Journal article
Robust Certificateless Authentication Protocol for the SAE J1939 Commercial Vehicles Bus
IEEE Transactions on Vehicular Technology, Vol.72(4), pp.4493-4509
2023
Abstract
Authentication for controller area network (CAN) buses in an intra-vehicular network involving electronic control units (ECUs) is a challenging factor. The Society of Automotive Engineers standard (SAE J1939) incorporating the ISO 11898-1 specification for the data link and physical layers of the standard CAN and CAN-flexible data rate (CAN-FD) handles communication among ECUs. The SAE J1939 is vulnerable to attacks, namely replay, masquerading and machine-in-the-middle (MITM) attacks. To prevent such attacks, there exist protocol suites for resource-constrained and resource-unconstrained nodes proposed in the literature which are not formally analysed. We formally analyse one of the comprehensive protocol suites using the state-of-the-art Tamarin automated software validation tool. The analysis reveals that the protocols have a vulnerability that can be exploited by replay attack. The identified replay attack prevents further frame authentication. To mitigate the identified attacks, we propose two new authentication protocols. At first, we propose one pass authentication protocol for computationally restricted nodes. For nodes that are not restricted computationally, we present a certificateless signature-based authentication protocol. Additionally, we present a new certificateless key insulated manageable signature (CL-KIMS) scheme for the signature-based authentication protocol. CL-KIMS ensures key insulation and random access key update properties. CL-KIMS scheme assures a novel property, known as self-healing property. The security of the proposed protocol suite and the signature scheme is formally analysed using the random oracle model (ROM). Especially, CL-KIMS scheme is shown to be provably secure in the ROM against Type-I and Type-II adversaries. We use the Tamarin tool to verify mutual authentication, session key security, known key secrecy and forward security. A detailed performance comparison shows that compared with the existing protocol suites, the proposed protocol suite has lesser communication overhead and ensures robust security. Our simulation study in Matlab further reveals that the key exchange protocols in the proposed protocol suite are efficient with lesser total message delay than its counterpart protocols.
Details
- Title
- Robust Certificateless Authentication Protocol for the SAE J1939 Commercial Vehicles Bus
- Authors
- Basker Palaniswamy (Author) - Queensland University of TechnologyKeyvan Ansari (Author) - University of the Sunshine Coast, Queensland, School of Science, Technology and EngineeringAlavalapati Goutham Reddy (Author) - Fontbonne UniversityAshok Kumar Das (Author) - International Institute of Information Technology, HyderabadSachin Shetty (Author) - Old Dominion University
- Publication details
- IEEE Transactions on Vehicular Technology, Vol.72(4), pp.4493-4509
- Publisher
- Institute of Electrical and Electronics Engineers
- DOI
- 10.1109/TVT.2022.3227281
- ISSN
- 1939-9359
- Organisation Unit
- School of Science, Technology and Engineering
- Language
- English
- Record Identifier
- 99693698502621
- Output Type
- Journal article
Metrics
16 Record Views
InCites Highlights
These are selected metrics from InCites Benchmarking & Analytics tool, related to this output
- Collaboration types
- Domestic collaboration
- International collaboration
- Web Of Science research areas
- Engineering, Electrical & Electronic
- Telecommunications
- Transportation Science & Technology
UN Sustainable Development Goals (SDGs)
This output has contributed to the advancement of the following goals:
Source: InCites