A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing

A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing

In connected cars with various electronic control unit (ECU) modules, Ethernet is used to communicate data received by the sensor in real time, but it is partially used alongside a controller area network (CAN) due to the cost. There are security threats in the CAN, such as replay attacks and denial...

Full description

Bibliographic Details
Main Authors: Insu Oh, Taeeun Kim, Kangbin Yim, Sun-Young Lee
Format: Article
Language:English
Published: MDPI AG 2019-09-01
Series:Sensors
Subjects:
controller area network (CAN)
format-preserving encryption (FPE)
connected car
preserving scheme
multi-access edge computing (MEC)
Online Access:https://www.mdpi.com/1424-8220/19/18/3869
id doaj-1ee7aaff195a4c6897670893b90156c5
record_format Article
spelling doaj-1ee7aaff195a4c6897670893b90156c52020-11-24T21:26:27ZengMDPI AGSensors1424-82202019-09-011918386910.3390/s19183869s19183869A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge ComputingInsu Oh0Taeeun Kim1Kangbin Yim2Sun-Young Lee3Department of Information Security Engineering, Soonchunhyang University, Asan 31538, KoreaDepartment of Information Security Engineering, Soonchunhyang University, Asan 31538, KoreaDepartment of Information Security Engineering, Soonchunhyang University, Asan 31538, KoreaDepartment of Information Security Engineering, Soonchunhyang University, Asan 31538, KoreaIn connected cars with various electronic control unit (ECU) modules, Ethernet is used to communicate data received by the sensor in real time, but it is partially used alongside a controller area network (CAN) due to the cost. There are security threats in the CAN, such as replay attacks and denial-of-service attacks, which can disrupt the driver or cause serious damage, such as a car accident through malicious manipulation. Although several secure protocols for protecting CAN messages have been proposed, they carry limitations, such as combining additional elements for security or modifying CAN messages with a limited length. Therefore, in this paper, we propose a method for encrypting the data frame, including real data in the CAN message structure, using format-preserving encryption (FPE), which ensures that the plaintext and ciphertext have the same format and length. In this way, block ciphers such as AES-128 must be divided into two or three blocks, but FPE can be processed simultaneously by encrypting them according to the CAN message format, thus providing better security against denial-of-service attacks. Based on the 150 ms CAN message, a normal message was received from a malicious message injection of 180 ms or more for AES-128 and a malicious message injection of 100 ms or more for FPE. Finally, based on the proposed scheme, a CAN transmission environment is constructed for analyzing the encryption/decryption rate and the process of transmitting and processing the encrypted message for connected cars in multi-access edge computing (MEC). This scheme is compared with other algorithms to verify that it can be used in a real environment.https://www.mdpi.com/1424-8220/19/18/3869controller area network (CAN)format-preserving encryption (FPE)connected carpreserving schememulti-access edge computing (MEC)
collection DOAJ
language English
format Article
sources DOAJ
author Insu Oh
Taeeun Kim
Kangbin Yim
Sun-Young Lee
spellingShingle Insu Oh
Taeeun Kim
Kangbin Yim
Sun-Young Lee
A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing
Sensors
controller area network (CAN)
format-preserving encryption (FPE)
connected car
preserving scheme
multi-access edge computing (MEC)
author_facet Insu Oh
Taeeun Kim
Kangbin Yim
Sun-Young Lee
author_sort Insu Oh
title A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing
title_short A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing
title_full A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing
title_fullStr A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing
title_full_unstemmed A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing
title_sort novel message-preserving scheme with format-preserving encryption for connected cars in multi-access edge computing
publisher MDPI AG
series Sensors
issn 1424-8220
publishDate 2019-09-01
description In connected cars with various electronic control unit (ECU) modules, Ethernet is used to communicate data received by the sensor in real time, but it is partially used alongside a controller area network (CAN) due to the cost. There are security threats in the CAN, such as replay attacks and denial-of-service attacks, which can disrupt the driver or cause serious damage, such as a car accident through malicious manipulation. Although several secure protocols for protecting CAN messages have been proposed, they carry limitations, such as combining additional elements for security or modifying CAN messages with a limited length. Therefore, in this paper, we propose a method for encrypting the data frame, including real data in the CAN message structure, using format-preserving encryption (FPE), which ensures that the plaintext and ciphertext have the same format and length. In this way, block ciphers such as AES-128 must be divided into two or three blocks, but FPE can be processed simultaneously by encrypting them according to the CAN message format, thus providing better security against denial-of-service attacks. Based on the 150 ms CAN message, a normal message was received from a malicious message injection of 180 ms or more for AES-128 and a malicious message injection of 100 ms or more for FPE. Finally, based on the proposed scheme, a CAN transmission environment is constructed for analyzing the encryption/decryption rate and the process of transmitting and processing the encrypted message for connected cars in multi-access edge computing (MEC). This scheme is compared with other algorithms to verify that it can be used in a real environment.
topic controller area network (CAN)
format-preserving encryption (FPE)
connected car
preserving scheme
multi-access edge computing (MEC)
url https://www.mdpi.com/1424-8220/19/18/3869
work_keys_str_mv AT insuoh anovelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing
AT taeeunkim anovelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing
AT kangbinyim anovelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing
AT sunyounglee anovelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing
AT insuoh novelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing
AT taeeunkim novelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing
AT kangbinyim novelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing
AT sunyounglee novelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing
_version_ 1725979644674441216

Similar Items