Abstract
Recent research into automotive security has shown that once a single vehicle component is compromised, it is often possible to take full control of the vehicle. This paper proposes LeiA, a lightweight authentication protocol for the Controller Area Network (CAN). This protocol allows critical vehicle Electronic Control Units (ECUs) to authenticate each other providing compartmentalisation and preventing a number of attacks e.g., where a compromised CD player is able to accelerate the vehicle. LeiA is designed to run under the stringent time and
bandwidth constraints of automotive applications and is backwards compatible
with existing vehicle infrastructure. The protocol is suitable to be implemented using lightweight cryptographic primitives yet providing appropriate security levels by limiting the usage of every key in the system. The security of LeiA is proven under the unforgeability assumption of the MAC scheme under chosen message attacks (uf-cma).
bandwidth constraints of automotive applications and is backwards compatible
with existing vehicle infrastructure. The protocol is suitable to be implemented using lightweight cryptographic primitives yet providing appropriate security levels by limiting the usage of every key in the system. The security of LeiA is proven under the unforgeability assumption of the MAC scheme under chosen message attacks (uf-cma).
Original language | English |
---|---|
Title of host publication | Computer Security – ESORICS 2016 |
Subtitle of host publication | 21st European Symposium on Research in Computer Security, Heraklion, Greece, September 26-30, 2016, Proceedings, Part II |
Publisher | Springer |
Pages | 283-300 |
Number of pages | 18 |
ISBN (Electronic) | 978-3-319-45741-3 |
ISBN (Print) | 978-3-319-45740-6 |
DOIs | |
Publication status | Published - 2016 |
Event | 21st European Symposium on Research in Computer Security (ESORICS 2016) - Heraklion, Crete, Greece Duration: 26 Sept 2016 → 30 Sept 2016 |
Publication series
Name | Lecture Notes in Computer Science |
---|---|
Publisher | Springer |
Volume | 9879 |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | 21st European Symposium on Research in Computer Security (ESORICS 2016) |
---|---|
Country/Territory | Greece |
City | Heraklion, Crete |
Period | 26/09/16 → 30/09/16 |