Hashing-based authentication for CAN bus and application to Denial-of-Service protection

Abstract

The Controller Area Network (CAN) bus is an embedded network infrastructure especially used in automotive and aerospace contexts. It is well-known for its reliability but, due to historical and architectural reasons, authentication solutions were not integrated in the protocol itself. In particular, it does not integrate solutions of protection against external attackers. This can lead to data transitting through the network without any identity control and can quickly lead to backdoors allowing external attackers to take control of a vehicle, even while driving. Authentication solutions exist for CAN, but are often based on additional protocol layers or consume too much resources. The point of this paper is to propose an authentication solution in CAN based on a hashing mechanism that could be integrated in CAN standard protocol.