Authentication and Secure Communication for In-Vehicle Networks 2005-01-1533

A “network” has been defined in Webster as “an interconnected or interrelated chain, group, or system” and “a system of lines or channels resembling a network”. Similar definition will also apply to in-vehicle networks as they connect hundreds of sensors and other electronic components inside vehicles. There are many standards exists for in-vehicle networks such as CAN, SAE J1850, SAE J1939, LIN, MOST, FlexRay and others [1, 2, 3, 4, 5, 6, 7, 8 and 9]. However, these standards do not address security and reliable communication issues. With the growth in technology, there is a need for the communication between the in-vehicle network and remote services for safety, entertainment, assistance, etc. It seems that security for such systems still is an unanswered question. The questions such as “Do we trust the remote services?”, “Are they the ones who claim?” and “Will our information remain confidential from unauthorized people?” need to be addressed.

Since the first step for a safe communication is authentication [10, 11, 12 and 13], we first explore the importance of authentication for in-vehicle networks. We propose an authentication method for CAN protocol for authenticating any remote services and establishing a secure communication using a secure key transmitted during the authentication. We use public key approaches for authentication to deal with the key distribution problem. Since this is a one-way authentication, we do not need a trusted third party and it is assumed that one of the parties is completely trustworthy. This work simulates an authentication method in exchanging a secure session key. First of all, authentication is implemented on main frame creating two processes representing two nodes and created bi-directional pipeline between processes representing the communication channel. Its hardware implementation uses two Phytecs boards (Infineon C505C Microcontrollers based) and communicates through a CAN bus.