Skip to main content

Grundlagen

  • 631 Accesses

Zusammenfassung

Die zunehmende Komplexität der elektronischen Systeme im Fahrzeug sowie die Vernetzung mit der Außenwelt erhöhen das Risiko für Fahrzeuge, Ziel von Cyberangriffen zu werden. Automotive Cybersecurity identifiziert diese Risiken und führt Methoden und Maßnahmen ein, um sie zu reduzieren. In diesem Kapitel werden die grundlegenden Fachbegriffe und kryptographische Grundlagen eingeführt. Außerdem werden Bedeutung und Nutzen von Cybersecurity für den Automobilbereich erörtert und die größten Herausforderungen beleuchtet.

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-662-64228-3_1
  • Chapter length: 40 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   54.99
Price excludes VAT (USA)
  • ISBN: 978-3-662-64228-3
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   69.99
Price excludes VAT (USA)
Abb. 1.1
Abb. 1.2
Abb. 1.3
Abb. 1.4
Abb. 1.5
Abb. 1.6
Abb. 1.7
Abb. 1.8
Abb. 1.9

Notes

  1. 1.

    Der Einfachheit halber werden zu Demonstrationszwecken die Alphabete der Klartext- und Ciphertexträume und damit auch der Schlüsselraum auf die 26 lateinischen Großbuchstaben beschränkt.

  2. 2.

    Jeder der n Teilnehmer benötigt zunächst n-1 Schlüssel. Für symmetrische Verfahren wird auf beiden Seiten jedoch der gleiche Schlüssel benötigt, deshalb der Faktor 0,5.

  3. 3.

    An die Zahl g werden bestimmte Anforderungen gestellt, s. math. Grundlagen.

  4. 4.

    Um das höchste Maß an Sicherheit zu erreichen sollte die Zertifikatskette bis zur Root-CA der PKI überprüft werden.

Literatur

  1. Amorim, T., et al. (2017). Systematic pattern approach for safety and security co-engineering in the automotive domain. Lecture Notes in Computer Science, 329–342. https://doi.org/10.1007/978-3-319-66266-4_22.

  2. Avizienis, A., et al. (2004). Basic concepts and taxonomy of dependable and secure computing. IEEE Transactions on Dependable and Secure Computing, 1(1), 11–33. https://doi.org/10.1109/tdsc.2004.2.

    CrossRef  Google Scholar 

  3. Bernstein, D. J., et al. (2013). Factoring RSA keys from certified smart cards: Coppersmith in the wild. International Conference on the Theory and Application of Cryptology and Information Security. Springer.

    Google Scholar 

  4. Bogdanov, A., et al. (2011). Biclique cryptanalysis of the Full AES. Lecture notes in computer science, 344–371. https://doi.org/10.1007/978-3-642-25385-0_19

  5. Bundesamt für Sicherheit in der Informationstechnik. (2021). Technische Richtlinie BSI TR-02102–1 Kryptographische Verfahren: Empfehlungen und Schlüssellängen.

    Google Scholar 

  6. Diffie, W., & Hellman, M. (1976). New directions in cryptography. IEEE Transactions on Information Theory, 22(6), 644–654. https://doi.org/10.1109/tit.1976.1055638

    MathSciNet  CrossRef  MATH  Google Scholar 

  7. European Telecommunications Standards Institute. (2017). TS 102 165–1: CYBER Methods and Protocols. Part 1: Method and Pro Forma for Threat, Vulnerability. Risk Analysis (TVRA). Technical Specification.

    Google Scholar 

  8. Fröschle, S. & Stühring, A. (2017). Analyzing the capabilities of the CAN Attacker. Computer Security – ESORICS 2017, 464–482. https://doi.org/10.1007/978-3-319-66402-6_27

  9. International Electrotechnical Commission. (2003). IEC-60300–3–1: Dependability Management.

    Google Scholar 

  10. ISO. (1989). ISO 7498–2. information processing systems open systems interconnection basic reference model-part 2: Security architecture.

    Google Scholar 

  11. ISO. (2011a). ISO 26262 – Road vehicles – Functional safety, Part 1–10. ISO/TC 22/SC 32 – Electrical and electronic components and general system aspects.

    Google Scholar 

  12. ISO. (2011b). ISO/IEC 27005:2011 – Information technology, security techniques, information security risk management.

    Google Scholar 

  13. ISO. (2020). ISO/SAE DIS 21434 Road Vehicles – Cybersecurity engineering.

    Google Scholar 

  14. Kelsey, J., et al. (1998). Cryptanalytic attacks on pseudorandom number generators. Fast Software Encryption, 168–188. https://doi.org/10.1007/3-540-69710-1_12.

  15. Killmann, W., & Schindler, W. (2011). A proposal for: Functionality classes for random number generators. BSI.

    Google Scholar 

  16. Lee, Y. R., et al. (2004). Multi-party authenticated key agreement protocols from multi-linear forms. Applied Mathematics and Computation, 159(2), 317–331. https://doi.org/10.1016/j.amc.2003.10.018.

    MathSciNet  CrossRef  MATH  Google Scholar 

  17. Miller, C. & Valasek, C. (2015). Remote exploitation of an unaltered passenger vehicle. Black Hat USA.

    Google Scholar 

  18. Mitre – Common Vulnerabilities and Exposures. (2005). MITRE – CVE. http://cve.mitre.org. Zugriffsdatum 2021-06-01.

  19. Moriarty, K., et al. (2016). PKCS# 1: RSA cryptography specifications version 2.2. Internet Engineering Task Force, Request for Comments, 8017.

    Google Scholar 

  20. Nasser, A. M., et al. (2017). An approach for building security resilience in AUTOSAR based safety critical systems. Journal of Cyber Security and Mobility, 6(3), 271–304. https://doi.org/10.13052/jcsm2245-1439.633.

  21. Nguyen, H. N., et al. (2019). Developing a QRNG ECU for automotive security: Experience of testing in the real-world. 2019 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW). Published. https://doi.org/10.1109/icstw.2019.00033.

  22. Nie, S., et al. (2017). Free-fall: Hacking tesla from wireless to can bus. DEFCON. https://www.blackhat.com/docs/us-17/thursday/us-17-Nie-Free-Fall-Hacking-Tesla-From-Wireless-To-CAN-Bus-wp.pdf. Zugriffsdatum 2021-06-01.

  23. Paar, C., Pelzl, J. & Preneel, B. (2010). Understanding cryptography: A textbook for students and practitioners. Springer.

    CrossRef  Google Scholar 

  24. Ruddle, A., et al. (2009). Security requirements for automotive on-board networks based on dark-side scenarios. EVITA Project.

    Google Scholar 

  25. SAE International. (2016). J3061 – Cybersecurity guidebook for cyber-physical vehicle systems.

    Google Scholar 

  26. SAE on-Road Automated Driving Committee. (2016). SAE J3016. Taxonomy and definitions for terms related to driving Automation systems for on-road motor vehicles.

    Google Scholar 

  27. Shannon, C. E. (1949). Communication theory of secrecy systems*. Bell System Technical Journal, 28(4), 656–715. https://doi.org/10.1002/j.1538-7305.1949.tb00928.x.

    MathSciNet  CrossRef  MATH  Google Scholar 

  28. Skoglund, M., et al. (2018). In search of synergies in a multi-concern development lifecycle: Safety and cybersecurity. Developments in Language Theory, 302–313. https://doi.org/10.1007/978-3-319-99229-7_26.

  29. Sommer, F., et al. (2019). Survey and classification of automotive security attacks. Information, 10(4), 148. https://doi.org/10.3390/info10040148

    CrossRef  Google Scholar 

  30. Stevens, M., et al. (2007). Chosen-prefix collisions for MD5 and Colliding X.509 Certificates for different identities. Advances in Cryptology - EUROCRYPT, 2007, 1–22. https://doi.org/10.1007/978-3-540-72540-4_1

    MathSciNet  CrossRef  MATH  Google Scholar 

  31. Stigge, M., et al. (2006). Reversing CRC – Theory and practice. HU Berlin.

    Google Scholar 

  32. Tencent Technology Co. (2018). Experimental security assessment of BMW cars: A summary report. https://keenlab.tencent.com/en/whitepapers/Experimental_Security_Assessment_of_BMW_Cars_by_KeenLab.pdf. Zugriffsdatum 2021-06-01.

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Manuel Wurm .

Rights and permissions

Reprints and Permissions

Copyright information

© 2022 Der/die Autor(en), exklusiv lizenziert durch Springer-Verlag GmbH, DE, ein Teil von Springer Nature

About this chapter

Verify currency and authenticity via CrossMark

Cite this chapter

Wurm, M. (2022). Grundlagen. In: Automotive Cybersecurity. Springer Vieweg, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-64228-3_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-64228-3_1

  • Published:

  • Publisher Name: Springer Vieweg, Berlin, Heidelberg

  • Print ISBN: 978-3-662-64227-6

  • Online ISBN: 978-3-662-64228-3

  • eBook Packages: Computer Science and Engineering (German Language)