An Efficient Approach to Key Negotiation in an Automotive Environment 2019-01-0480
Negotiating Keys for applications such as message authentication within a vehicle presents many problems as, in designing the algorithm; the algorithm must be able to be utilized by small, fixed-point processors. In addition, if there is a desire to do this algorithm in the manufacturing environment, there are severe time constraints placed on how long this algorithm can take, as there are strict station time requirements, which are expensive to change, and any time utilized in the plant can negatively affect vehicle throughput. Additionally, negotiating these keys between many ECUs can greatly increase the time required to negotiate a common key using standard multi-party Diffie-Hellman. Timing would also be an issue in the case of using pair-wise Diffie-Hellman for encryption and distribution of keys utilizing a key master. To solve these problems in multi-party key negotiation, we have utilized the Elliptic Curve variation of the Burmester-Desmedt (ECBD) algorithm. ECBD is relatively fast for a large number of ECUs, though the primary benefit of utilizing this algorithm is that calculation times for key negotiation vary only slightly for a wide range of number of participants. This enables the easy planning of negotiation time based on the number of keys the vehicle requires without worrying about the number of ECUs that require each key. This approach also has advantages over key injection and direct key distribution schemes because it does not require a secure environment at any point in the process. Thus, ECBD can be implemented without a secure clean room in either the manufacturing or maintenance environments. This is especially valuable in the maintenance environment, as it enables easy compliance with right to repair laws without endangering vehicle cyber security.