Fast and Efficient Group Key Exchange in Controller Area Networks (CAN)

Abstract

The security of vehicle communication buses and electronic control units has received much attention in the recent years. However, while essential for practical deployments, the problem of securely exchanging cryptographic keys between electronic control units on the CAN bus received little attention so far. In this work, we evaluate group extensions of a regular key exchange protocol, i.e., the elliptic curve version of the Diffie-Hellman protocol, by using both a standardized NIST elliptic curve as well as the faster, more recently proposed Four <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$\mathbb {Q}$</tex-math></inline-formula> curve. We deploy protocol implementations and determine crisp performance bounds on real-world automotive-grade platforms with Infineon and ARM cores. For an up-to-date analysis, we use both CAN and its more recent extension CAN-FD as communication layers. Roughly, the computational runtime of the key exchange protocol scales logarithmically or linearly with the number of nodes, depending on the protocol version. The computational time proves to be more critical than bandwidth due to the more demanding elliptic curve operations.