CANTO -- Covert AutheNtication with Timing channels over Optimized traffic flows for CAN
This work addresses security for automotive systems by improving covert authentication on CAN buses, though it is incremental as it builds on prior timing-based methods.
The authors tackled the problem of limited security in covert authentication on CAN buses by using optimization algorithms to schedule frames, achieving 4-5 bits of authentication data per frame and enabling higher security levels through accumulation over multiple frames.
Previous research works have endorsed the use of delays and clock skews for detecting intrusions or fingerprinting ECUs on the CAN bus. Similar techniques have been also proposed for establishing a time-covert cryptographic authentication channel, in this way cleverly removing the need for cryptographic material inside the limited payload of CAN frames. The main shortcoming of such works is the limited security level that can be achieved under normal CAN-bus traffic. In this work we endeavour to test the limits of the achievable security level by relying on optimization algorithms for scheduling CAN frames. Under practical bus allocations that are based on real-world scenarios, we are able to extract around 4--5 bits of authentication data from each frame which leads to an efficient intrusion detection and authentication mechanism. By accumulating covert channel data over several consecutive frames, we can achieve higher security levels that are in line with current security demands. To prove the correctness of our approach, we present experiments on state-of-the-art automotive-grade controllers (Infineon Aurix) and bus measurements with the use of industry standard tools, i.e., CANoe.