Approaches for Secure and Efficient In-Vehicle Key Management 2016-01-0070
Modern vehicles utilize various functionalities that require security solutions such as secure in-vehicle communication and ECU authentication. Cryptographic keys are the basis for such security solutions. We propose two approaches for secure and efficient invehicle key management. In both approaches, an ECU acting as a Key Master in the vehicle is required. The first approach is based on SHE. The Key Master generates and distributes new keys to all ECU based on the SHE key update protocol. The second approach performs key establishment based on key derivation. The Key Master sends a trigger in form of a counter and all ECUs derive new keys based on the received counter value and pre-shared keys. It is thus possible to handle in-vehicle key management without the need for an OEM backend to manage all keys. This reduces cost and complexity of the solution. It avoids using the same keys in a vehicle for long periods of time since keys can be updated regularly within the vehicle without any external interaction. We have implemented the approaches on a test bench and performed an evaluation. Approach 1 is more secure and takes roughly 32 ms per key to load into SHE. Approach 2 is more efficient and takes roughly 5 ms to generate all new keys on the ECUs.