For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
In-Vehicle Network Security Using Secure Element
Keisuke TAKEMORI Seiichiro MIZOGUCHI Hideaki KAWABATA Ayumu KUBOTA
IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences
Publication Date: 2016/01/01
Online ISSN: 1745-1337
Type of Manuscript: INVITED PAPER (Special Section on Intelligent Transport Systems)
CAN, MAC, secure element, secure boot, key exchange,
Full Text: PDF>>
As there are no security mechanisms in the vehicle controller area network (CAN) protocol, it is easy to inject fake packets, codes and electric control units (ECUs) in the CAN to hijack vehicle control. Security countermeasures for both the CAN and the ECU are urgently required to improve driving safety. In this paper, we propose in-vehicle network securities using the hardware secure elements as follows: (i) secure boot of ECU, (ii) authentication of an ECU, (iii) authentication of a CAN packet, and (iv) cipher key exchange procedures from a master ECU to slave ECUs. The security algorithms are implemented in a subscriber identity module card (SIM) embedded in the master ECU's board and in a hardware security module (HSM) embedded in a slave ECU. The SIM generates and distributes cipher keys to the authenticated HSM. Then, the HSM generates a media authentication code (MAC) for the CAN packet by using the cipher keys.