The continuous search for network connections outside vehicles has increased the surface of cyber-attacks. Indeed, the automotive companies seem to have neglected the protocols of the networks connecting the various electronic components used in any vehicles. The Controller Area Network (CAN), a protocol designed to minimize latency and transmission errors, governs the internal network of vehicles. One of its main features is to use small frames and to transfer the information unencrypted. This last feature, in particular, makes possible attacks in which an attacker can take remote control of the vehicle by inserting a malicious or manipulated message on the communication channel. The design choices made in the first draft of the standard are, however, what has determined the success of this protocol. The confidentiality of the messages exchanged within this network is nevertheless a goal attainable at a higher level: the study of the structure of the transmitted frames shows how it is possible to hide the critical information passing on the communication channel, that is the bits that identify the units responsible for processing a message and the information carried. Such a solution avoids the possibility of large-scale attacks when a pseudo-random factor is introduced into the encryption: with the same message corresponding to two different encodings on two different vehicles, the breaking of the scheme takes place only after appropriate cryptographic analyses. In this article, we want to introduce an encryption approach of the messages exchanged on CAN-Bus through the technique of randomization. As can be seen from the experimental results obtained, this method seems to have a good response in terms of both efficiency and effectiveness.
Enforcement Cybersecurity Techniques: A Lightweight Encryption over the CAN-Bus
Carratu M.;Pietrosanto A.
2022-01-01
Abstract
The continuous search for network connections outside vehicles has increased the surface of cyber-attacks. Indeed, the automotive companies seem to have neglected the protocols of the networks connecting the various electronic components used in any vehicles. The Controller Area Network (CAN), a protocol designed to minimize latency and transmission errors, governs the internal network of vehicles. One of its main features is to use small frames and to transfer the information unencrypted. This last feature, in particular, makes possible attacks in which an attacker can take remote control of the vehicle by inserting a malicious or manipulated message on the communication channel. The design choices made in the first draft of the standard are, however, what has determined the success of this protocol. The confidentiality of the messages exchanged within this network is nevertheless a goal attainable at a higher level: the study of the structure of the transmitted frames shows how it is possible to hide the critical information passing on the communication channel, that is the bits that identify the units responsible for processing a message and the information carried. Such a solution avoids the possibility of large-scale attacks when a pseudo-random factor is introduced into the encryption: with the same message corresponding to two different encodings on two different vehicles, the breaking of the scheme takes place only after appropriate cryptographic analyses. In this article, we want to introduce an encryption approach of the messages exchanged on CAN-Bus through the technique of randomization. As can be seen from the experimental results obtained, this method seems to have a good response in terms of both efficiency and effectiveness.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.