Lightweight Encryption and Authentication for Controller Area Network of Autonomous Vehicles

With the rapid development of autonomous vehicles (AVs), vehicle safety has attracted attention. Controller area network (CAN) bus without authentication and encryption mechanisms is a weakness of the in-vehicle network (IVN), and attackers always primarily target the CAN bus. Attacks on the AVs' CAN bus are more frequent because AVs have more external interfaces and sensors than ordinary vehicles. To address the above mentioned issues, this paper proposes a lightweight encryption and authentication scheme for the CAN bus of AVs using message authentication codes and Grain stream cipher. The scheme realizes efficient authentication between electronic control units and a counter re-synchronization protocol is used to ensure that authentication failure owing to counter inconsistency is prevented. Blom key management scheme is employed to rapidly distribute and update session keys, avoiding the complicated process of updating pairwise keys. In addition, considering the scalability of the IVN, a key distribution protocol for new nodes was provided. The security proof using Burrows-Abadi-Needham logic and security analysis prove that the proposed scheme can satisfy the security requirements of the IVN. In addition, performance analysis shows that the proposed scheme can meet real-time requirements and has little impact on the busload.