Securing in-vehicle communications through post-quantum cryptography and network segmentation

Modern vehicles rely on Electronic Control Units (ECUs) communicating via in-vehicle networks, where the Controller Area Network (CAN) protocol is the industry standard. Although CAN is efficient and robust, it lacks essential security features such as authentication, confidentiality, and integrity, leaving it vulnerable to cyberattacks. These vulnerabilities are amplified by the rise of quantum computing, which threatens traditional cryptographic methods and increases the need for more resilient security mechanisms for vehicles. This paper proposes a segmented-based CAN model that integrates Post-Quantum Cryptography. It uses the CRYSTALS-Kyber algorithm for secure session key sharing and lightweight symmetric encryption to protect CAN messages in real-time. Experimental evaluation in a simulated automotive environment shows that the model adds negligible latency and network load. The findings confirm that quantum-resistant security can be achieved without compromising the performance or reliability of existing CAN-based systems, offering a scalable and future-proof solution for automotive cybersecurity.