A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols

None, None; None, None; None, None; None, None

A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols

Journal Article (2024)

Author(s)

Alessandro Lotto (University of Padova)

Francesco Marchiori (University of Padova)

Alessandro Brighente (University of Padova)

Mauro Conti (University of Padova, TU Delft - Cyber Security)

Research Group

Cyber Security

DOI related publication

https://doi.org/10.1109/COMST.2024.3486367

Authentication Vehicle Security Comparative Analysis Controller Area Network

To reference this document use:

https://resolver.tudelft.nl/uuid:e0f97236-47bd-40c2-8def-1b294e7bb53c

More Info

expand_more

Publication Year

2024

Language

English

Research Group

Cyber Security

Bibliographical Note

Green Open Access added to TU Delft Institutional Repository as part of the Taverne amendment. More information about this copyright law amendment can be found at https://www.openaccess.nl. Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public. @en

Issue number

4

Volume number

27

Pages (from-to)

2470-2504

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

Modern cars' complexity and increased reliance on electronic components have made them a prime target for attackers. In particular, the in-vehicle communication system is one of the major attack surfaces, with the Controller Area Network (CAN) being the most used protocol. CAN connects electronic components with each other, allowing them to communicate and carry out control functions, as well as managing the vehicle state. However, these components, called Electronic Control Units (ECUs), can also be exploited for malicious purposes. Indeed, since the CAN bus was not designed with security features, attackers can exploit its vulnerabilities to compromise ECUs and corrupt the communication, allowing for remote vehicle control, disabling breaks, and engine shutdowns, causing significant safety threats. In response to the absence of standardized authentication protocols within the automotive domain, researchers propose diverse solutions, each with unique strengths and vulnerabilities. However, the continuous influx of new protocols and potential oversights in meeting security requirements and essential operational features further complicate the implementability of these protocols. This paper comprehensively reviews and compares the 15 most prominent authentication protocols for the CAN bus. Our analysis emphasizes their strengths and weaknesses, evaluating their alignment with critical security requirements for automotive authentication. Additionally, we evaluate protocols based on essential operational criteria that contribute to ease of implementation in predefined infrastructures, enhancing overall reliability and reducing the probability of successful attacks. Our study reveals a prevalent focus on defending against external attackers in existing protocols, exposing vulnerabilities to internal threats. Notably, authentication protocols employing hash chains, Mixed Message Authentication Codes, and asymmetric encryption techniques emerge as the most effective approaches. Through our comparative study, we classify the considered protocols based on their security attributes and suitability for implementation, providing valuable insights for future developments in the field.

Files

A_Survey_and_Comparative_Analy... (pdf)

(pdf | 2.64 Mb)

- Embargo expired in 14-08-2025

License info not available