ECQV-GDH-Based Group Key Exchange Protocol for CAN Bus

Few of proposed protocols that aim to secure in-vehicle networks consider how to generate group key between Electronic Control Units (ECUs) for message authentication or encryption. A key exchange protocol, which provides higher security and satisfies limited power of ECUs, is indispensable with the...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on vehicular technology 2023-10, Vol.72 (10), p.1-16
Main Authors: Sun, Heng, Luo, Weiyun, Weng, Jian, Liu, Zhiquan, Li, Ming
Format: Article
Language:English
Subjects:
CAN bus
Computational efficiency
Control equipment
Controller area network
Controller Area Network (CAN)
Costs
Cryptography
Curves
Electronic control
Elliptic Curve Qu-Vanstone (ECQV)
Exchanging
Group Diffie-Hellman (GDH)
group key exchange
group key refresh
Logic gates
Protocol
Protocols
Security
Synchronization
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Few of proposed protocols that aim to secure in-vehicle networks consider how to generate group key between Electronic Control Units (ECUs) for message authentication or encryption. A key exchange protocol, which provides higher security and satisfies limited power of ECUs, is indispensable with the development of intelligent connected vehicle. In this article, we propose a protocol that allows key exchange as starting up and key refresh during driving. This protocol innovatively adopts Elliptic Curve Qu-Vanstone (ECQV) implicit certificate and Group Diffie-Hellman (GDH) protocol for group key generation, which enables decentralized negotiation and does not require pre-shared secrets as well, providing high security level for Controller Area Network (CAN). And our protocol considers as many CAN bus behaviors (e.g., ECU removing and rejoining dynamically) as possible. Subsequently, the security proof for group key exchange and theoretical analysis for the robustness against several kinds of attacks in the proposed protocol are detailed. Afterwards, a series of protocol evaluations are conducted on three kinds of typical hardware platforms, including TBOX from real vehicle supported by XPeng, and the results reveal that the proposed protocol significantly outperforms the existing protocols in time complexity, communication overhead, and memory footprint.
ISSN:0018-9545
1939-9359
DOI:10.1109/TVT.2023.3277875