No file available
To read the file of this research,
you can request a copy directly from the authors.
Robust Multicast Origin Authentication in MACsec and CANsec for Automotive Scenarios
Preprints and early-stage research may not have been peer reviewed yet.
Abstract
Having everything interconnected through the Internet, including vehicle onboard systems, is making security a primary concern in the automotive domain as well. Although Ethernet and CAN XL provide link-level security based on symmetric cryptography, they do not support origin authentication for multicast transmissions. Asymmetric cryptography is unsuitable for networked embedded control systems with real-time constraints and limited computational resources. In these cases, solutions derived from the TESLA broadcast authentication protocol may constitute a more suitable option. In this paper, some such strategies are presented and analyzed that allow for multicast origin authentication, also improving robustness to frame losses by means of interleaved keychains. A flexible authentication mechanism that relies on a unified receiver is then proposed, which enables transmitters to select strategies at runtime, to achieve the best compromise among security, reliability, and resource consumption.
ResearchGate has not been able to resolve any citations for this publication.
Continuous and low-cost broadcast authentication is a fundamental security service for distributed sensor networks. This paper presents a novel development of a continuous and low-overhead broadcast authentication protocol named enhanced Infinite timed-efficient stream-loss tolerant authentication (enhanced Inf-TESLA) protocol, based on the Inf-TESLA protocol, whose continuous authentication is limited to the duration of its keychains. The enhanced Inf-TESLA protocol satisfies important security properties, including lower communication and computational overhead; a continuous generation of keychains without the need to establish synchronization packets; scalability to a large network; and resistance to masquerading, modification, man-in-the-middle, and replay attacks. We also highlighted an unaddressed authentication issue in the last packets of the original TESLA protocol and proposed a corresponding solution. We performed a simulation analysis using JAVA and proved that, compared to the Inf-TESLA protocol, the enhanced Inf-TESLA protocol can continuously authenticate packets for the entire lifetime of the receiver. We also compared the enhanced Inf-TESLA protocol with the original TESLA protocol in terms of time complexity and critical authentication processes. The results revealed the superiority of the enhanced Inf-TESLA protocol over the original TESLA protocol in terms of the message authentication code (MAC) value generation time and packet authentication time, which we believe can significantly improve the lifetime and lower the energy expenditure of Internet of Things devices with limited power sources.
Intelligent Traffic Systems (ITS) are currently evolving in the form of a cooperative ITS or connected vehicles. Both forms use the data communications between Vehicle-to-Vehicle (V2V), Vehicle-to-Infrastructure (V2I/I2V) and other on-road entities, and are accelerating the adoption of self-driving cars. The development of cyber-physical systems containing advanced sensors, sub-systems, and smart driving assistance applications over the past decade is equipping unmanned aerial and road vehicles with autonomous decision-making capabilities. The level of autonomy depends upon the make-up and degree of sensor sophistication and the vehicle’s operational applications. As a result, self-driving cars are being compromised perceived as a serious threat. Therefore, analyzing the threats and attacks on self-driving cars and ITSs, and their corresponding countermeasures to reduce those threats and attacks are needed. For this reason, some survey papers compiling potential attacks on VANETs, ITSs and self-driving cars, and their detection mechanisms are available in the current literature. However, up to our knowledge, they have not covered the real attacks already happened in self-driving cars. To bridge this research gap, in this paper, we analyze the attacks that already targeted self-driving cars and extensively present potential cyber-attacks and their impacts on those cars along with their vulnerabilities. For recently reported attacks, we describe the possible mitigation strategies taken by the manufacturers and governments. This survey includes recent works on how a self-driving car can ensure resilient operation even under ongoing cyber-attack. We also provide further research directions to improve the security issues associated with self-driving cars.
This paper describes the work that has been done in the design and development of a wireless OBD II fleet management system. The system aims to measure speed, distance and fuel consumption of vehicles for tracking and analysis purposes. An OBD II reader is designed to measure speed and mass air flow, from which distance and fuel consumption are also computed. This data is then transmitted via WiFi to a remote server. The system also implements GPS tracking to determine the location of the vehicle. A database management system is implemented at the remote server for the storage and management of transmitted data and a graphical user interface (GUI) is developed for analysing the transmitted data . Various qualification tests are conducted to verify the functionality of the system. The results demonstrate that the system is capable of reading the various parameters, and can successfully process, transmit and display the readings.
Multicast authentication of synchrophasor data is challenging due to the design requirements of Smart Grid monitoring systems such as low security overhead, tolerance of lossy networks, time-criticality and high data rates. In this work, we propose inf-TESLA, Infinite Timed Efficient Stream Loss-tolerant Authentication, a multicast delayed au-thentication protocol for communication links used to stream synchropha-sor data for wide area control of electric power networks. Our approach is based on the authentication protocol TESLA but is augmented to accommodate high frequency transmissions of unbounded length. inf-TESLA protocol utilizes the Dual Offset Key Chains mechanism to reduce authentication delay and computational cost associated with key chain commitment. We provide a description of the mechanism using two different modes for disclosing keys and demonstrate its security against a man-in-the-middle attack attempt. We compare our approach against the TESLA protocol in a 2-day simulation scenario, showing a reduction of 15.82% and 47.29% in computational cost, sender and receiver respectively, and a cumulative reduction in the communication overhead.
GNSS vulnerabilities have become evident in the last decade. Authentication of the GNSS signals and data can be an important building block contributing to mitigating these vulnerabilities. This paper presents a Navigation Message Authentication (NMA) scheme based on the Timed Efficient Stream Loss-tolerant Authentication (TESLA) protocol and a novel concept based on a single one-way chain for all senders and cross-authentication. The paper presents an NMA implementation in the Galileo Open Service (OS) navigation message that should provide similar navigation performance to data-authenticated users and standard non-authenticated users in terms of time to first fix, accuracy and availability even in difficult reception conditions. The proposal also maintains a high level of signal unpredictability to help receivers protect against replay attacks. The scheme and implementation proposed yield significant improvements compared to the state of the art, offering the opportunity for Galileo to become the reference GNSS in civil navigation authentication.
Vehicles face growing security threats as they become increasingly connected with the external world. Hackers, researchers, and car hobbyists have compromised security keys used by the electronic control units (ECUs) on vehicles, modified ECU software, and hacked wireless transmissions from vehicle key fobs and tire monitoring sensors, using low-cost commercially available tools. However, the most damaging security threats to vehicles are only emerging. One such threat is malware, which can infect vehicles in a variety of ways and cause severe consequences. Defending vehicles against malware attacks must address many unique challenges that have not been well addressed in other types of networks. This paper identifies those vehicle-specific challenges, discusses existing solutions and their limitations, and presents a cloud-assisted vehicle malware defense framework that can address these challenges.
This paper gives the main definitions relating to dependability, a generic concept including a special case of such attributes as reliability, availability, safety, integrity, maintainability, etc. Security brings in concerns for confidentiality, in addition to availability and integrity. Basic definitions are given first. They are then commented upon, and supplemented by additional definitions, which address the threats to dependability and security (faults, errors, failures), their attributes, and the means for their achievement (fault prevention, fault tolerance, fault removal, fault forecasting). The aim is to explicate a set of general concepts, of relevance across a wide range of situations and, therefore, helping communication and cooperation among a number of scientific and technical communities, including ones that are concentrating on particular types of system, of system failures, or of causes of system failures.
. We present a related family of authentication and digital signature protocols based on symmetric cryptographic primitives which perform substantially better than previous constructions. Previously, one-time digital signatures based on hash functions involved hundreds of hash function computations for each signature; we show that given online access to a timestamping service, we can sign messages using only two computations of a hash function. Previously, techniques to sign infinite streams involved one such one-time signature for each message block; we show that in many realistic scenarios a small number of hash function computations is sufficient. Previously, the Diffie Hellman protocol enabled two principals to create a confidentiality key from scratch: we provide an equivalent protocol for integrity, which enables two people who do not share a secret to set up a securely serialised channel into which attackers cannot subsequently intrude. In addition to being of potential ...
The explosive growth of road vehicles especially the private cars has brought unprecedented pressure to a series of problems in urban transportation systems, such as traffic congestion and environmental pollution. Private cars trajectory data and perceiving their information provide a promising solution to these problems. However, the collection of large-scale trajectory data for private cars with high accuracy and reliability is still delicate tasks in urban environments. In this paper, we propose a low-cost and user-friendly implementation method for achieving large-scale private cars trajectory data acquisition via designing lightweight GPS module and On Board Diagnostics (OBD) reader. To ensure reliable trajectory data acquisition via GPS/OBD integration, we propose an ensemble learning based Gauss Process Regression (GPR) method so as to cope with the non-linearity, non-stationarity and incremental training problems during trajectory collection. We design a classification-type loss (CTL) function and build a regression to classification (R2C) method with Learn++ for realizing ensemble learning. The proposed approach implements incremental learning when new trajectory data arrives and is able to resolve the concept drifting problem. Experiments in real-world urban environment have demonstrated the effectiveness and reliability of the proposed method, it achieves better trajectory prediction performance than the comparative methods under various road conditions in GPS-denied areas.
As the general development trend of the automotive industry, connected and autonomous vehicles (CAVs) can be used to increase transportation safety, promote mobility choices, reduce user costs, and create new job opportunities. However, with the increasing level of connectivity and automation, malicious users are able to easily implement different kinds of attacks, which threaten the security of CAVs. Hence, this paper provides a comprehensive survey on the cyber-security in the environment of CAVs with the aim of highlighting security problems and challenges. Firstly, based on the types of communication networks and attack objects, it classifies various cyber-security risks and vulnerabilities in the environment of CAVs into in-vehicle network attacks, vehicle to everything network attacks, and other attacks. Next, it regards cyber-risk as another type of attacks in the environment of CAVs. Then, it describes and analyzes up-to-date corresponding defense strategies for securing CAVs. In addition, it concludes several available cyber-security and safety standards of CAVs, which is helpful for the practical application of CAVs. Finally, several challenges and open problems are discussed for the future research.
Vehicle-IT convergence technology is a rapidly rising paradigm of modern vehicles, in which an electronic control unit (ECU) is used to control the vehicle electrical systems, and the controller area network (CAN), an in-vehicle network, is commonly used to construct an efficient network of ECUs. Unfortunately, security issues have not been treated properly in CAN, although CAN control messages could be life-critical. With the appearance of the connected car environment, in-vehicle networks (e.g., CAN) are now connected to external networks (e.g., 3G/4G mobile networks), enabling an adversary to perform a long-range wireless attack using CAN vulnerabilities. In this paper we show that a long-range wireless attack is physically possible using a real vehicle and malicious smartphone application in a connected car environment. We also propose a security protocol for CAN as a countermeasure designed in accordance with current CAN specifications. We evaluate the feasibility of the proposed security protocol using CANoe software and a DSP-F28335 microcontroller. Our results show that the proposed security protocol is more efficient than existing security protocols with respect to authentication delay and communication load.
Controller Area Network is a bus commonly used by controllers inside vehicles and in various industrial control applications. In the past controllers were assumed to operate in secure perimeters, but today these environments are well connected to the outside world and recent incidents showed them extremely vulnerable to cyber-attacks. To withstand such threats, one can implement security in the application layer of CAN. Here we design, refine and implement a broadcast authentication protocol based on the well known paradigm of using key-chains and time synchronization, a commonly used mechanism in wireless sensor networks, which allows us to take advantage from the use of symmetric primitives without the need of secret shared keys during broadcast. But, as process control is a time critical operation we make several refinements in order to improve on the authentication delay. For this we study several trade-offs to alleviate shortcomings on computational speed, memory and bandwidth up to the point of using reduced versions of hash functions that can assure ad hoc security. To prove the efficiency of the protocol we provide experimental results on two representative microcontrollers from the market: a Freescale S12X and an Infineon TriCore, both devices were specifically chosen as they are located somewhat on the extremes of computational power.
Multicast stream authentication and signing is an important and challenging problem. Applications include the continuous authentication of radio and TV Internet broadcasts, and authenticated data distribution by satellite. The main challenges are fourfold. First, authenticity must be guaranteed even when only the sender of the data is trusted. Second, the scheme needs to scale to potentially millions of receivers. Third, streamed media distribution can have high packet loss. Finally, the system needs to be efficient to support fast packet rates.We propose two efficient schemes, TESLA and EMSS, for secure lossy multicast streams. TESLA, short for Timed Efficient Stream Loss-tolerant Authentication, offers sender authentication, strong loss robustness, high scalability, and minimal overhead, at the cost of loose initial time synchronization and slightly delayed authentication. EMSS, short for Efficient Multi-chained Stream Signature, provides non-repudiation of origin, high loss resistance, and low overhead, at the cost of slightly delayed verification.
A survey is given of the variations on the choice and the usage of
freshness identifiers, and the various forms of replay attack. Besides
helping to clarify the important concepts of freshness and replay, this
exercise demonstrates the potential complexity in devising formal
methods to analyze cryptographic protocols
Thieves are now stealing cars via a headlight 'CAN injection
- Z Palmer
Z. Palmer, "Thieves are now stealing cars via a headlight
'CAN
injection'."
https://www.autoblog.com/2023/04/18/
vehicle-headlight-can-bus-injection-theft-method-update,
2023.
[Online; accessed 26-July-2024].
Physical Layer Specifications and Management Parameters for 10 Mb/s Operation and Associated Power Delivery over a Single Balanced Pair of Conductors
"IEEE Standard for Ethernet -Amendment 5: Physical Layer Specifications and Management Parameters for 10 Mb/s Operation and Associated
Power Delivery over a Single Balanced Pair of Conductors," IEEE Std
802.3cg-2019 (Amendment to IEEE Std 802.3-2018 as amended by IEEE
Std 802.3cb-2018, IEEE Std 802.3bt-2018, IEEE Std 802.3cd-2018, and
IEEE Std 802.3cn-2019), pp. 1-256, 2020.
IEEE Standard for Local and metropolitan area networks-Media Access Control (MAC) Security
"IEEE Standard for Local and metropolitan area networks-Media Access
Control (MAC) Security," IEEE Std 802.1AE-2018 (Revision of IEEE
Std 802.1AE-2006), pp. 1-239, 2018.
Crypto++ 5.6.0 benchmarks
- W Dai
W. Dai, "Crypto++ 5.6.0 benchmarks." https://www.cryptopp.com/
benchmarks.html, Mar 2009.
Constructing digital signatures from a one way function
- L Lamport
L. Lamport, "Constructing digital signatures from a one way function,"
SRI International, CSL-98, 1979.
The 10 Mbit/s Domain and the Software-Defined Vehicle (SDV)
- P Decker
P. Decker, "The 10 Mbit/s Domain and the Software-Defined
Vehicle
(SDV)."
https://cdn.vector.com/cms/content/know-how/
technical-articles/CAN 10Mbits Domain AutomobilElektronik