车载控制局域网的安全服务协议研究
    点此下载全文
引用本文:盛昱杰,郭子恒,沈伟.车载控制局域网的安全服务协议研究[J].计算技术与自动化,2019,(4):176-181
摘要点击次数: 15
全文下载次数: 0
作者单位
盛昱杰,郭子恒,沈伟 (南京理工大学 计算机科学与工程学院江苏 南京 210094) 
中文摘要:随着智能汽车、车联网的快速发展,攻击者可以通过对外开放的接口实施攻击,引发车载信息安全问题,严重威胁车辆乘坐人的生命及财产安全的问题。为此提出了一种车载控制局域网安全服务协议,包括启动阶段和通信阶段两个模块协议。启动阶段的初始化身份认证过程采用公钥加密体系及数字签名技术,在车辆点火启动时完成各节点的初始化认证,保证各通信节点身份的可靠性;通信阶段采用动态口令及消息摘要技术,保证了消息的机密性和完整性,并利用单次有效的动态口令实现对重放攻击的抵抗。通过搭建车载控制局域网总线仿真平台,模拟多种不同的攻击场景。实验结果表明,该协议能够为车辆提供可靠的初始化身份认证及通信安全,提高了系统安全服务水平。总线负载开销及消息时延也在合理水平。
中文关键词:车载控制器局域网络总线  车载信息安全  安全服务协议
 
A Security Service Protocol for In-vehicle CAN Bus
Abstract:A security service protocol for in-vehicle controller area network bus is proposed to solve the problem that the attackers can access some opening interface which may put the passengers in a dangerous situation. The protocol SSCAN contains two modules,IAM and EM. IAM uses the public key encryption system and digital signature technology to keep each ECU node in CAN bus reliability during the vehicle start-up phase. EM uses the dynamic password and message digest technology to keep the messages in safety,and can resistance replay attacks by the one-time dynamic password. To assess the SSCAN protocol,a hardware platform of CAN bus is built to simulate some different attack scenarios. The experimental results show that the protocol provides reliable initial authentication and communication security for vehicles and improves the system security service levels. The CAN bus load and messages average latency is also on a reasonable level.
keywords:controller area network bus  in-vehicle security  security service protocol
查看全文   查看/发表评论   下载pdf阅读器