Abstract
Modern automotive Cyber-Physical Systems (CPS) are increasingly adopting wireless communications for Intra-Vehicular, Vehicle-to-Vehicle (V2V), and Vehicle-to-Infrastructure (V2I) protocols as a promising solution for challenges such as the wire harnessing problem, collision detection, and collision avoidance, traffic control, and environmental hazards. Regrettably, this new trend results in new security challenges that can put the safety and privacy of the automotive CPS and passengers at great risk. In addition, automotive wireless communication security is constrained by strict energy and performance limitations of electronic controller units and sensors. As a result, the key generation and management for secure automotive CPS wireless communication is an open research challenge. This article aims to help solve these security challenges by presenting a practical key generation technique based on the reciprocity and high spatial and temporal variation properties of the automotive wireless communication channel. Accompanying this technique is also a key length optimization algorithm to improve performance (in terms of time and energy) for safety-related applications constrained by small communication windows. To validate the practicality and effectiveness of our approach, we have conducted simulations alongside real-world experiments with vehicles and RC cars. Last, we demonstrate through simulations that we can generate keys with high security strength (keys with 67% min-entropy) with 20× reduction in code size overhead in comparison to the state-of-the-art security techniques.
- Babak Azimi-Sadjadi, Aggelos Kiayias, Alejandra Mercado, and Bulent Yener. 2007. Robust key generation from signal envelopes in wireless networks. In Proceedings of the 14th ACM Conference on Computer and Communications Security. ACM, 401--410. Google ScholarDigital Library
- Elaine Barker, William Barker, William Burr, William Polk, and Miles Smid. 2006. Recommendation for Key Management-part 1: General revised. In NIST Special Publication. Citeseer.Google Scholar
- Elaine Barker and Allen Roginsky. 2011. Transitions: Recommendation for transitioning the use of cryptographic algorithms and key lengths. NIST Special Publication. Citeseer, 131A.Google Scholar
- P. Belanovic, D. Valerio, A. Paier, T. Zemen, F. Ricciato, and C. F. Mecklenbrauker. 2010. On wireless links for vehicle-to-infrastructure communications. IEEE Trans. Vehic. Technol. 59, 1 (Jan. 2010), 269--282.Google ScholarCross Ref
- Matthieu Bloch, João Barros, Miguel R. D. Rodrigues, and Steven W. McLaughlin. 2008. Wireless information-theoretic security. IEEE Trans. Info. Theory 54, 6 (2008), 2515--2534. Google ScholarDigital Library
- Steve Bono, Matthew Green, Adam Stubblefield, Ari Juels, Aviel D. Rubin, and Michael Szydlo. 2005. Security analysis of a cryptographically-enabled RFID device. In USENIX Security, Vol. 5. 1--16. Google ScholarDigital Library
- Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage, Karl Koscher, Alexei Czeskis, Franziska Roesner, Tadayoshi Kohno et al. 2011. Comprehensive experimental analyses of automotive attack surfaces. Proceedings of the USENIX Security Symposium. Google ScholarDigital Library
- Ming-Chin Chuang and Jeng-Farn Lee. 2014. TEAM: Trust-extended authentication mechanism for vehicular ad hoc networks. IEEE Syst. J. 8, 3 (2014), 749--758.Google ScholarCross Ref
- CAMP Vehicle Safety Communications Consortium. 2004. Vehicle Safety Communications Project: Task 3 Final Report: Identify Intelligent Vehicle Safety Applications Enabled by DSRC. National Highway Traffic Safety Administration, Office of Research and Development, Washington, D.C. Retrieved from https://books.google.com/books?id=BwmMNwAACAAJ.Google Scholar
- K. Dar, M. Bakhouya, J. Gaber, M. Wack, and P. Lorenz. 2010a. Wireless communication technologies for ITS applications: Topics in automotive networking. IEEE Commun. Mag. 48, 5 (May 2010), 156--162. Google ScholarDigital Library
- Kashif Dar, Mohamed Bakhouya, Jaafar Gaber, Maxime Wack, and Pascal Lorenz. 2010b. Wireless communication technologies for ITS applications. IEEE Commun. Mag. 48, 5 (2010), 156--162. Google ScholarDigital Library
- Tamer El Batt, Cem Saraydar, Michael Ames, and Timothy Talty. 2006. Potential for intra-vehicle wireless automotive sensor networks. In Proceedings of the Sarnoff Symposium. IEEE, 1--4.Google Scholar
- ITSWG ETSI. 2010. Intelligent Transport Systems (ITS); Security; Threat, Vulnerability and Risk Analysis (TVRA). Technical Report. ETSI TR 102 893, European Telecommunications Standards Institute.Google Scholar
- Shafi Goldwasser and Mihir Bellare. 2001. Lecture Notes on Cryptography. Summer Course “Cryptography and Computer Security”. MIT, 1999 (1996), 1999.Google Scholar
- Nils Gura, Arun Patel, Arvinderpal Wander, Hans Eberle, and Sheueling Chang Shantz. 2004. Comparing elliptic curve cryptography and RSA on 8-bit CPUs. In Proceedings of the Conference on Cryptographic Hardware and Embedded Systems (CHES’04). Springer, 119--132.Google ScholarCross Ref
- John Harding, Gregory Powell, Rebecca Yoon, Joshua Fikentscher, Charlene Doyle, Dana Sade, Mike Lukuc, Jim Simons, and Jing Wang. 2014. Vehicle-to-vehicle Communications: Readiness of v2v Technology for Application. Technical Report.Google Scholar
- Dennis Hofheinz and Eike Kiltz. 2007. Secure hybrid encryption from weakened key encapsulation. In Proceedings of the Conference on Advances in Cryptology (CRYPTO’07). Springer, 553--571. Google ScholarDigital Library
- Daniel E. Holcomb, Wayne P. Burleson, and Kevin Fu. 2009. Power-up SRAM state as an identifying fingerprint and source of true random numbers. IEEE Trans. Comput. 58, 9 (2009), 1198--1210. Google ScholarDigital Library
- Rob Millerb Ishtiaq Roufa, Hossen Mustafaa, Sangho Ohb Travis Taylora, Wenyuan Xua, Marco Gruteserb, Wade Trappeb, and Ivan Seskarb. 2010. Security and privacy vulnerabilities of in-car wireless networks: A tire pressure monitoring system case study. Proceedings of the 19th USENIX Security Symposium. 11--13. Google ScholarDigital Library
- Suman Jana, Sriram Nandha Premnath, Mike Clark, Sneha K Kasera, Neal Patwari, and Srikanth V Krishnamurthy. 2009. On the effectiveness of secret key extraction from wireless signal strength in real environments. In Proceedings of the 15th Annual International Conference on Mobile Computing and Networking. ACM, 321--332. Google ScholarDigital Library
- Hugo Krawczyk. 2010. Cryptographic extraction and key derivation: The HKDF scheme. In Proceedings of the Annual Cryptology Conference. Springer, 631--648. Google ScholarDigital Library
- Nate Lawson. 2008. Highway to Hell: Hacking Toll Systems. Presentation at Blackhat. 2008 Aug 6.Google Scholar
- Joseph Lee Rodgers and W. Alan Nicewander. 1988. Thirteen ways to look at the correlation coefficient. Amer. Statist. 42, 1 (1988), 59--66.Google ScholarCross Ref
- Jie Li, Huang Lu, and Mohsen Guizani. 2015. ACPN: A novel authentication framework with conditional privacy-preservation and non-repudiation for VANETs. IEEE Trans. Parallel Distrib. Syst. 26, 4 (2015), 938--948.Google ScholarCross Ref
- Chung-Wei Lin, Lei Rao, Paolo Giusto, Joseph D’Ambrosio, and Alberto Sangiovanni-Vincentelli. 2014. An efficient wire routing and wire sizing algorithm for weight minimization of automotive systems. Proceedings of the 51st Annual Design Automation Conference (DAC’14). 1--6. Google ScholarDigital Library
- Suhas Mathur, Wade Trappe, Narayan Mandayam, Chunxuan Ye, and Alex Reznik. 2008. Radio-telepathy: Extracting a secret key from an unauthenticated wireless channel. Proceedings of the 14th ACM International Conference on Mobile Computing and Networking. 128--139. Google ScholarDigital Library
- MathWorks. 2014. MATLAB, Simulink. Retrieved from www.mathwork.com.Google Scholar
- Charlie Miller and Chris Valasek. 2014. A survey of remote automotive attack surfaces. Black Hat USA (2014), 94.Google Scholar
- Charlie Miller and Chris Valasek. 2015. Remote Exploitation of an Unaltered Passenger Vehicle. Black Hat USA (2015), 91.Google Scholar
- Mohammed A. Moharrum and Ahmad A. Al-Daraiseh. 2012. Toward secure vehicular ad hoc networks: A survey. IETE Tech. Rev. 29, 1 (2012), 80--89.Google ScholarCross Ref
- Amitav Mukherjee, S. Ali A. Fakoorian, Jing Huang, and A. Lee Swindlehurst. 2010. Principles of physical layer security in multiuser wireless networks: A survey. CoRR abs/1011.3754 (2010).Google Scholar
- Charles W. O’donnell, G. Edward Suh, and Srinivas Devadas. 2004. PUF-based random number generation. In MIT CSAIL CSG Technical Memo.Google Scholar
- Neal Patwari, Jessica Croft, Suman Jana, and Sneha Kumar Kasera. 2010. High-rate uncorrelated bit extraction for shared secret key generation from channel measurements. IEEE Trans. Mobile Comput. 9, 1 (2010), 17--30. Google ScholarDigital Library
- Nachiketh R. Potlapally, Srivaths Ravi, Anand Raghunathan, and Niraj K. Jha. 2006. A study of the energy consumption characteristics of cryptographic algorithms and security protocols. IEEE Trans. Mobile Comput. 5, 2 (2006), 128--143. Google ScholarDigital Library
- Sriram Nandha Premnath, Jessica Croft, Neal Patwari, and Sneha Kumar Kasera. 2014. Efficient high-rate secret key extraction in wireless sensor networks using collaboration. ACM Trans. Sensor Netw. 11, 1 (2014), 2. Google ScholarDigital Library
- Yi Qian and Nader Moayeri. 2008. Design of secure and application-oriented VANETs. In Proceedings of the IEEE Vehicular Technology Conference (VTC’08). IEEE, 2794--2799.Google ScholarCross Ref
- Kui Ren, Hai Su, and Qian Wang. 2011. Secret key generation exploiting channel characteristics in wireless communications. IEEE Wireless Commun. 18, 4 (2011), 6--12.Google ScholarCross Ref
- Masoud Rostami, James B Wendt, Miodrag Potkonjak, and Farinaz Koushanfar. 2014. Quo vadis, PUF?: Trends and challenges of emerging physical-disorder based security. In Proceedings of the Design, Automation and Test in Europe Conference and Exhibition (DATE’14). 352. Google ScholarDigital Library
- Torsten Schütze. 2011. Automotive security: Cryptography for car2x communication. In Proceedings of the Embedded World Conference. Citeseer.Google Scholar
- Hendrik Schweppe, Yves Roudier, Benjamin Weyl, Ludovic Apvrille, and Dirk Scheuermann. 2011. Car2x communication: Securing the last meter-a cost-effective approach for ensuring trust in car2x applications using in-vehicle symmetric cryptography. In Proceedings of the IEEE Vehicular Technology Conference (VTC’11). IEEE, 1--5.Google ScholarCross Ref
- Marvin K. Simon and Mohamed-Slim Alouini. 2005. Digital Communication over Fading Channels. John Wiley 8 Sons.Google Scholar
- L. Stibor, Yunpeng Zang, and H.-J. Reumerman. 2007. Evaluation of communication distance of broadcast messages in a vehicular ad hoc network using IEEE 802.11p. In Proceedings of the Wireless Communications and Networking Conference (WCNC’07). 254--257. Google ScholarDigital Library
- G Edward Suh and Srinivas Devadas. 2007. Physical unclonable functions for device authentication and secret key generation. In Proceedings of the 44th Annual Design Automation Conference (DAC’07). 9--14. Google ScholarDigital Library
- Robbert van den Berg. 2012. Entropy Analysis of Physical Unclonable Functions. Ph.D. Dissertation. MSc. thesis, Eindhoven University of Technology.Google Scholar
- Jiang Wan, Arquimedes Canedo, Al Faruque, and Mohammad Abdullah. 2014. Functional model-based design methodology for automotive cyber-physical systems. IEEE Syst. J. 11, 4 (2014), 2028--2039.Google ScholarCross Ref
- Jiang Wan, Anthony Bahadir Lopez, and Mohammad Abdullah Al Faruque. 2016. Exploiting wireless channel randomness to generate keys for automotive cyber-physical system security. In Proceedings of the ACM/IEEE 7th International Conference on Cyber-Physical Systems (ICCPS’16). IEEE, 1--10. Google ScholarDigital Library
- Qian Wang, Hai Su, Kui Ren, and Kwangjo Kim. 2011. Fast and scalable secret key generation exploiting channel phase randomness in wireless networks. In Proceedings of the IEEE INFOCOM. IEEE, 1422--1430.Google ScholarCross Ref
- Christian Weiß. 2011. V2X communication in Europe—From research projects towards standardization and field testing of vehicle communication technology. Comput. Netw. 55, 14 (2011), 3103--3119. Google ScholarDigital Library
- Daniel Work, Alexandre Bayen, and Quinn Jacobson. 2008. Automotive cyber physical systems in the context of human mobility. In Proceedings of the National Workshop on High-confidence Automotive Cyber-physical Systems. 3--4.Google Scholar
- Chunxuan Ye, Suhas Mathur, Alex Reznik, Yogendra Shah, Wade Trappe, and Narayan B. Mandayam. 2010. Information-theoretically secret key generation for fading wireless channels. IEEE Trans. Info. Forensics Secur. (2010), 240--254. Google ScholarDigital Library
- Bin Zan, Marco Gruteser, and Fei Hu. 2013. Key agreement algorithms for vehicular communication networks based on reciprocity and diversity theorems. IEEE Trans. Vehic. Technol. 62, 8 (2013), 4020--4027.Google ScholarCross Ref
- Kai Zeng, Daniel Wu, An Jack Chan, and Prasant Mohapatra. 2010. Exploiting multiple-antenna diversity for shared secret key generation in wireless networks. In Proceedings IEEE INFOCOM. IEEE, 1--9. Google ScholarDigital Library
Index Terms
- Physical Layer Key Generation: Securing Wireless Communication in Automotive Cyber-Physical Systems
Recommendations
Design and Implementation of Secret Key Agreement for Platoon-based Vehicular Cyber-physical Systems
In a platoon-based vehicular cyber-physical system (PVCPS), a lead vehicle that is responsible for managing the platoon’s moving directions and velocity periodically disseminates control messages to the vehicles that follow. Securing wireless ...
Exploiting wireless channel randomness to generate keys for automotive cyber-physical system security
ICCPS '16: Proceedings of the 7th International Conference on Cyber-Physical SystemsModern automotive Cyber-Physical Systems (CPSs) are increasingly adopting wireless communications for Intra-Vehicular, Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) protocols as a promising solution for challenges such as the wire ...
Sensor Data Fusion Algorithms for Vehicular Cyber-Physical Systems
A probe data service has been defined as a means for vehicular on-board units (OBUs) to transmit the data collected by their in-vehicle sensors in real time via wireless communication links to road-site units (RSUs). Sensor data fusion algorithms are ...
Comments