A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols

IF 34.4 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Communications Surveys and Tutorials Pub Date : 2024-10-25 DOI:10.1109/COMST.2024.3486367

Alessandro Lotto;Francesco Marchiori;Alessandro Brighente;Mauro Conti

{"title":"A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols","authors":"Alessandro Lotto;Francesco Marchiori;Alessandro Brighente;Mauro Conti","doi":"10.1109/COMST.2024.3486367","DOIUrl":null,"url":null,"abstract":"Modern cars’ complexity and increased reliance on electronic components have made them a prime target for attackers. In particular, the in-vehicle communication system is one of the major attack surfaces, with the Controller Area Network (CAN) being the most used protocol. CAN connects electronic components with each other, allowing them to communicate and carry out control functions, as well as managing the vehicle state. However, these components, called Electronic Control Units (ECUs), can also be exploited for malicious purposes. Indeed, since the CAN bus was not designed with security features, attackers can exploit its vulnerabilities to compromise ECUs and corrupt the communication, allowing for remote vehicle control, disabling breaks, and engine shutdowns, causing significant safety threats. In response to the absence of standardized authentication protocols within the automotive domain, researchers propose diverse solutions, each with unique strengths and vulnerabilities. However, the continuous influx of new protocols and potential oversights in meeting security requirements and essential operational features further complicate the implementability of these protocols. This paper comprehensively reviews and compares the 15 most prominent authentication protocols for the CAN bus. Our analysis emphasizes their strengths and weaknesses, evaluating their alignment with critical security requirements for automotive authentication. Additionally, we evaluate protocols based on essential operational criteria that contribute to ease of implementation in predefined infrastructures, enhancing overall reliability and reducing the probability of successful attacks. Our study reveals a prevalent focus on defending against external attackers in existing protocols, exposing vulnerabilities to internal threats. Notably, authentication protocols employing hash chains, Mixed Message Authentication Codes, and asymmetric encryption techniques emerge as the most effective approaches. Through our comparative study, we classify the considered protocols based on their security attributes and suitability for implementation, providing valuable insights for future developments in the field.","PeriodicalId":55029,"journal":{"name":"IEEE Communications Surveys and Tutorials","volume":"27 4","pages":"2470-2504"},"PeriodicalIF":34.4000,"publicationDate":"2024-10-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10735339","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Communications Surveys and Tutorials","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10735339/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Modern cars’ complexity and increased reliance on electronic components have made them a prime target for attackers. In particular, the in-vehicle communication system is one of the major attack surfaces, with the Controller Area Network (CAN) being the most used protocol. CAN connects electronic components with each other, allowing them to communicate and carry out control functions, as well as managing the vehicle state. However, these components, called Electronic Control Units (ECUs), can also be exploited for malicious purposes. Indeed, since the CAN bus was not designed with security features, attackers can exploit its vulnerabilities to compromise ECUs and corrupt the communication, allowing for remote vehicle control, disabling breaks, and engine shutdowns, causing significant safety threats. In response to the absence of standardized authentication protocols within the automotive domain, researchers propose diverse solutions, each with unique strengths and vulnerabilities. However, the continuous influx of new protocols and potential oversights in meeting security requirements and essential operational features further complicate the implementability of these protocols. This paper comprehensively reviews and compares the 15 most prominent authentication protocols for the CAN bus. Our analysis emphasizes their strengths and weaknesses, evaluating their alignment with critical security requirements for automotive authentication. Additionally, we evaluate protocols based on essential operational criteria that contribute to ease of implementation in predefined infrastructures, enhancing overall reliability and reducing the probability of successful attacks. Our study reveals a prevalent focus on defending against external attackers in existing protocols, exposing vulnerabilities to internal threats. Notably, authentication protocols employing hash chains, Mixed Message Authentication Codes, and asymmetric encryption techniques emerge as the most effective approaches. Through our comparative study, we classify the considered protocols based on their security attributes and suitability for implementation, providing valuable insights for future developments in the field.

查看原文本刊更多论文

CAN 身份验证协议安全特性调查与比较分析

现代汽车的复杂性和对电子元件的日益依赖使它们成为攻击者的主要目标。特别是车载通信系统是主要的攻击面之一，其中控制器局域网（CAN）是使用最多的协议。CAN将电子元件彼此连接起来，使它们能够通信并执行控制功能，以及管理车辆状态。然而，这些被称为电子控制单元（ecu）的组件也可以被恶意利用。事实上，由于CAN总线没有设计安全功能，攻击者可以利用其漏洞来破坏ecu并破坏通信，从而允许远程车辆控制，禁用中断和发动机关闭，从而造成重大的安全威胁。针对汽车领域缺乏标准化认证协议的问题，研究人员提出了多种解决方案，每种解决方案都有其独特的优势和漏洞。然而，新协议的不断涌入以及在满足安全要求和基本业务特性方面可能出现的疏忽使这些协议的可执行性进一步复杂化。本文全面回顾和比较了15种最重要的CAN总线认证协议。我们的分析强调了它们的优点和缺点，评估了它们与汽车身份验证的关键安全需求的一致性。此外，我们基于基本的操作标准来评估协议，这些标准有助于在预定义的基础设施中轻松实现，提高整体可靠性并降低成功攻击的可能性。我们的研究揭示了在现有协议中防御外部攻击者的普遍关注，暴露了内部威胁的漏洞。值得注意的是，使用哈希链、混合消息身份验证码和非对称加密技术的身份验证协议是最有效的方法。通过我们的比较研究，我们根据其安全属性和实现的适用性对考虑的协议进行分类，为该领域的未来发展提供有价值的见解。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Communications Surveys and Tutorials COMPUTER SCIENCE, INFORMATION SYSTEMS-TELECOMMUNICATIONS

CiteScore

80.20

自引率

2.50%

发文量

审稿时长

6 months

期刊介绍： IEEE Communications Surveys & Tutorials is an online journal published by the IEEE Communications Society for tutorials and surveys covering all aspects of the communications field. Telecommunications technology is progressing at a rapid pace, and the IEEE Communications Society is committed to providing researchers and other professionals the information and tools to stay abreast. IEEE Communications Surveys and Tutorials focuses on integrating and adding understanding to the existing literature on communications, putting results in context. Whether searching for in-depth information about a familiar area or an introduction into a new area, IEEE Communications Surveys & Tutorials aims to be the premier source of peer-reviewed, comprehensive tutorials and surveys, and pointers to further sources. IEEE Communications Surveys & Tutorials publishes only articles exclusively written for IEEE Communications Surveys & Tutorials and go through a rigorous review process before their publication in the quarterly issues. A tutorial article in the IEEE Communications Surveys & Tutorials should be designed to help the reader to become familiar with and learn something specific about a chosen topic. In contrast, the term survey, as applied here, is defined to mean a survey of the literature. A survey article in IEEE Communications Surveys & Tutorials should provide a comprehensive review of developments in a selected area, covering its development from its inception to its current state and beyond, and illustrating its development through liberal citations from the literature. Both tutorials and surveys should be tutorial in nature and should be written in a style comprehensible to readers outside the specialty of the article.