DSR-CAAP: A Novel Denial of Service Resilient Channel-Aware Authenticated Key Exchange Protocol Suite for SAE J1939

IF 9.9 1区计算机科学 Q1 AUTOMATION & CONTROL SYSTEMS IEEE Transactions on Industrial Informatics Pub Date : 2024-09-23 DOI:10.1109/TII.2024.3452758

Basker Palaniswamy;Arijit Karati

{"title":"DSR-CAAP: A Novel Denial of Service Resilient Channel-Aware Authenticated Key Exchange Protocol Suite for SAE J1939","authors":"Basker Palaniswamy;Arijit Karati","doi":"10.1109/TII.2024.3452758","DOIUrl":null,"url":null,"abstract":"The SAE J1939, a higher-layer broadcast communication protocol with ISO 11898-1 specification at its lower layer, has significantly impacted the automobile industry. However, the SAE J1939 frames lack authenticity and secrecy, rendering it vulnerable to denial-of-service (DoS) attacks. While current authentications establish keys among electronic control units (ECUs), they abort ongoing sessions to re-initiate fresh sessions. We present DSR-CAAP, a robust authenticated key exchange protocol that establishes session keys among ECUs without aborting ongoing sessions during DoS and adaptive DoS. DSR-CAAP offers channel-aware key establishment using a hierarchical-challenge response mechanism. It is provably secure under the random oracle model and verified using the Tamarin. The empirical analysis reveals that DSR-CAAP supports comprehensive security attributes with enhanced 3R (robustness, reliability, and resilience) and reduces bus load, communication, computation, and energy costs. Besides, simulation in MATLAB 2023a reveals that DSR-CAAP outperforms existing protocols in communication response time. Thus, DSR-CAAP provides lightweight, secure solutions for in-vehicle heavy-duty vehicles.","PeriodicalId":13301,"journal":{"name":"IEEE Transactions on Industrial Informatics","volume":"21 1","pages":"445-454"},"PeriodicalIF":9.9000,"publicationDate":"2024-09-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Industrial Informatics","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10688398/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"AUTOMATION & CONTROL SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

The SAE J1939, a higher-layer broadcast communication protocol with ISO 11898-1 specification at its lower layer, has significantly impacted the automobile industry. However, the SAE J1939 frames lack authenticity and secrecy, rendering it vulnerable to denial-of-service (DoS) attacks. While current authentications establish keys among electronic control units (ECUs), they abort ongoing sessions to re-initiate fresh sessions. We present DSR-CAAP, a robust authenticated key exchange protocol that establishes session keys among ECUs without aborting ongoing sessions during DoS and adaptive DoS. DSR-CAAP offers channel-aware key establishment using a hierarchical-challenge response mechanism. It is provably secure under the random oracle model and verified using the Tamarin. The empirical analysis reveals that DSR-CAAP supports comprehensive security attributes with enhanced 3R (robustness, reliability, and resilience) and reduces bus load, communication, computation, and energy costs. Besides, simulation in MATLAB 2023a reveals that DSR-CAAP outperforms existing protocols in communication response time. Thus, DSR-CAAP provides lightweight, secure solutions for in-vehicle heavy-duty vehicles.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

DSR-CAAP：用于 SAE J1939 的新型抗拒绝服务通道感知认证密钥交换协议套件

SAE J1939是一种高层广播通信协议，其底层采用ISO 11898-1规范，对汽车行业产生了重大影响。然而，SAE J1939帧缺乏真实性和保密性，使其容易受到拒绝服务（DoS）攻击。当当前的身份验证在电子控制单元（ecu）之间建立密钥时，它们会中止正在进行的会话以重新启动新的会话。我们提出了DSR-CAAP，一种鲁棒的认证密钥交换协议，可以在ecu之间建立会话密钥，而不会在DoS和自适应DoS期间中止正在进行的会话。DSR-CAAP使用层次挑战响应机制提供通道感知密钥建立。在随机oracle模型下证明了该算法的安全性，并使用Tamarin进行了验证。实证分析表明，DSR-CAAP支持全面的安全属性，增强了3R（鲁棒性、可靠性和弹性），减少了总线负载、通信、计算和能源成本。此外，在MATLAB 2023a中的仿真表明，DSR-CAAP在通信响应时间上优于现有协议。因此，DSR-CAAP为车载重型车辆提供了轻量级、安全的解决方案。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

IEEE Transactions on Industrial Informatics 工程技术-工程：工业

CiteScore

24.10

自引率

8.90%

发文量

1202

审稿时长

5.1 months

期刊介绍： The IEEE Transactions on Industrial Informatics is a multidisciplinary journal dedicated to publishing technical papers that connect theory with practical applications of informatics in industrial settings. It focuses on the utilization of information in intelligent, distributed, and agile industrial automation and control systems. The scope includes topics such as knowledge-based and AI-enhanced automation, intelligent computer control systems, flexible and collaborative manufacturing, industrial informatics in software-defined vehicles and robotics, computer vision, industrial cyber-physical and industrial IoT systems, real-time and networked embedded systems, security in industrial processes, industrial communications, systems interoperability, and human-machine interaction.