Robust Multicast Origin Authentication in MACsec and CANsec for Automotive Scenarios

• URL: http://arxiv.org/abs/2502.20555v1
• Date: Thu, 27 Feb 2025 21:55:08 GMT
• Title: Robust Multicast Origin Authentication in MACsec and CANsec for Automotive Scenarios
• Authors: Gianluca Cena, Lucia Seno, Stefano Scanzio,
• Abstract summary: Ethernet and CAN XL provide link-level security based on symmetric cryptography, but do not support origin authentication for multicast transmissions.<n>Asymmetric cryptography is unsuitable for networked embedded control systems with real-time constraints and limited computational resources.<n>Some such strategies are presented and analyzed that allow for multicast origin authentication, also improving robustness to frame losses by means of interleaved keychains.
• Score: 1.8570591025615457
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Having everything interconnected through the Internet, including vehicle onboard systems, is making security a primary concern in the automotive domain as well. Although Ethernet and CAN XL provide link-level security based on symmetric cryptography, they do not support origin authentication for multicast transmissions. Asymmetric cryptography is unsuitable for networked embedded control systems with real-time constraints and limited computational resources. In these cases, solutions derived from the TESLA broadcast authentication protocol may constitute a more suitable option. In this paper, some such strategies are presented and analyzed that allow for multicast origin authentication, also improving robustness to frame losses by means of interleaved keychains. A flexible authentication mechanism that relies on a unified receiver is then proposed, which enables transmitters to select strategies at runtime, to achieve the best compromise among security, reliability, and resource consumption.

Related papers

• CAIBA: Multicast Source Authentication for CAN Through Reactive Bit Flipping [5.997426999817119]
  Controller Area Networks (CANs) are the backbone for reliable intra-vehicular communication. Recent cyberattacks have exposed the weaknesses of CAN, which was designed without any security considerations in the 1980s. We present CAIBA, a novel multicast source authentication scheme specifically designed for communication buses like CAN.
  arXiv  Detail & Related papers  (2025-04-23T13:27:30Z)
• Secure Semantic Communication With Homomorphic Encryption [52.5344514499035]
  This paper explores the feasibility of applying homomorphic encryption to SemCom. We propose a task-oriented SemCom scheme secured through homomorphic encryption.
  arXiv  Detail & Related papers  (2025-01-17T13:26:14Z)
• Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
  We propose Authenticated Cyclic Redundancy Integrity Check (ACRIC) ACRIC preserves backward compatibility without requiring additional hardware and is protocol agnostic. We show that ACRIC offers robust security with minimal transmission overhead ( 1 ms)
  arXiv  Detail & Related papers  (2024-11-21T18:26:05Z)
• Physical Layer Deception with Non-Orthogonal Multiplexing [52.11755709248891]
  We propose a novel framework of physical layer deception (PLD) to actively counteract wiretapping attempts.<n>PLD combines PLS with deception technologies to actively counteract wiretapping attempts.<n>We prove the validity of the PLD framework with in-depth analyses and demonstrate its superiority over conventional PLS approaches.
  arXiv  Detail & Related papers  (2024-06-30T16:17:39Z)
• A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
  The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
  arXiv  Detail & Related papers  (2024-01-19T14:52:04Z)
• Secure Authentication Mechanism for Cluster based Vehicular Adhoc Network (VANET): A Survey [1.0070449177493677]
  Vehicular Ad Hoc Networks (VANETs) play a crucial role in Intelligent Transportation Systems (ITS) by facilitating communication between vehicles and infrastructure. This survey paper presents a comprehensive analysis of existing authentication mechanisms proposed for cluster-based VANETs. The integration of secure key management techniques is discussed to enhance the overall authentication process.
  arXiv  Detail & Related papers  (2023-12-20T10:58:43Z)
• Establishing Dynamic Secure Sessions for ECQV Implicit Certificates in Embedded Systems [0.0]
  We present a design that utilizes the Station to Station (STS) protocol with implicit certificates. We show that with a slight computational increase of 20% compared to a static ECDSA key derivation, we are able to mitigate many session-related security vulnerabilities.
  arXiv  Detail & Related papers  (2023-11-19T22:40:21Z)
• Practical quantum secure direct communication with squeezed states [55.41644538483948]
  We report the first table-top experimental demonstration of a CV-QSDC system and assess its security. This realization paves the way into future threat-less quantum metropolitan networks, compatible with coexisting advanced wavelength division multiplexing (WDM) systems.
  arXiv  Detail & Related papers  (2023-06-25T19:23:42Z)
• Practical quantum multiparty signatures using quantum-key-distribution networks [0.0]
  We develop an unconditionally secure signature scheme that guarantees authenticity and transferability of arbitrary length messages in a quantum key distribution network. We provide a comprehensive security analysis of the developed scheme, perform an optimization of the scheme parameters with respect to the secret key consumption, and demonstrate that the developed scheme is compatible with the capabilities of currently available QKD devices.
  arXiv  Detail & Related papers  (2021-07-27T17:41:40Z)
• CAN-LOC: Spoofing Detection and Physical Intrusion Localization on an In-Vehicle CAN Bus Based on Deep Features of Voltage Signals [48.813942331065206]
  We propose a security hardening system for in-vehicle networks. The proposed system includes two mechanisms that process deep features extracted from voltage signals measured on the CAN bus.
  arXiv  Detail & Related papers  (2021-06-15T06:12:33Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.