基于周期耦合处理的CAN总线数据组合加密方法

doi:10.11959/j.issn.1000-436x.2023017

通信学报 ›› 2023, Vol. 44 ›› Issue (1): 29-38.doi: 10.11959/j.issn.1000-436x.2023017

基于周期耦合处理的CAN总线数据组合加密方法

秦武韬¹, 王鹏¹, 李玉峰¹^,²

¹ 网络通信与安全紫金山实验室, 江苏南京 211111
² 上海大学计算机工程与科学学院, 上海 200444

修回日期:2022-12-01 出版日期:2023-01-25 发布日期:2023-01-01
作者简介:秦武韬（1993- ），男，安徽淮北人，博士，网络通信与安全紫金山实验室助理研究员，主要研究方向为多源信息融合、智能网联汽车纵深安全防护等
王鹏（1985- ），男，河南周口人，博士，网络通信与安全紫金山实验室副教授，主要研究方向为智能网联系统安全、网络空间安全等
李玉峰（1975- ），男，山东烟台人，博士，上海大学教授、博士生导师，主要研究方向为通信与信息系统、网络安全、物理信息系统广义功能安全等
基金资助:
国家自然科学基金资助项目(61702547);河南省重大科技专项资金资助项目(221100240100)

Combined encryption method for CAN bus data based on periodic coupled processing

Wutao QIN¹, Peng WANG¹, Yufeng LI¹^,²

¹ Purple Mountain Laboratories, Nanjing 211111, China
² School of Computer Engineering and Science, Shanghai University, Shanghai 200444, China

Revised:2022-12-01 Online:2023-01-25 Published:2023-01-01
Supported by:
The National Natural Science Foundation of China(61702547);Henan Science and Technology Major Project(221100240100)

摘要/Abstract

摘要：

针对智能网联时代控制器局域网络（CAN）总线传输轻量化安全加密的需求，提出了一种响应快、安全性高的CAN总线数据加密方法，针对64位CAN报文周期性发送特点，设计与报文传输周期耦合的在线离线分组加密方案，离线段利用高级加密标准生成动态会话密钥，在线段则利用动态会话密钥快速响应报文的分组加解密请求。通过离线段的预加密计算大幅降低在线计算时延，实现低时延、轻量化；同时，基于 CAN 各车载单元属性，利用基于密文策略的属性加密方法对 CAN 报文的分组密码进行加密、分发，通过数据发送单元制定的访问控制策略确保仅目标单元可解密分组密码，实现针对性加密。

关键词: CAN总线, 在线离线, 分组加密, 低时延加密, 网联汽车

Abstract:

In the intelligent connected age, CAN bus transmission faces the urgent demand of light weighted security encryption.Based on this, a fast response and high security CAN bus data encryption method was proposed.Since the 64 bit CAN packets were sent periodically, an online-offline block encryption algorithm coupled with message transmission cycle was proposed.In offline phase, the dynamic session key was generated by using advanced encryption standard.In online phase, the dynamic session key was used to quickly respond to encryption and decryption requests.The online computation delay was greatly reduced by the pre-encryption computation in offline phase, which helped achieving low latency and lightweight computation.At the same time, the ciphertext policy attribute based encryption was used to encrypt the block cipher.The access control policy made by the data sending OBU ensures that only the target OBU can decrypt the block cipher, so as to achieve targeted encryption.

Key words: CAN bus, online-offline, block encryption, low latency encryption, connected vehicle

中图分类号:

TN918.8

秦武韬, 王鹏, 李玉峰. 基于周期耦合处理的CAN总线数据组合加密方法[J]. 通信学报, 2023, 44(1): 29-38.

Wutao QIN, Peng WANG, Yufeng LI. Combined encryption method for CAN bus data based on periodic coupled processing[J]. Journal on Communications, 2023, 44(1): 29-38.

图/表 20

图1

图2

图3

图4

图5

图6

图7

图8

图9

图10

图11

图12

表1

图13

图14

表2

表3

图15

图16

图17

参考文献 17

[1]	YANG D G , JIANG K , ZHAO D ,et al. Intelligent and connected vehicles:current status and future perspectives[J]. Science China Technological Sciences, 2018,61(10): 1446-1471.
[2]	邬贺铨 . 5G 赋能智能网联汽车[J]. 智能网联汽车, 2019(1): 75-76.
	WU H Q . 5G enables intelligent connected vehicle[J]. Intelligent Connected Vehicles, 2019(1): 75-76.
[3]	吴武飞, 李仁发, 曾刚 ,等. 智能网联车网络安全研究综述[J]. 通信学报, 2020,41(6): 161-174.
	WU W F , LI R F , ZENG G ,et al. Survey of the intelligent and connected vehicle cybersecurity[J]. Journal on Communications, 2020,41(6): 161-174.
[4]	WANG H R , WANG Q D , CHEN W W ,et al. A novel path tracking approach considering safety of the intended functionality for autonomous vehicles[J]. Journal of Automobile Engineering, 2022,236(4): 738-752.
[5]	邬江兴 . 工业控制网络广义功能安全问题与解决之道[J]. 信息安全研究, 2022,8(6): 524-527.
	WU J X . Generalized functional safety problems and solutions in industry control network[J]. Journal of Information Security Research, 2022,8(6): 524-527.
[6]	CHEN W , CAI S W . Ad hoc peer-to-peer network architecture for vehicle safety communications[J]. IEEE Communications Magazine, 2005,43(4): 100-107.
[7]	LIMBASIYA T , DAS D . VCom:secure and efficient vehicle-to-vehicle message communication protocol[J]. IEEE Transactions on Network and Service Management, 2021,18(2): 2365-2376.
[8]	ZHANG Y N , LIU T Y , ZHAO H ,et al. Risk analysis of CAN bus and Ethernet communication security for intelligent connected vehicles[C]// Proceedings of 2021 IEEE International Conference on Artificial Intelligence and Industrial Design. Piscataway:IEEE Press, 2021: 291-295.
[9]	DIFFIA W , HELLAMN , MARTIN E . Exhaustive cryptanalysis of the NBS data encryption standard[J]. Computer, 1977,10(6): 74-84.
[10]	COPPERSMITH D , JOHNSON D B , MATYAS S M . A proposed mode for triple-DES encryption[J]. IBM Journal of Research and Development, 1996,40(2): 253-262.
[11]	BERTONI G , BREVEGLIERI L , KOREN I ,et al. Error analysis and detection procedures for a hardware implementation of the advanced encryption standard[J]. IEEE Transactions on Computers, 2003,52(4): 492-505.
[12]	曹春杰, 程大果, 王隆娟 ,等. 基于 AES 加密算法和轻量级 ROV的水质监测系统[J]. 通信学报, 2018,39(S2): 204-212.
	CAO C J , CHENG D G , WANG L J ,et al. Water quality monitoring system based on AES encryption algorithm and lightweight ROV[J]. Journal on Communications, 2018,39(S2): 204-212.
[13]	朱嘉桦 . 基于AES算法的CAN总线加密认证通信IP核设计与实现[D]. 西安:西安电子科技大学, 2021.
	ZHU J H . Design and implementation of CAN bus encrypted authentication communication IP based on AES algorithm[D]. Xi’an:Xidian University, 2021.
[14]	MOZAFFARI-KERMANI M , REYHANI-MASOLEH A . A low-cost S-box for the advanced encryption standard using normal basis[C]// Proceedings of 2009 IEEE International Conference on Electro/Information Technology. Piscataway:IEEE Press, 2009: 52-55.
[15]	BETHENCOURT J , SAHAI A , WATERS B . Ciphertext-policy attribute-based encryption[C]// Proceedings of 2007 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2007: 321-334.
[16]	LIU Z , CAO Z . On efficiently transferring the linear secret-sharing scheme matrix in ciphertext-policy attribute-based encryption[J]. The International Association for Cryptologic Research Cryptology ePrint Archive, 2010,2010: 374-401.
[17]	XIE Y , ZENG G , KURACHI R ,et al. Balancing bandwidth utilization and interrupts:two heuristic algorithms for the optimized design of automotive CPS[J]. IEEE Transactions on Industrial Informatics, 2020,16(4): 2382-2392.

统计项	密钥调整一位	明文调整一位
平均雪崩率	50.48%	49.88%
雪崩率1σ值	6.14%	6.40%
雪崩率3σ上下限	[32.06%, 68.90%]	[30.67%, 69.09%]
调整前	F1 5F EC A9	F1 5F EC A9
某帧密文	E8 D1 06 1F	E8 D1 06 1F
调整后	CF 98 A7 1E	FD 43 83 AF
	B0 93 EF 52	CF F2 F3 D5

统计项	DES	3DES	AES	OOAES
总耗时/ms	8.329	24.306	79.416	28.730
加密耗时/ms	4.002	11.982	14.009	14.334
解密耗时/ms	4.008	11.969	65.067	14.085
在线段运行耗时/ms	8.329	24.306	79.416	0.0853

统计项	数量/组
＜0.5 ms	60
0.55～0.65 ms	240
0.65～0.7 ms	117
0.7～0.75 ms	583
＞0.75 ms	0

基于周期耦合处理的CAN总线数据组合加密方法

Combined encryption method for CAN bus data based on periodic coupled processing

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 20

参考文献 17

相关文章 5

Metrics

推荐阅读 0

[1]	王亚华,凌玉华,廖力清,孙克辉,刘文浩. 基于动态子密钥的WSN混沌分组加密方案[J]. 通信学报, 2017, 38(12): 144-152.
[2]	陈铁明1,2，葛亮1. 面向无线传感器网络的混沌加密与消息鉴别算法[J]. 通信学报, 2013, 34(5): 13-120.
[3]	陈铁明,葛亮. 面向无线传感器网络的混沌加密与消息鉴别算法[J]. 通信学报, 2013, 34(5): 113-120.
[4]	吴颖芝,郝立波,陈炬桦. T型邻居细胞自动机的分组加密方法[J]. 通信学报, 2009, 30(11A): 52-61.
[5]	王永,杜茂康,廖晓峰. 基于时空混沌的分组加密算法[J]. 通信学报, 2007, 28(11A): 18-22.