Cargando…
A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing
In connected cars with various electronic control unit (ECU) modules, Ethernet is used to communicate data received by the sensor in real time, but it is partially used alongside a controller area network (CAN) due to the cost. There are security threats in the CAN, such as replay attacks and denial...
Autores principales: | , , , |
---|---|
Formato: | Online Artículo Texto |
Lenguaje: | English |
Publicado: |
MDPI
2019
|
Materias: | |
Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6766819/ https://www.ncbi.nlm.nih.gov/pubmed/31500320 http://dx.doi.org/10.3390/s19183869 |
_version_ | 1783454774923886592 |
---|---|
author | Oh, Insu Kim, Taeeun Yim, Kangbin Lee, Sun-Young |
author_facet | Oh, Insu Kim, Taeeun Yim, Kangbin Lee, Sun-Young |
author_sort | Oh, Insu |
collection | PubMed |
description | In connected cars with various electronic control unit (ECU) modules, Ethernet is used to communicate data received by the sensor in real time, but it is partially used alongside a controller area network (CAN) due to the cost. There are security threats in the CAN, such as replay attacks and denial-of-service attacks, which can disrupt the driver or cause serious damage, such as a car accident through malicious manipulation. Although several secure protocols for protecting CAN messages have been proposed, they carry limitations, such as combining additional elements for security or modifying CAN messages with a limited length. Therefore, in this paper, we propose a method for encrypting the data frame, including real data in the CAN message structure, using format-preserving encryption (FPE), which ensures that the plaintext and ciphertext have the same format and length. In this way, block ciphers such as AES-128 must be divided into two or three blocks, but FPE can be processed simultaneously by encrypting them according to the CAN message format, thus providing better security against denial-of-service attacks. Based on the 150 ms CAN message, a normal message was received from a malicious message injection of 180 ms or more for AES-128 and a malicious message injection of 100 ms or more for FPE. Finally, based on the proposed scheme, a CAN transmission environment is constructed for analyzing the encryption/decryption rate and the process of transmitting and processing the encrypted message for connected cars in multi-access edge computing (MEC). This scheme is compared with other algorithms to verify that it can be used in a real environment. |
format | Online Article Text |
id | pubmed-6766819 |
institution | National Center for Biotechnology Information |
language | English |
publishDate | 2019 |
publisher | MDPI |
record_format | MEDLINE/PubMed |
spelling | pubmed-67668192019-10-02 A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing Oh, Insu Kim, Taeeun Yim, Kangbin Lee, Sun-Young Sensors (Basel) Article In connected cars with various electronic control unit (ECU) modules, Ethernet is used to communicate data received by the sensor in real time, but it is partially used alongside a controller area network (CAN) due to the cost. There are security threats in the CAN, such as replay attacks and denial-of-service attacks, which can disrupt the driver or cause serious damage, such as a car accident through malicious manipulation. Although several secure protocols for protecting CAN messages have been proposed, they carry limitations, such as combining additional elements for security or modifying CAN messages with a limited length. Therefore, in this paper, we propose a method for encrypting the data frame, including real data in the CAN message structure, using format-preserving encryption (FPE), which ensures that the plaintext and ciphertext have the same format and length. In this way, block ciphers such as AES-128 must be divided into two or three blocks, but FPE can be processed simultaneously by encrypting them according to the CAN message format, thus providing better security against denial-of-service attacks. Based on the 150 ms CAN message, a normal message was received from a malicious message injection of 180 ms or more for AES-128 and a malicious message injection of 100 ms or more for FPE. Finally, based on the proposed scheme, a CAN transmission environment is constructed for analyzing the encryption/decryption rate and the process of transmitting and processing the encrypted message for connected cars in multi-access edge computing (MEC). This scheme is compared with other algorithms to verify that it can be used in a real environment. MDPI 2019-09-07 /pmc/articles/PMC6766819/ /pubmed/31500320 http://dx.doi.org/10.3390/s19183869 Text en © 2019 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/). |
spellingShingle | Article Oh, Insu Kim, Taeeun Yim, Kangbin Lee, Sun-Young A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing |
title | A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing |
title_full | A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing |
title_fullStr | A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing |
title_full_unstemmed | A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing |
title_short | A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing |
title_sort | novel message-preserving scheme with format-preserving encryption for connected cars in multi-access edge computing |
topic | Article |
url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6766819/ https://www.ncbi.nlm.nih.gov/pubmed/31500320 http://dx.doi.org/10.3390/s19183869 |
work_keys_str_mv | AT ohinsu anovelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing AT kimtaeeun anovelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing AT yimkangbin anovelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing AT leesunyoung anovelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing AT ohinsu novelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing AT kimtaeeun novelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing AT yimkangbin novelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing AT leesunyoung novelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing |