Secure Key Management - A Key Feature for Modern Vehicle Electronics 2013-01-1418
The need for vehicular data security and privacy protection is already enormous and increases even further. Prominent application areas are for instance theft protection, anti-counterfeiting, secure data storage and secure communication inside the vehicle and from the vehicle to the outside world. However, most of the vehicular security and privacy protection solutions involve modern cryptography and require availability of cryptographic keys in the vehicle and in related backend infrastructure. A central aspect for ensuring this availability and a controlled usage of such cryptographic keys is a secure key management, which affects the whole lifecycle of the key, from creation and distribution, usage, backup and update up to key deactivation. Even though secure key management is quite well understood in the standard computer world, the situation in the automotive world is quite different, as we have different functional requirements (e.g., sporadic low-bandwidth connections) and different security requirements (e.g., physical insider attacks).
We hence analyze the requirements and give best practice approaches for a secure key management solution in the automotive context. We highlight potential security concerns that are encountered during each phase on a lifecycle of a cryptographic key used in a typical vehicular security solution. Knowing the security vulnerabilities, we will introduce open solutions and best practice approaches for secure key management implementation both in the embedded in-vehicle domain as well as for the supporting backend infrastructure.
Citation: Schleiffer, C., Wolf, M., Weimerskirch, A., and Wolleschensky, L., "Secure Key Management - A Key Feature for Modern Vehicle Electronics," SAE Technical Paper 2013-01-1418, 2013, https://doi.org/10.4271/2013-01-1418. Download Citation
Author(s):
Christian Schleiffer, Marko Wolf, André Weimerskirch, Lars Wolleschensky
Affiliated:
ESCRYPT GmbH, ESCRYPT Inc.
Pages: 8
Event:
SAE 2013 World Congress & Exhibition
ISSN:
0148-7191
e-ISSN:
2688-3627
Related Topics:
Cryptography
Logistics
SAE MOBILUS
Subscribers can view annotate, and download all of SAE's content.
Learn More »