Conference paper
Formal Security Analysis of the MaCAN Protocol
Embedded real-time network protocols such as the CAN bus cannot rely on off-the-shelf schemes for authentication, because of the bandwidth limitations imposed by the network. As a result, both academia and industry have proposed custom protocols that meet such constraints, with solutions that may be deemed insecure if considered out of context.
MaCAN is one such compatible authentication protocol, proposed by Volkswagen Research and a strong candidate for being adopted by the automotive industry. In this work we formally analyse MaCAN with ProVerif, an automated protocol verifier. Our formal analysis identifies two flaws in the original protocol: one creates unavailability concerns during key establishment, and the other allows re-using authenticated signals for different purposes.
We propose and analyse a modification that improves its behaviour while fitting the constraints of CAN bus. Although the revised scheme improves the situation, it is still not completely secure. We argue that the modified protocol makes a good compromise between the desire to secure automotive systems and the limitations of CAN networks.
Language: | English |
---|---|
Publisher: | Springer |
Year: | 2014 |
Pages: | 241-255 |
Proceedings: | 11th International Conference on Integrated Formal Methods, IFM 2014International Conference on integrated Formal Methods |
Series: | Lecture Notes in Computer Science |
ISBN: | 3319101803 , 3319101811 , 9783319101804 and 9783319101811 |
ISSN: | 16113349 and 03029743 |
Types: | Conference paper |
DOI: | 10.1007/978-3-319-10181-1_15 |
ORCIDs: | Nielson, Flemming and Nielson, Hanne Riis |