|
|
- 2018
车载FlexRay总线安全协议的设计与实现
|
Abstract:
针对智能车、网联车的高速发展所引发的车载信息安全问题设计了车载FlexRay总线安全协议。该协议包含两个模块:节点身份认证模块和网络安全加密模块。节点身份认证模块采用密钥交换算法以及非对称加密算法保证连入总线节点身份的合法性;网络安全加密模块采用对称加密算法以及哈希算法保证总线传输数据的机密性、真实性和新鲜性。与其他协议相比,该协议既能够提供节点的身份认证,又能在不影响总线实时通信的基础上保护总线的信息安全。实验结果表明,该协议能够在满足实时通信的基础上为汽车提供从启动到运行全方位的信息安全防护,提升了车载FlexRay总线的信息安全防护级别。
A security protocol for in??vehicle FlexRay buses is proposed in allusion to the in??vehicle information security issue caused by the rapid development of intelligent vehicles and networked vehicles. The protocol contains two modules: a node identity authentication module and a network security encryption module. The node identity authentication module uses a key exchange algorithm and a asymmetric encryption algorithm to ensure the identity legality of the connected node, and the network security encryption module uses the symmetric encryption algorithm and a hash algorithm to guarantee the confidentiality, authenticity and freshness of the data transmitted by a bus. Compared with previous protocols, the proposed protocol provides node identity authentication and protects the information security of the on??board bus without affecting the real??time communication of the bus. Experimental results show that the protocol provides all??round information security guarantee for buses from start??up to operation on the basis of real??time communication, and greatly improves the security level of the FlexRay bus information
| [1] | [1]于赫. 网联汽车信息安全问题及CAN总线异常检测技术研究 [D]. 长春: 吉林大学, 2016: 1??31. |
| [2] | [6]HENNIGER O. E??safety vehicle intrusion protected applications (EVITA) project [EB/OL]. (2008??07??31)[2017??10??05]. http∥www. evita. org. |
| [3] | [15]尹少平, 董丹. Diffie??Hellman密钥交换协议设计与实现 [J]. 电力学报, 2006, 21(1): 9??12. |
| [4] | YIN Shaoping, DONG Dan. Design and implemention of Diffie??Hellman key exchange protocol [J]. Journal of Electric Power, 2006, 21(1): 9??12. |
| [5] | [16]陈传波, 祝中涛. RSA算法应用及实现细节 [J]. 计算机工程与科学, 2006, 28(9): 13??14. |
| [6] | CHEN Chuanbo, ZHU Zhongtao. Research on the application and implementation of the RSA algorithm [J]. Computer Engineering and Science, 2006, 28(9): 13??14. |
| [7] | [17]RIVEST R L. The RC5 encryption algorithm [C]∥Proceedings of the International Workshop on Fast Software Encryption. Berlin, Germany: Springer, 1994: 86??96. |
| [8] | [2]MUNDHENK P, STEINHORST S, LUKASIEWYCZ M, et al. Lightweight authentication for secure automotive networks [C]∥Proceedings of the 2015 Design, Automation and Test in Europe Conference and Exhibition. Piscataway, NJ, USA: IEEE, 2015: 285??288. |
| [9] | [3]KOSCHER K, CZESKIS A, ROESNER F, et al. Experimental security analysis of a modern automobile [J]. IEEE Journal of Selected Topics in Quantum Electronics, 2010, 41(3): 447??462. |
| [10] | [8]GROLL A, HOLLE J, RULAND C, et al. Oversee a secure and open communication and runtime platform for innovative automotive applications [C]∥Proceedings of the 19th Intelligent Transport Systems World Congress. Piscataway, NJ, USA: IEEE, 2012: EU??00690. |
| [11] | [9]赵睿. 面向时间触发网络的车载控制系统调度优化方法与轻量级消息认证协议研究 [D]. 长春: 吉林大学, 2017: 10??15. |
| [12] | WU Shangze, QIN Guihe, LIU Yi, et al. A method for identifying authentication of dynamic passwords for in??vehicle controller area network buses [J]. Journal of Xi’an Jiaotong University, 2017, 51(6): 97??102. |
| [13] | [11]NILSSON D K, LARSON U E, JONSSON E. Efficient in??vehicle delayed data authentication based on compound message authentication codes [C]∥Proceeding of the 2008 IEEE 68th Vehicular Technology Conference. Piscataway, NJ, USA: IEEE, 2008: 1??5. |
| [14] | [12]GROZA B, MURVAY S. Efficient protocols for secure broadcast in controller area networks [J]. IEEE Transactions on Industrial Informatics, 2013, 9(4): 2034??2042. |
| [15] | [4]于赫, 秦贵和, 孙铭会, 等. 车载CAN总线网络安全问题及异常检测方法 [J]. 吉林大学学报(工学版), 2016, 46(4): 1246??1253. |
| [16] | YU He, QIN Guihe, SUN Minghui, et al. Cyber CAN bus network security problem and anomaly detection method [J]. Journal of Jilin University (Engineering Edition), 2016, 46(4): 1246??1253. |
| [17] | [5]WOO S, JO H J, LEE D H. A practical wireless attack on the connected car and security protocol for in??vehicle CAN [J]. IEEE Transactions on Intelligent Transportation Systems, 2015, 16(2): 990??1010. |
| [18] | [13]LIN C W, SANGIOVANNI??VINCENTELLI A. Cyber??security for the controller area network (CAN) communication protocol [C]∥Proceedings of the International Conference on Cyber Security. Piscataway, NJ, USA: IEEE Computer Society, 2012: 1??7. |
| [19] | [14]POP T, POP P, ELES P, et al. Timing analysis of the FlexRay communication protocol [J]. Real??Time Systems, 2008, 39(1/2/3): 205??235. |
| [20] | [7]CHOI J, JUNG S. Unified security architecture and protocols using third party identity in V2V and V2I networks [J]. Wireless Communications and Mobile Computing, 2012, 12(15): 1326??1337. |
| [21] | [10]吴尚则, 秦贵和, 刘毅, 等. 车载控制器局域网络总线的动态口令身份认证方法 [J]. 西安交通大学学报, 2017, 51(6): 97??102. |
