Robust Certificateless Authentication Protocol for the SAE J1939 Commercial Vehicles Bus

Authentication for controller area network (CAN) buses in an intra-vehicular network involving electronic control units (ECUs) is a challenging factor. The Society of Automotive Engineers standard (SAE J1939) incorporating the ISO 11898-1 specification for the data link and physical layers of the standard CAN and CAN-flexible data rate (CAN-FD) handles communication among ECUs. The SAE J1939 is vulnerable to replay, masquerading and machine-in-the-middle (MITM) attacks. To prevent such attacks, there exist protocol suites for resource-constrained and resource-unconstrained nodes proposed in the literature which are not formally analysed. The authors formally analyse one of the comprehensive protocol suites using the state-of-the-art Tamarin automated validation tool. To mitigate the identified attacks, the authors propose two new authentication protocols. At first, the authors propose one pass authentication protocol for computationally restricted nodes. For nodes that are not restricted computationally, the authors present a certificateless signature-based authentication protocol. Additionally, the authors present a new certificateless key insulated manageable signature (CL-KIMS) scheme for signature-based authentication protocol. CL-KIMS ensures key insulation and random access key update properties, and assures self-healing property. The security of the proposed protocol suite and signature scheme is formally analysed using the random oracle model (ROM). Especially, CL-KIMS scheme is provably secure in the ROM against Type-I and Type-II adversaries. A detailed performance comparison and simulation study show that the proposed protocol suite has lesser communication overhead and ensures robust security as compared to the existing protocol suites.


  • English

Media Info

Subject/Index Terms

Filing Info

  • Accession Number: 01883028
  • Record Type: Publication
  • Files: TRIS
  • Created Date: May 23 2023 10:09AM