Skip to main content
SpringerLink
Log in

LaaCan: A Lightweight Authentication Architecture for Vehicle Controller Area Network

  • Conference paper
  • First Online:
Security and Privacy in Communication Networks (SecureComm 2020)

Abstract

Vehicle manufacturers are installing a large number of Electronic Control Units (ECU) inside vehicles. ECUs communicate among themselves via a Controller Area Network (CAN) to ensure better user experience and safety. CAN is considered as a de facto standard for efficient communication of an embedded control system network. However, it does not have sufficient built-in security features. The major challenges of securing CAN are that the hardware of the ECUs have limited computational power and the size of a CAN message is small. In this paper, a lightweight security solution, LaaCan is designed to secure CAN communication by adopting the Authenticated Encryption with Associated Data (AEAD) approach. The architecture ensures confidentiality, integrity, and authenticity of data transmission. The experimental results show that the delay of LaaCan can be reduced depending on hardware configurations. We consider it lightweight since it adds a low overhead regardless of performing encryption and authentication. We evaluate LaaCan using four metrics: communication overhead, network traffic load, cost of deployment, and compatibility with CAN specification. The evaluation results show that the proposed architecture keeps the network traffic unchanged, has low deployment cost, and is highly compatible with the specification of the protocol.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    Compatibility indicates the degree of change required in standard CAN protocol and it is a subjective metric.

References

  1. AUTOSAR - enabling innovation. https://www.autosar.org/. Accessed 12 Apr 2020

  2. Iso 11898–1:2003 - road vehicles - Controller Area Network (CAN) - part 1: Data link layer and physical signalling. https://www.iso.org/standard/33422.html. Accessed 12 Apr 2020

  3. What is AUTOSAR and why is it important. https://www.fpt-software.com/automotive-tech-blog/what-is-autosar-and-why-is-it-important/. Accessed 12 Apr 2020

  4. AbdAllah, E.G., Zulkernine, M., Gu, Y.X., Liem, C.: Towards defending connected vehicles against attacks. In: Proceedings of the Fifth European Conference on the Engineering of Computer-Based Systems, pp. 1–9 (2017)

    Google Scholar 

  5. Alam, M.S.U., Iqbal, S., Zulkernine, M., Liem, C.: Securing vehicle ECU communications and stored data. In: ICC 2019–2019 IEEE International Conference on Communications (ICC), pp. 1–6. IEEE (2019)

    Google Scholar 

  6. AUTOSAR: Specification of secure onboard communication. https://www.autosar.org/fileadmin/user_upload/standards/classic/4-3/AUTOSAR_SWS_SecureOnboardCommunication.pdf

  7. Avatefipour, O., Malik, H.: State-of-the-art survey on in-vehicle network communication (CAN-Bus) security and vulnerabilities. Int. J. Comput. Sci. Netw. 6 (2017)

    Google Scholar 

  8. Bella, G., Biondi, P., Costantino, G., Matteucci, I.: Toucan: a protocol to secure controller area network (CAN). In: Proceedings of the ACM Workshop on Automotive Cybersecurity. AutoSec 2019, pp. 3–8. ACM, New York (2019)

    Google Scholar 

  9. Biham, E., Bitan, S., Gavril, E.: TCAN: authentication without cryptography on a CAN bus based on nodes location on the bus. In: 2018 Embedded Security in Cars, November 2018

    Google Scholar 

  10. Bittl, S.: Attack potential and efficient security enhancement of automotive bus networks using short macs with rapid key change. In: Sikora, A., Berbineau, M., Vinel, A., Jonsson, M., Pirovano, A., Aguado, M. (eds.) Communication Technologies for Vehicles. Nets4Cars/Nets4Trains/Nets4Aircraft 2014. LNCS, vol. 8435, pp. 113–125. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-06644-8_11

    Chapter  Google Scholar 

  11. Boldt, B.: Automotive security in a CAN. https://www.electronicdesign.com/markets/automotive/article/21805532/automotive-security-in-a-can. Accessed 07 May 2020

  12. Buttigieg, R., Farrugia, M., Meli, C.: Security issues in controller area networks in automobiles. In: 2017 18th International Conference on Sciences and Techniques of Automatic Control and Computer Engineering (STA), pp. 93–98, December 2017

    Google Scholar 

  13. De Santis, F., Schauer, A., Sigl, G.: ChaCha20-Poly1305 authenticated encryption for high-speed embedded IoT applications. In: Design, Automation Test in Europe Conference Exhibition (DATE), 2017, pp. 692–697, March 2017

    Google Scholar 

  14. Farag, W.A.: Cantrack: enhancing automotive CAN bus security using intuitive encryption algorithms. In: 2017 7th International Conference on Modeling, Simulation, and Applied Optimization (ICMSAO), pp. 1–5. IEEE (2017)

    Google Scholar 

  15. Groza, B., Murvay, S., van Herrewege, A., Verbauwhede, I.: LiBrA-CAN: a lightweight broadcast authentication protocol for controller area networks. In: Pieprzyk, J., Sadeghi, A.-R., Manulis, M. (eds.) CANS 2012. LNCS, vol. 7712, pp. 185–200. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-35404-5_15

    Chapter  Google Scholar 

  16. Hu, Q., Luo, F.: Review of secure communication approaches for in-vehicle network. Int. J. Automot. Technol. 19(5), 879–894 (2018)

    Article  Google Scholar 

  17. SAE International: Serial control and communications heavy duty vehicle network (2019)

    Google Scholar 

  18. Keller, J.: Best third-party Carplay apps. https://www.imore.com/best-third-party-carplay-apps (2018). Accessed 24 Dec 2019

  19. Lin, C., Sangiovanni-Vincentelli, A.: Cyber-security for the controller area network (CAN) communication protocol. In: 2012 International Conference on Cyber Security, pp. 1–7, December 2012

    Google Scholar 

  20. Mouha, N., Mennink, B., Van Herrewege, A., Watanabe, D., Preneel, B., Verbauwhede, I.: Chaskey: an efficient MAC algorithm for 32-bit microcontrollers. In: Joux, A., Youssef, A. (eds.) SAC 2014. LNCS, vol. 8781, pp. 306–323. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-13051-4_19

    Chapter  Google Scholar 

  21. Moukahal, L., Zulkernine, M.: Security vulnerability metrics for connected vehicles. In: 2019 IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C), pp. 17–23. IEEE (2019)

    Google Scholar 

  22. Mundhenk, P., et al.: Security in automotive networks: lightweight authentication and authorization. ACM Trans. Des. Autom. Electron. Syst. (TODAES) 22(2), 25 (2017)

    Google Scholar 

  23. NG, C.: What is data integrity and how can you maintain it? https://www.varonis.com/blog/data-integrity/. Accessed 07 May 2020

  24. Nir, Y.: ChaCha20 and poly1305 for IETF protocols. https://tools.ietf.org/html/rfc7539

  25. R. Kurachi, Y. Matsubara, H.T.N.A.Y.M., Horihata, S.: CaCAN - centralized authentication system in CAN. In: 2014 Embedded Security in Cars, November 2014

    Google Scholar 

  26. Radu, A.-I., Garcia, F.D.: LeiA: a lightweight authentication protocol for CAN. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9879, pp. 283–300. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45741-3_15

    Chapter  Google Scholar 

  27. Silva, N.B., Pigatto, D.F., Martins, P.S., Branco, K.R.: Case studies of performance evaluation of cryptographic algorithms for an embedded system and a general purpose computer. J. Netw. Comput. Appl. 60, 130–143 (2016)

    Article  Google Scholar 

  28. Studio, S.: CAN-Bus shield v2.0. http://wiki.seeedstudio.com/CAN-BUS_Shield_V2.0/

  29. Sun, J., Iqbal, S., Seifollahpour Arabi, N., Zulkernine, M.: A classification of attacks to in-vehicle components (IVCs). Veh. Commun. 25, 100253 (2020)

    Google Scholar 

  30. Ujiie, Y., et al.: A method for disabling malicious can messages by using a centralized monitoring and interceptor ECU. In: 2015 Embedded Security in Cars (2015)

    Google Scholar 

  31. Van Herrewege, A., Singelee, D., Verbauwhede, I.: CANAuth-a simple, backward compatible broadcast authentication protocol for CAN bus. In: ECRYPT Workshop on Lightweight Cryptography, vol. 2011 (2011)

    Google Scholar 

  32. Wang, Q., Sawhney, S.: VeCure: a practical security framework to protect the CAN bus of vehicles. In: 2014 International Conference on the Internet of Things (IOT), pp. 13–18. IEEE (2014)

    Google Scholar 

  33. Woo, S., Jo, H.J., Lee, D.H.: A practical wireless attack on the connected car and security protocol for in-vehicle CAN. IEEE Trans. Intell. Transp. Syst. 16(2), 993–1006 (2015)

    Google Scholar 

  34. Yang, J., et al.: Data management for automotive ECUs based on hybrid RAM-NVM main memory. In: 2016 13th International Conference on Embedded Software and Systems (ICESS), pp. 74–79 (2016)

    Google Scholar 

  35. Ziermann, T., Wildermann, S., Teich, J.: CAN+: a new backward-compatible controller area network (CAN) protocol with up to 16x higher data rates. In: Proceedings of the Conference on Design, Automation and Test in Europe, pp. 1088–1093. European Design and Automation Association (2009)

    Google Scholar 

Download references

Acknowledgments

This work is partially supported by the Natural Sciences and Engineering Research Council of Canada (NSERC) and the Canada Research Chairs (CRC) program. The authors would also like to thank Farnood Faghihi for reviewing the paper.

Author information

Authors and Affiliations

  1. Queen’s Reliable Software Technology (QRST) Lab, School of Computing, Queen’s University, Kingston, ON, Canada

    Syed Akib Anwar Hridoy & Mohammad Zulkernine

Authors
  1. Syed Akib Anwar Hridoy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mohammad Zulkernine
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Syed Akib Anwar Hridoy .

Editor information

Editors and Affiliations

  1. Yonsei University, Seoul, Korea (Republic of)

    Noseong Park

  2. George Mason University, Fairfax, VA, USA

    Kun Sun

  3. Dipartimento di Informatica, Universita degli Studi, Milan, Milano, Italy

    Sara Foresti

  4. University of Florida, Gainesville, FL, USA

    Kevin Butler

  5. Division of Nephrology, University of Alabama, Birmingham, AL, USA

    Nitesh Saxena

Rights and permissions

Reprints and permissions

Copyright information

© 2020 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Hridoy, S.A.A., Zulkernine, M. (2020). LaaCan: A Lightweight Authentication Architecture for Vehicle Controller Area Network. In: Park, N., Sun, K., Foresti, S., Butler, K., Saxena, N. (eds) Security and Privacy in Communication Networks. SecureComm 2020. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 336. Springer, Cham. https://doi.org/10.1007/978-3-030-63095-9_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-63095-9_12

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-63094-2

  • Online ISBN: 978-3-030-63095-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation