| Summary: | The intelligentization and connectedness of vehicles make vehicle cybersecurity an important research topic. In-vehicle key management is a critical function in vehicle cybersecurity countermeasures. After describing previous research on vehicle key management and the development trend of vehicle network architecture, a key management scheme for in-vehicle multi-layer electronic control units (ECUs) is proposed. The scheme is based on authenticated key exchange protocol 2 (AKEP2) and on-the-air (OTA) technology. Then, the key storage and trusted key usage based on secure hardware are analyzed and studied. Moreover, the AES Counter with CBC-MAC (AES-CCM) algorithm, which uses fewer keys, is introduced to in-vehicle secure communication. The simulation analysis for the proposed OTA-based key update protocol verifies the protocol’s security. The validity of the hardware-based trusted key usage environment and the feasibility of the AES-CCM algorithm for the CAN FD bus are proven with corresponding experiments.
|
|---|
