A Controller Area Network Bus Identity Authentication Method Based on Hash Algorithm 2021-01-5077
With the development of vehicle intelligence and the Internet of Vehicles, how to protect the safety of the vehicle network system has become a focus issue that needs to be solved urgently. The Controller Area Network (CAN) bus is currently a very widely used vehicle-mounted bus, and its security largely determines the degree of vehicle-mounted information security. The CAN bus lacks adequate protection mechanisms and is vulnerable to external attacks such as replay attacks, modifying attacks, and so on. On the basis of the existing work, this paper proposes an authentication method that combines Hash-based Message Authentication Code (HMAC)-SHA256 and Tiny Encryption Algorithm (TEA) algorithms. This method is based on dynamic identity authentication in challenge/response made and combined with the characteristics of the CAN bus itself as it achieves the identity authentication between the gateway and multiple electronic control units (ECUs). In the authentication process, dynamic passwords are used to complete the identity authentication. In order to verify the validity of the authentication method proposed in this article, we built the authentication model in Matlab/Simulink and analyzed the authentication process in Matlab/canTool. Through data stream recording, busload analysis, and attack experiments using network attack models, it is shown that the authentication method proposed in this paper has a low busload, and it can achieve multi-node verification. Through comparison with Message Authentication Code (MAC) and Challenge/Response method, it can effectively deal with the replay attacks and modifying attacks. This method is a safe and reliable authentication method, which improves the safety of the CAN bus.