Skip to main content

QuantumCharge: Post-Quantum Cryptography for Electric Vehicle Charging

  • Conference paper
  • First Online:
Applied Cryptography and Network Security (ACNS 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13906))

Included in the following conference series:

Abstract

ISO 15118 enables charging and billing of Electric Vehicles (EVs) without user interaction by using locally installed cryptographic credentials that must be secure over the long lifetime of vehicles. In the dawn of quantum computers, Post-Quantum Cryptography (PQC) needs to be integrated into the EV charging infrastructure. In this paper, we propose QuantumCharge, a PQC extension for ISO 15118, which includes concepts for migration, crypto-agility, verifiable security, and the use of PQC-enabled hardware security modules. Our prototypical implementation and the practical evaluation demonstrate the feasibility, and our formal analysis shows the security of QuantumCharge, which thus paves the way for secure EV charging infrastructures of the future.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    Note regarding notation: in the key pair \(\{X_{pk};X_{sk}\}\) we use \(X_{pk}\) to denote the public part of the key pair and \(X_{sk}\) for the secret part of the key pair.

  2. 2.

    The encryption is done symmetrically using Advanced Encryption Standard (AES) for which a symmetric session key is generated with an ephemeral-static ECDH key exchange using \(PC_{pk}\) as the static part on the eMSP’s side (and \(PC_{sk}\) as the static part on the EV’s side).

  3. 3.

    In addition, XMSS and LMS require the selection of parameters that define the maximum number of signatures per public-private key pair. These parameters can be chosen large enough to support the total number of expected charging operations during the lifetime of a vehicle. Given a maximum lifespan of 35 years for an electric vehicle and at most two charging operations per day, a maximum of \(2^{20}\) signatures would provide a significant margin. Nevertheless, procedures for re-keying must be put in place when using XMSS and LMS for this application.

  4. 4.

    Arm Cortex-A53 platforms are increasingly used in more powerful automotive Electronic Control Units (ECUs), e.g., see Renesas product range [57].

  5. 5.

    While ISO 15118 allows an EV to confirm meter values via a signature (called meter receipt), using this signature for billing purposes is subject to local regulation [36].

  6. 6.

    Since PQC for TLS is addressed in other work (see Sect. 1), we omit the details on TLS in the following and discuss only the application layer of ISO 15118. In our current design, the choice of algorithms is done independently for TLS and application layer but could also easily be coordinated.

  7. 7.

    Note regarding notation: in Fig. 2 and Fig. 3 we use Validate\(_{Cert_{Root}}\)(\(Cert_{Chain}\)) to denote the validation of the certificate chain \(Cert_{Chain}\) based on the root certificate \(Cert_{Root}\) using the default certificate chain validation algorithm from [19].

  8. 8.

    Note regarding notation: in Fig. 2 and Fig. 3 we use Sig = Sign\(_{X_{sk}}\)(Data) to denote the generation of a cryptographic signature Sig over Data using the private key \(X_{sk}\). We use Vrfy\(_{X_{pk}}\)(Data, Sig) to denote the corresponding signature verification with the public key \(X_{pk}\). Additionally, we use \(X_{Cert}.pk\) to denote the extraction of a public key from a certificate.

  9. 9.

    https://code.fbi.h-da.de/seacop/quantumcharge-source

  10. 10.

    Message size totals are slightly larger than the sum of element sizes since totals represent the size of EXI-encoded XML messages (as sent between EV and CP) and since element sizes that are independent of the algorithm are omitted for simplicity.

References

  1. Acharya, S., Dvorkin, Y., Karri, R.: Public plug-in electric vehicles+ grid data: Is a new cyberattack vector viable? IEEE Trans. Smart Grid 11(6), 5099–5113 (2020)

    Article  Google Scholar 

  2. Alnahawi, N., Schmitt, N., Wiesmaier, A., Heinemann, A., Graßmeyer, T.: On the State of Crypto Agility. In: Tagungsband zum 18. Deutschen IT-Sicherheitskongress, vol. 18, pp. 103–126. German Federal Office for Information Security (BSI) (2022)

    Google Scholar 

  3. Alnahawi, N., et al.: On the state of post-quantum cryptography migration. In: INFORMATIK 2021, pp. 907–941. Gesellschaft für Informatik, Bonn (2021)

    Google Scholar 

  4. Arm: a starter’s guide to arm processing power in automotive (2018). https://community.arm.com/arm-community-blogs/b/embedded-blog/posts/a-starters-guide-to-arm-processing-power-in-automotive

  5. Atkins, D.: Requirements for Post-Quantum Cryptography on Embedded Devices in the IoT (2021)

  6. Aumasson, J.P., et al.: SPHINCS+ Submission to the NIST post-quantum project, v.3 (2020)

  7. Bai, S., et al.: CRYSTALS-Dilithium - Algorithm Specifications and Supporting Documentation (2021)

  8. Bao, K., Valev, H., Wagner, M., Schmeck, H.: A threat analysis of the vehicle-to-grid charging protocol ISO 15118. Comput. Sci.-Res. Develop. 33(1–2), 3–12 (2018)

    Article  Google Scholar 

  9. Barker, W., Polk, W., Souppaya, M.: Getting ready for post-quantum cryptography: explore challenges associated with adoption and use of post-quantum cryptographic algorithms. Tech. rep., NIST Publications (2020). https://doi.org/10.6028/NIST.CSWP.05262020-draft

  10. Bartel, M., Boyer, J., Fox, B., LaMacchia, B., Simon, E.: Signature Syntax and Processing Version 1.1. W3C recommendation, World Wide Web Consortium (W3C) (2013)

  11. Basin, D., Sasse, R., Toro-Pozo, J.: Card brand mixup attack: bypassing the \(\{\)PIN\(\}\) in \(\{\)non-Visa\(\}\) cards by using them for visa transactions. In: 30th USENIX Security Symposium (USENIX Security 21), pp. 179–194 (2021)

    Google Scholar 

  12. Basu, K., Soni, D., Nabeel, M., Karri, R.: Post-Quantum Cryptography - A Hardware Evaluation Study. Cryptology ePrint Archive, Report 2019/047 (2019)

  13. Bindel, N., McCarthy, S., Rahbari, H., Twardokus, G.: Suitability of 3rd Round Signature Candidates for Vehicle-to-Vehicle Communication – Extended Abstract. 3rd PQC standardization conference, NIST (2021)

  14. Bos, J., et al.: CRYSTALS – Kyber: A CCA-Secure Module-Lattice-Based KEM. In: 2018 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 353–367 (2018)

  15. Bova, F., Goldfarb, A., Melko, R.G.: Commercial applications of quantum computing. EPJ Quantum Technol. 8(1), 2(2021)

  16. Bürstinghaus-Steinbach, K., Krauß, C., Niederhagen, R., Schneider, M.: Post-Quantum TLS on Embedded Systems: Integrating and Evaluating Kyber and SPHINCS+ with Mbed TLS. In: ACM Asia Conference on Computer and Communications Security, pp. 841–852. ASIA CCS 2020, ACM (2020)

  17. Campos, F., Meyer, M., Sanwald, S., Stöttinger, M., Wang, Y.: cryptography for ECU security use cases. In: 17\(^{th}\) escar Europe: embedded security in cars (conference proceedings). Ruhr-Universität Bochum (2019)

  18. Chang, Y.A., Chen, M.S., Wu, J.S., Yang, B.Y.: SSL/TLS for Embedded Systems. In: IEEE Conference on Service-Oriented Computing and Applications, pp. 266-270. IEEE (2014)

  19. Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., Polk, T.: Internet x.509 public key infrastructure certificate and certificate revocation list (CRL) profile. RFC 5280, RFC Editor (5 2008). http://www.rfc-editor.org/rfc/rfc5280.txt

  20. Crockett, E., Paquin, C., Stebila, D.: post-quantum and hybrid key exchange and authentication in TLS and SSH. Cryptology ePrint Archive, Report 2019/858 (2019)

  21. Dang, V.B., Farahmand, F., Andrzejczak, M., Mohajerani, K., Nguyen, D.T., Gaj, K.: Implementation and Benchmarking of Round 2 Candidates in the NIST Post-Quantum Cryptography Standardization Process Using Hardware and Software/Hardware Co-design Approaches. Cryptology ePrint Archive, Report 2020/795 (2020)

  22. Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)

  23. European Telecommunications Standards Institute (ETSI): Migration strategies and recommendations to quantum safe schemes. TR 103 619 V1.1.1 (2020)

    Google Scholar 

  24. Fouque, P.A., et al.: Fast-Fourier Lattice-based Compact Signatures over NTRU Specification v1.2 (2020)

  25. Fritzmann, T., Vith, J., Sepúlveda, J.: Post-Quantum Security for Automotive Systems. In: Euromicro Conference on Digital System Design (DSD), pp. 570-576 (2020)

  26. Fuchs, A., Kern, D., Krauß, C., Zhdanova, M.: HIP: HSM-Based Identities for Plug-and-Charge. In: Conference on Availability, Reliability and Security. ARES 2020, ACM (2020)

  27. Fuchs, A., Kern, D., Krauß, C., Zhdanova, M.: TrustEV: Trustworthy Electric Vehicle Charging and Billing. In: ACM/SIGAPP Symposium on Applied Computing SAC 2020. ACM (2020)

  28. Fuchs, A., Kern, D., Krauß, C., Zhdanova, M., Heddergott, R.: HIP-20: Integration of Vehicle-HSM-Generated Credentials into Plug-and-Charge Infrastructure. In: Computer Science in Cars Symposium. CSCS 2020, ACM (2020)

  29. Gazdag, S.L., Grundner-Culemann, S., Guggemos, T., Heider, T., Loebenberger, D.: A formal analysis of ikev2’s post-quantum extension. In: Annual Computer Security Applications Conference, pp. 91–105. ACSAC 2021, Association for Computing Machinery, New York, NY, USA (2021). https://doi.org/10.1145/3485832.3485885

  30. Gupta, D.S., Ray, S., Singh, T., Kumari, M.: Post-quantum lightweight identity-based two-party authenticated key exchange protocol for Internet of Vehicles with probable security. Computer Communications 181, 69–79 (2022)

  31. Hülsing, A., Rijneveld, J., Schwabe, P.: ARMed SPHINCS. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016. LNCS, vol. 9614, pp. 446–470. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49384-7_17

    Chapter  Google Scholar 

  32. Hülsing, A., Butin, D., Gazdag, S.L., Rijneveld, J., Mohaisen, A.: XMSS: eXtended Merkle Signature Scheme. RFC 8391 (2018)

  33. Hülsing, A., Ning, K.C., Schwabe, P., Weber, F., Zimmermann, P.R.: Post-quantum WireGuard. In: IEEE Symposium on Security and Privacy, pp. 304–321 (2021)

  34. International Telecommunication Union: Information technology-ASN.1 encoding rules: Specification of basic encoding rules (BER), canonical encoding rules (CER) and distinguished encoding rules (DER). ITU-T recommendation X.690 (2021)

    Google Scholar 

  35. ISO/IEC: Road vehicles - vehicle to grid communication interface - part 1: General information and use-case definition. ISO 15118–1:2013, ISO (2013)

    Google Scholar 

  36. ISO/IEC: Road vehicles - vehicle-to-grid communication interface - part 2: Network and application protocol requirements. ISO 15118–2:2014, ISO (2014)

    Google Scholar 

  37. ISO/IEC: Road vehicles - vehicle to grid communication interface - part 20: 2nd generation network and application protocol requirements. ISO 15118–20:2022, ISO (2022)

    Google Scholar 

  38. Kannwischer, M.J., Rijneveld, J., Schwabe, P., Stoffelen, K.: PQM4: Post-quantum crypto library for the ARM Cortex-M4. https://github.com/mupq/pqm4

  39. Kannwischer, M.J., Rijneveld, J., Schwabe, P., Stoffelen, K.: pqm4: Testing and Benchmarking NIST PQC on ARM Cortex-M4. Cryptology ePrint Archive, Report 2019/844 (2019)

  40. Kern, D., Krauß, C.: Analysis of e-mobility-based threats to power grid resilience. In: Proceedings of the 5th ACM Computer Science in Cars Symposium. CSCS 2021, Association for Computing Machinery, New York, NY, USA (2021). https://doi.org/10.1145/3488904.3493385. https://doi.org/10.1145/3488904.3493385

  41. Kern, D., Lauser, T., Krauß, C.: Integrating privacy into the electric vehicle charging architecture. Proceed. Priv. Enhan. Technol. 3, 140–158 (2022)

    Google Scholar 

  42. Lowe, G.: A hierarchy of authentication specifications. In: Computer Security Foundations Workshop, pp. 31–43. IEEE (1997)

  43. Macaulay, T., Henderson, R.: Cryptographic Agility in Practice: Emerging Use-Cases. Infosec Global (2019)

  44. Malina, L., Ricci, S., Dzurenda, P., Smekal, D., Hajny, J., Gerlich, T.: Towards practical deployment of post-quantum cryptography on constrained platforms and hardware-accelerated platforms. In: Simion, E., Géraud-Stewart, R. (eds.) SecITC 2019. LNCS, vol. 12001, pp. 109–124. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-41025-4_8

    Chapter  Google Scholar 

  45. Mathilde, R., Aymeric, G., Yolan, R.: PQ-WireGuard: we did it again. https://csrc.nist.gov/CSRC/media/Presentations/pq-wireguard-we-did-it-again/images-media/session-5-raynal-pq-wireguard.pdf (2021)

  46. McGrew, D., Curcio, M., Fluhrer, S.: Leighton-Micali Hash-Based Signatures. RFC 8554 (2019)

  47. Meier, S., Schmidt, B., Cremers, C., Basin, D.: The TAMARIN prover for the symbolic analysis of security protocols. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 696–701. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39799-8_48

    Chapter  Google Scholar 

  48. Mosca, M., Piani, M.: 2021 Quantum Threat Timeline Report. Tech. rep., Global Risk Institute (2022)

  49. NIST: Post-Quantum Cryptography PQC — Selected Algorithms 2022. https://csrc.nist.gov/Projects/post-quantum-cryptography/selected-algorithms-2022

  50. NIST: Project: Post-Quantum Cryptography (2017). https://csrc.nist.gov/Projects/post-quantum-cryptography

  51. OCA: Open Charge Point Protocol 2.0.1 - Part 2 - Specification. Open standard, Open Charge Alliance, Arnhem, Netherlands (3 2020). https://www.openchargealliance.org/protocols/ocpp-201/

  52. Oder, T., Speith, J., Höltgen, K., Güneysu, T.: Towards practical microcontroller implementation of the signature scheme Falcon. In: Ding, J., Steinwandt, R. (eds.) PQCrypto 2019. LNCS, vol. 11505, pp. 65–80. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-25510-7_4

    Chapter  Google Scholar 

  53. Ott, D., Peikert, C., other workshop participants: Identifying Research Challenges in Post Quantum Cryptography Migration and Cryptographic Agility. arXiv preprint arXiv:1909.07353 (2019)

  54. Paquin, C., Stebila, D., Tamvada, G.: Benchmarking Post-Quantum Cryptography in TLS. Cryptology ePrint Archive, Report 2019/1447 (2019)

  55. Paul, S., Scheible, P.: Towards post-quantum security for cyber-physical systems: integrating PQC into industrial M2M communication. In: Chen, L., Li, N., Liang, K., Schneider, S. (eds.) ESORICS 2020. LNCS, vol. 12309, pp. 295–316. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-59013-0_15

    Chapter  Google Scholar 

  56. Ravi, P., Sundar, V.K., Chattopadhyay, A., Bhasin, S., Easwaran, A.: Authentication Protocol for Secure Automotive Systems: Benchmarking Post-Quantum Cryptography. In: 2020 IEEE International Symposium on Circuits and Systems (ISCAS), pp. 1–5 (2020)

  57. Renesas Electronics Corporation: R-Car Automotive System-on-Chips (SoCs) (2022). https://www.renesas.com/us/en/products/automotive-products/automotive-system-chips-socs#parametric_options

  58. Shor, P.W.: Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer. SIAM J. Comput. 26(5), 1484–1509 (1997)

  59. Sikeridis, D., Kampanakis, P., Devetsikiotis, M.: Post-Quantum Authentication in TLS 1.3: A Performance Study. In: Network and Distributed System Security Symposium. Internet Society (2020)

  60. Smith, M., Castellano, J.: Costs Associated With Non-Residential Electric Vehicle Supply Equipment: Factors to consider in the implementation of electric vehicle charging stations. U.S. Department of Energy Vehicle Technologies Office (2015)

  61. Smyslov, V.: Intermediate exchange in the IKEv2 protocol. IETF draft (2021)

    Google Scholar 

  62. Stebila, D., Fluhrer, S., Gueron, S.: Hybrid key exchange in TLS 1.3. IETF draft (2020)

  63. Stebila, D., Mosca, M.: Post-quantum key exchange for the internet and the open quantum safe project. In: Avanzi, R., Heys, H. (eds.) SAC 2016. LNCS, vol. 10532, pp. 14–37. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69453-5_2

    Chapter  Google Scholar 

  64. Texas Instruments: DRA745 – Infotainment Applications Processor (2019). https://www.ti.com/product/DRA745

  65. V2G Clarity: Reference Implementation Supporting the Evolution of the Vehicle-2-Grid communication interface (RISE V2G) (2020). https://github.com/V2GClarity/RISE-V2G

  66. Vector: vSECC – Communication Controller for High Power Charging Stations V2.3 (2022). https://cdn.vector.com/cms/content/products/vSECC/Docs/vSECC_FactSheet_EN.pdf

  67. Wang, W., Stöttinger, M.: Post-Quantum Secure Architectures for Automotive Hardware Secure Modules. Cryptology ePrint Archive, Report 2020/026 (2020)

  68. Wesemeyer, S., Newton, C.J., Treharne, H., Chen, L., Sasse, R., Whitefield, J.: Formal analysis and implementation of a TPM 2.0-based direct anonymous attestation scheme. In: Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, pp. 784–798. ASIA CCS 2020, Association for Computing Machinery, New York, NY, USA (2020). https://doi.org/10.1145/3320269.3372197

  69. Zhdanova, M., Urbansky, J., Hagemeier, A., Zelle, D., Herrmann, I., Höffner, D.: Local power grids at risk – an experimental and simulation-based analysis of attacks on vehicle-to-grid communication. In: Proceedings of the 38th Annual Computer Security Applications Conference, pp. 42–55. ACSAC 2022, Association for Computing Machinery, New York, NY, USA (2022). https://doi.org/10.1145/3564625.3568136

Download references

Acknowledgements

This research work has been partly funded by the German Federal Ministry of Education and Research and the Hessian State Ministry for Higher Education, Research and the Arts within their joint support of the National Research Center for Applied Cyber-Security ATHENE and through the Taiwan Ministry of Science and Technology grant 109-2222-E-001-001-MY3.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Dustin Kern .

Editor information

Editors and Affiliations

A Appendix

A Appendix

1.1 A.1 Tamarin Lemma for \(RS_{7}\)

In Listing A.1, we give the Tamarin lemma for injective agreement under secure algorithms for the CPS. The Commit_CPS_Install event in Line 3 denotes that the CPS accepted a credential installation request by the client (identified by its PCID). The CPS sends accepted requests to the eMSP who generates the client’s certificate, including the client’s public key cc_pub, and sent back to the CPS. The CPS signs the response and sends it to the client (cf. Step 5 to 7 in Fig. 3). We require that for all such commit events, there is a corresponding event Running_EV_Install, denoting that the EV identified by PCID previously sent a certificate installation request (cf. Step 5 in Fig. 3) for the public contract credential key cc_pub (Line 4 to 6). In addition, there must not be an additional commit event for the same public key cc_pub by any certificate provisioning service (Lines 7-9). This ensures that the Running_EV_Install event corresponds to a unique Commit_CPS_Install event, i.e., that no replay attacks are possible. We only require this property to hold if all algorithms used by the involved parties either remain secure during the entire transaction or have been revoked by the CPS before completing the transaction (Lines 10-14). This includes the algorithm used for the provisioning certificate of the EV, as well as the signature testifying its validity, the algorithm used for the contract credentials (cc_pub), and the algorithm used by the CPS’s certificate chain. Note that the CPS will abort the transaction if it uses revoked algorithms. We model the insecurity of an algorithm the same way as the corruption of an entity, that is, the private key of a credential set for this algorithm and entity is given to the attacker, which is denoted by a KeyReveal event.

figure a

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kern, D., Krauß, C., Lauser, T., Alnahawi, N., Wiesmaier, A., Niederhagen, R. (2023). QuantumCharge: Post-Quantum Cryptography for Electric Vehicle Charging. In: Tibouchi, M., Wang, X. (eds) Applied Cryptography and Network Security. ACNS 2023. Lecture Notes in Computer Science, vol 13906. Springer, Cham. https://doi.org/10.1007/978-3-031-33491-7_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-33491-7_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-33490-0

  • Online ISBN: 978-3-031-33491-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics