A Secure Communication Method for CANBus

摘要

Modern vehicles have numerous Electronic Control Units (ECUs) and they communicate over CANbus. Thus CANBus is an essential element in intra-vehicle communication. But CANBus protocol was designed without communication security in mind and thus it is vulnerable to many cyber attacks. Its communication messages are not encrypted and vulnerable to eavesdropping attacks. The message sources are not authenticated and the message content is not protected from modification attacks. Therefore there is a great need for a secure communication method with CANBus. However, it is not trivial to design a good algorithm due to its message size limitation and the real-time constraint. Currently proposed algorithms tend to be overly sophisticated, which is not good for vehicle maintenance. In this paper, we propose a simple and efficient secure communication method for CANbus using a combination of symmetric and asymmetric key cryptography. Specifically, all ECUs exchange a Diffie-Hellman public key with each other and create shared keys among all ECUs. This shared key is used as a seed for deriving a one-time key for each packet. A sequence number is used for deriving a new key as well as for protecting packets from replay attacks. Source address authentication and message authentication are provided by digital signature based on ECDSA algorithm. Once a message is encrypted, it is signed using ECDSA. We implemented the proposed algorithm on Raspberry Pi as a proof of concept. This scheme can protect CANBus from eavesdropping, replay, data modification, source spoofing, and message fabrication attacks.