014), 2014.
[11]
C.-W. Lin, Q. Zhu, and A. Sangiovanni-Vincentelli. Security-aware modeling and efficient mapping for CAN-based real-time distributed automotive systems. Embedded Systems Letters, 2014.
[12]
A. Mutter. CAN-FD and the CRC issue. CAN Newsletter 1/2015. CAN in Automation (CiA), 2015.
[13]
A. Perrig, R. Canetti, D. Song, and J. D. Tygar. SPINS: Security protocols for sensor networks. In Seventh Annual ACM International Conference on Mobile Computing and Networks (MobiCom 2001), pages 189--199, 2001.
[14]
A. Perrig, R. Canetti, J. Tygar, and D. X. Song. Efficient authentication and signing of multicast streams over lossy channels. In IEEE Symposium on Security and Privacy, pages 56--73, 2000.
[15]
Robert BOSCH GmbH. CAN Specification Version 2.0., 1991.
[16]
Robert BOSCH GmbH. CAN with Flexible Data-Rate Version 1.0, 2012.
[17]
C. Szilagyi and P. Koopman. Flexible multicast authentication for time-triggered embedded control network applications. In Dependable Systems & Networks, 2009. DSN'09. IEEE/IFIP International Conference on, pages 165--174. IEEE, 2009.
[18]
C. Szilagyi and P. Koopman. Low cost multicast authentication via validity voting in time-triggered embedded control networks. In Proceedings of the 5th Workshop on Embedded Systems Security, page 10. ACM, 2010.
[19]
C. J. Szilagyi. Low cost multicast network authentication for embedded control systems. PhD thesis, Carnegie Mellon University, 2012.
[20]
A. Van Herrewege, D. Singelee, and I. Verbauwhede. CANAuth-a simple, backward compatible broadcast authentication protocol for CAN bus. In ECRYPT Workshop on Lightweight Cryptography 2011, 2011.
[21]
Q. Wang and S. Sawhney. VeCure: A practical security framework to protect the CAN bus of vehicles. In Internet of Things (IOT), 2014 International Conference on the, pages 13--18. IEEE, 2014.
[22]
S. Woo, H. J. Jo, and D. H. Lee. A practical wireless attack on the connected car and security protocol for in-vehicle CAN. Intelligent Transportation Systems, IEEE Transactions on, 2014.

Cited By

View all

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
WESS'15: Proceedings of the WESS'15: Workshop on Embedded Systems Security
October 2015
73 pages
ISBN:9781450336673
DOI:10.1145/2818362
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 October 2015

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. CAN-FD
  2. FlexRay
  3. broadcast authentication
  4. embedded networks

Qualifiers

  • Research-article
  • Research
  • Refereed limited

Conference

ESWEEK'15
ESWEEK'15: ELEVENTH EMBEDDED SYSTEM WEEK
October 4 - 9, 2015
Amsterdam, Netherlands

Acceptance Rates

Overall Acceptance Rate 8 of 21 submissions, 38%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)6
  • Downloads (Last 6 weeks)1
Reflects downloads up to 16 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)In-vehicle communication cyber securityVehicular Communications10.1016/j.vehcom.2024.10084650:COnline publication date: 1-Dec-2024
  • (2022)Study on Penetration Testing Platform Oriented to CAN Bus Embedded System2022 7th International Conference on Signal and Image Processing (ICSIP)10.1109/ICSIP55141.2022.9886204(400-404)Online publication date: 20-Jul-2022
  • (2020)Efficient Physical Layer Key Agreement for FlexRay NetworksIEEE Transactions on Vehicular Technology10.1109/TVT.2020.300261669:9(9767-9780)Online publication date: Sep-2020
  • (2019)Accommodating Time-Triggered Authentication to FlexRay DemandsProceedings of the Third Central European Cybersecurity Conference10.1145/3360664.3360666(1-6)Online publication date: 14-Nov-2019
  • (2019)Security and Safety Co-Engineering of the FlexRay Bus in Vehicular NetworksProceedings of the International Conference on Omni-Layer Intelligent Systems10.1145/3312614.3312626(31-37)Online publication date: 5-May-2019
  • (2019)Cryptographic and Intrusion Detection System for automotive CAN bus: Survey and contributions2019 16th International Multi-Conference on Systems, Signals & Devices (SSD)10.1109/SSD.2019.8893165(158-163)Online publication date: Mar-2019
  • (2019)Cybersecurity challenges in vehicular communicationsVehicular Communications10.1016/j.vehcom.2019.100214(100214)Online publication date: Dec-2019
  • (2017)In-Vehicle CAN Message Authentication: An Evaluation Based on Industrial Criteria2017 IEEE 86th Vehicular Technology Conference (VTC-Fall)10.1109/VTCFall.2017.8288327(1-7)Online publication date: Sep-2017

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media