Lightweight Crypto Stack for TPMS Using Lesamnta-LW

• Main Authors: Yuhei Watanabe, Hideki Yamamoto, Hirotaka Yoshida
• Format: Article
• Language: English
• Published: Hindawi-Wiley 2020-01-01
• Series: Security and Communication Networks
• Online Access: http://dx.doi.org/10.1155/2020/5738215

Modern vehicles which have internal sensor networks are one of the examples of a cyberphysical system (CPS). The tire pressure monitoring system (TPMS) is used to monitor the pressure of the tires and to inform the driver of them. This system is mandatory for vehicles in the US and EU. To ensure the security of TPMS, it is important to reduce the cost of the cryptographic mechanisms implemented in resource-constrained devices. To address this problem, previous works have proposed countermeasures employing lightweight block ciphers such as PRESENT, SPECK, or KATAN. However, it is not clear to us that any of these works have addressed the issues of software optimization that considers TPMS packet protection as well as session key updates for architectures consisting of the vehicle TPMS ECU and four low-cost TPMS sensors equipped with the tires. In this paper, we propose the application of ISO/IEC 29192-5 lightweight hash function Lesamnta-LW to address these issues. When we apply cryptographic mechanisms to a practical system, we consider the lightweight crypto stack which contains cryptographic mechanisms, specifications for the implementation, and performance evaluation. Our approach is to apply the known method of converting Lesamnta-LW to multiple independent pseudorandom functions (PRFs) in TPMS. In our case, we generate five PRFs this way and then use one PRF for MAC generation and four for key derivation. We use the internal AES-based block cipher of Lesamnta-LW for encryption. Although we follow the NIST SP 800-108 framework of converting PRFs to key derivation functions, we confirm the significant advantage of Lesamnta-LW-based PRFs over HMAC-SHA-256 by evaluating the performance on AVR 8-bit microcontrollers, on which we consider simulating TPMS sensors. We expect that our method to achieve multiple purposes with a single cryptographic primitive will help us to reduce the total implementation cost required for TPMS security.