应用于CAN总线的广播认证系统

doi:10.13190/j.jbupt.2015.04.006

北京邮电大学学报 ›› 2015, Vol. 38 ›› Issue (4): 24-28.doi: 10.13190/j.jbupt.2015.04.006

应用于CAN总线的广播认证系统

王剑, 张子键, 袁坚

清华大学电子工程系, 北京 100084

收稿日期:2015-03-23 出版日期:2015-08-28 发布日期:2015-08-28
作者简介:张子键(1989-),男,硕士生,E-mail:zj-zhang12@mails.tsinghua.edu.cn;王剑(1975-),男,副教授,博士生导师.
基金资助:
国家自然科学基金项目(61371079)

A Broadcast Authentication System Applied in Controller Area Network

WANG Jian, ZHANG Zi-jian, YUAN Jian

Department of Electronic Engineering, Tsinghua University, 100084, China

Received:2015-03-23 Online:2015-08-28 Published:2015-08-28

摘要/Abstract

摘要：

车联网的发展要求车内网安全可靠,控制器局域网是车内网最常用的通信协议.为增强控制器局域网总线的安全,提出一种适用于控制器局域网总线通信特点的广播认证算法,并描述了认证系统的结构.该算法采用序列加密的方式在所有电子控制单元中建立起相同的消息认证码列表,数据帧发送者只需要将相应的消息认证码序列插入数据域,其他电子控制单元会在接收到数据帧后将其中的消息认证码序列与消息认证码表中的消息认证码序列进行比较.最后分析了算法的安全性能、漏检率、延时和总线开销.

关键词: 车联网, 控制器局域网, 广播认证

Abstract:

The development of vehicular Ad hoc networks (VANETs) require a secure in-vehicle network. Controller area network (CAN) is a popular protocol applied in in-vehicle network. In order to enhance CAN bus security, abroadcast authentication algorithm, which establishesthe samemessage authentication code(MAC) list among all the electronic control unit (ECUs) with stream ciphers, was proposed. The senderjust needs to attach a MAC sequence to the data frame and the receiver compares the received MAC sequence with the corresponding one in the established list. This algorithm can be adapt to the characteristic ofthe CAN bus communication. The structure of the authentication system was described in detail. Finally,the security and delay performance was analyzed. The probability of miss and the bus overhead was provided.

Key words: vehicular Ad hoc networks, controller area network, broadcast authentication

中图分类号:

TN911.22

王剑, 张子键, 袁坚. 应用于CAN总线的广播认证系统[J]. 北京邮电大学学报, 2015, 38(4): 24-28.

WANG Jian, ZHANG Zi-jian, YUAN Jian. A Broadcast Authentication System Applied in Controller Area Network[J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2015, 38(4): 24-28.

参考文献

[1] Koscher K, Czeskis A, Roesner F, et al. Experimental security analysis of a modern automobile[C]//IEEE Symposium. Security and Privacy (SP). Oakland: IEEE, 2010: 447-462.

[2] Ishtiaq R R M, Mustafaa H, Travis T S O, et al. Security and privacy vulnerabilities of in-car wireless networks: a tire pressure monitoring system case study[C]//19^th USENIX Security Symposium. Washington DC: USENIX, 2010: 11-13.

[3] Checkoway S, Mccoy D, Kantor B, et al. Comprehensive experimental analyses of automotive attack surfaces[C]//20^th USENIX Security Symposium. San Francisco: USENIX, 2011: 1-16.

[4] Kammerer R, Fromel B, Wasicek A. Enhancing security in CAN systems using a star coupling router[C]//7^th IEEE International Symposium. Industrial Embedded Systems(SIES). Karlsruhe: IEEE, 2012: 237-246.

[5] Nilsson D K, Larson U E, Jonsson E. Efficient in-vehicle delayed data authentication based on compound message authentication codes[C]//Vehicular Technology Conference. VTC 2008-Fall. Calgary: IEEE, 2008: 1-5.

[6] Oguma H, Yoshioka A, Nishikawa M, et al. New attestation based security architecture for in-vehicle communication[C]//Global Telecommunications Conference. IEEE GLOBECOM 2008. New Orleans: IEEE, 2008: 1-6.

[7] Han K, Divya P S, Shin K G. On authentication in a connected vehicle: secure integration of mobile devices with vehicular networks[C]//2013 ACM/IEEE International Conference. Cyber-Physical Systems(ICCPS). Philadelphia: IEEE, 2013: 160-169.

[8] Hazem A, Fahmy H A H. LCAP-a lightweight CAN authentication protocol for securing in-vehicle networks[C]//10^th Escar Embedded Security in Cars Conference. Berlin: Escar, 2012: 1-10.

[9] Robert B G. Version 2.0-1991. CAN specification[S]. Stuttgart: Bosch, 1991: 1-73.

[10] Lin C W, Sangiovanni-Vincentelli A. Cyber-security for the controller area network(CAN) communication protocol[C]//2012 International Conference. Cyber Security(CyberSecurity). Washington DC: IEEE, 2012: 1-7.

[1]	张佳敏帅莉莎董高雅阳小龙. 面向道路实况的车联网共享消息可信评估模型[J]. 北京邮电大学学报, 2023, 46(4): 40-45.
[2]	彭维平王戈宋成阎俊豪. 面向高移动性车联网场景的预测卸载决策算法[J]. 北京邮电大学学报, 2023, 46(2): 43-49.
[3]	刘琨王圆洁申自浩王辉刘沛骞. 结合区块链的车联网隐私保护可信预测缓存架构[J]. 北京邮电大学学报, 2022, 45(6): 145-150.
[4]	彭维平, 韩宁, 宋成. 边缘计算环境下无证书车联网身份认证方案[J]. 北京邮电大学学报, 2022, 45(1): 46-51.
[5]	吕昕晨, 张晨宇. 面向车联网自动驾驶的边缘智能多源数据处理[J]. 北京邮电大学学报, 2021, 44(2): 102-108.
[6]	皇甫伟, 杨心竹, 王欢, 胡晓彦. 基于出租车轨迹数据的车联网通信机会间隔模型[J]. 北京邮电大学学报, 2019, 42(3): 91-97.
[7]	吴振铨, 叶东东, 余荣, 周文辉, 何昭水. 车联网中基于停车协同的边缘计算卸载方法[J]. 北京邮电大学学报, 2019, 42(2): 108-113.
[8]	肖剑, 李文江, 耿洪杨, 翟英博. 车联网中可抵抗DoS攻击的RFID安全认证协议[J]. 北京邮电大学学报, 2019, 42(2): 114-119.
[9]	彭维平, 苏哲, 宋成, 贾宗璞. 面向车联网实时应用场景的任务卸载决策算法[J]. 北京邮电大学学报, 2018, 41(4): 44-50.
[10]	刘宴兵, 宋秀丽, 肖永刚. 车联网认证机制和信任模型[J]. 北京邮电大学学报, 2017, 40(3): 1-18.
[11]	侯蓉晖, 郭素霞. 车联网场景中时延受限内容传输方案[J]. 北京邮电大学学报, 2017, 40(3): 85-90.
[12]	黄晓敏, 汪洋, 张继良, 张乃通. 车联网无线链路传输数据业务性能评估[J]. 北京邮电大学学报, 2014, 37(s1): 66-71.
[13]	李静林, 刘志晗, 杨放春. 车联网体系结构及其关键技术[J]. 北京邮电大学学报, 2014, 37(6): 95-100.
[14]	黄海平谭志刚王汝传秦小麟陈九天. 采用投票机制的移动传感节点广播认证方案[J]. 北京邮电大学学报, 2013, 36(1): 110-114.

应用于CAN总线的广播认证系统

A Broadcast Authentication System Applied in Controller Area Network

RichHTML

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 14

编辑推荐

Metrics

本文评价