针对CAN(controller area network)协议安全性及防护能力不足的问题,提出基于CAN总线的服务化安全通信方案,采用软件加强的方式满足车内通信的安全要求.通过对功能进行服务化定义、采用随机密钥与Seed-Key认证的方式,使CAN总线具有机密性、真实性和抗重放攻击的能力,同时不会增加网络负载.利用蓝牙模块和车身模块作为试验平台,针对蓝牙解锁功能,对所提出的CAN安全通信方案进行了验证,并采用不同的算法(AES128、、HMAC)满足信息安全防护要求和客户感知要求,同时该协议表现出良好的可靠性.
Service-oriented Secure Communication Scheme Based on CAN Protocol
Aiming at the secure communication shortage of CAN protocol,a service-oriented secure communication scheme based on CAN bus is proposed,which uses software reinforcement to achieve the safety requirements of in-car communication.By defining functions in a service-oriented manner and using random keys and Seed-Key authentication,the CAN bus is made to have confidentiality,authenticity,and the ability to resist replay attacks without increasing network busload.Using Bluetooth module and body module as experimental platforms,the proposed CAN bus secure communication is analyzed and evaluated for actual Bluetooth unlocking function.The results show that using different algorithms(AES128,HMAC)can meet the requirements of information security protection and customer perception,and the protocol exhibits good reliability.
secure communicationservice-orientedrandom keysecurity authenticationCAN bus
万方数据
维普
