Litcius/Paper detail

Robust Certificateless Authentication Protocol for the SAE J1939 Commercial Vehicles Bus

Basker Palaniswamy, Keyvan Ansari, Alavalapati Goutham Reddy, Ashok Kumar Das, Sachin Shetty

2022IEEE Transactions on Vehicular Technology14 citationsDOI

Abstract

Authentication for controller area network (CAN) buses in an intra-vehicular network involving electronic control units (ECUs) is a challenging factor. The Society of Automotive Engineers standard (SAE J1939) incorporating the ISO 11898-1 specification for the data link and physical layers of the standard CAN and CAN-flexible data rate (CAN-FD) handles communication among ECUs. The SAE J1939 is vulnerable to replay, masquerading and machine-in-the-middle (MITM) attacks. To prevent such attacks, there exist protocol suites for resource-constrained and resource-unconstrained nodes proposed in the literature which are not formally analysed. We formally analyse one of the comprehensive protocol suites using the state-of-the-art Tamarin automated validation tool. To mitigate the identified attacks, we propose two new authentication protocols. At first, we propose one pass authentication protocol for computationally restricted nodes. For nodes that are not restricted computationally, we present a certificateless signature-based authentication protocol. Additionally, we present a new certificateless key insulated manageable signature (CL-KIMS) scheme for signature-based authentication protocol. CL-KIMS ensures key insulation and random access key update properties, and assures self-healing property. The security of the proposed protocol suite and signature scheme is formally analysed using the random oracle model (ROM). Especially, CL-KIMS scheme is provably secure in the ROM against Type-I and Type-II adversaries. A detailed performance comparison and simulation study show that the proposed protocol suite has lesser communication overhead and ensures robust security as compared to the existing protocol suites.

Topics & Concepts

Computer scienceAuthentication (law)Authentication protocolComputer networkProtocol (science)Key (lock)Otway–Rees protocolCryptographic protocolRandom oraclePublic-key cryptographyEmbedded systemChallenge-Handshake Authentication ProtocolComputer securityCryptographyEncryptionAlternative medicinePathologyMedicineAdvanced Authentication Protocols SecurityVehicular Ad Hoc Networks (VANETs)User Authentication and Security Systems
Robust Certificateless Authentication Protocol for the SAE J1939 Commercial Vehicles Bus | Litcius