MAuth-CAN: Masquerade-Attack-Proof Authentication for In-Vehicle Networks

Numerous hacking attempts on modern vehicles have recently demonstrated that an adversary can remotely control a vehicle using vulnerable telematics services. In these attempts, a masquerade attack impersonating some safety-critical electronic control units (ECUs) is usually performed to control a vehicle. In the last decade, several message authentication protocols for controller area network (CAN) have been proposed to protect vehicles from masquerade attacks. However, some message authentication protocols are not enough to protect a vehicle from masquerade attacks by compromised ECUs. Other protocols that are secure against masquerade attacks fill the network capacity of CAN up to 100% or require hardware modifications of the CAN-controller, dedicated hardware used for CAN communications. In this paper, we propose a new authentication protocol, MAuth-CAN, that is secure against masquerade attacks. MAuth-CAN neither fills up to 100% of the network capacity nor requires hardware modifications of a CAN-controller. In addition, we propose a technique that protects ECUs from bus-off attacks, and apply the technique to MAuth-CAN for handling bus-off attacks.