网络与信息安全学报 (Dec 2022)
Automotive ethernet controller authentication method based on national cryptographic algorithms
Abstract
With the development of intelligent and connected cars, cyber security of automotive ethernet becomes the focus of automotive industry.Authentication is one of the key technologies for automotive ethernet security.The existing authentication methods have shortcomings to meet the requirements of both safety and electronic controllers’ performance.Besides, national cryptographic algorithms are becoming a trend for automotive network security, while the related research in automotive ethernet area is still in starting phase.In order to balance the limited computing performance of electronic controllers and high security requirements of automotive ethernet, a two-stage trust chain authentication method based on national cryptographic algorithms was proposed.The method can be used in different automotive ethernet topologies.A trust chain was built up based on authentication credentials, which linked the two authentication stages, namely the initial stage and the vehicle using stage.The initial stage was triggered by diagnosis instrument at end of line or controller replacement.It deployed complete authentication based on SM2 algorithm and certificates in the initial stage.The vehicle using stage was triggered by ethernet gateway at vehicle power-on or network wakeup.In this stage, the method deployed fast authentication based on SM4 algorithm and authentication credential trust chain.The authentication credentials for trust chain were generated by credential functions.In order to ensure security, each credential was generated based on last successful authentication parameters dynamically.The test results on automotive ethernet controllers show that the method has lower computing cost and higher security level, and it can guarantee both performance and security.
Keywords
