A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing
In connected cars with various electronic control unit (ECU) modules, Ethernet is used to communicate data received by the sensor in real time, but it is partially used alongside a controller area network (CAN) due to the cost. There are security threats in the CAN, such as replay attacks and denial...
Main Authors: | , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2019-09-01
|
Series: | Sensors |
Subjects: | |
Online Access: | https://www.mdpi.com/1424-8220/19/18/3869 |
id |
doaj-1ee7aaff195a4c6897670893b90156c5 |
---|---|
record_format |
Article |
spelling |
doaj-1ee7aaff195a4c6897670893b90156c52020-11-24T21:26:27ZengMDPI AGSensors1424-82202019-09-011918386910.3390/s19183869s19183869A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge ComputingInsu Oh0Taeeun Kim1Kangbin Yim2Sun-Young Lee3Department of Information Security Engineering, Soonchunhyang University, Asan 31538, KoreaDepartment of Information Security Engineering, Soonchunhyang University, Asan 31538, KoreaDepartment of Information Security Engineering, Soonchunhyang University, Asan 31538, KoreaDepartment of Information Security Engineering, Soonchunhyang University, Asan 31538, KoreaIn connected cars with various electronic control unit (ECU) modules, Ethernet is used to communicate data received by the sensor in real time, but it is partially used alongside a controller area network (CAN) due to the cost. There are security threats in the CAN, such as replay attacks and denial-of-service attacks, which can disrupt the driver or cause serious damage, such as a car accident through malicious manipulation. Although several secure protocols for protecting CAN messages have been proposed, they carry limitations, such as combining additional elements for security or modifying CAN messages with a limited length. Therefore, in this paper, we propose a method for encrypting the data frame, including real data in the CAN message structure, using format-preserving encryption (FPE), which ensures that the plaintext and ciphertext have the same format and length. In this way, block ciphers such as AES-128 must be divided into two or three blocks, but FPE can be processed simultaneously by encrypting them according to the CAN message format, thus providing better security against denial-of-service attacks. Based on the 150 ms CAN message, a normal message was received from a malicious message injection of 180 ms or more for AES-128 and a malicious message injection of 100 ms or more for FPE. Finally, based on the proposed scheme, a CAN transmission environment is constructed for analyzing the encryption/decryption rate and the process of transmitting and processing the encrypted message for connected cars in multi-access edge computing (MEC). This scheme is compared with other algorithms to verify that it can be used in a real environment.https://www.mdpi.com/1424-8220/19/18/3869controller area network (CAN)format-preserving encryption (FPE)connected carpreserving schememulti-access edge computing (MEC) |
collection |
DOAJ |
language |
English |
format |
Article |
sources |
DOAJ |
author |
Insu Oh Taeeun Kim Kangbin Yim Sun-Young Lee |
spellingShingle |
Insu Oh Taeeun Kim Kangbin Yim Sun-Young Lee A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing Sensors controller area network (CAN) format-preserving encryption (FPE) connected car preserving scheme multi-access edge computing (MEC) |
author_facet |
Insu Oh Taeeun Kim Kangbin Yim Sun-Young Lee |
author_sort |
Insu Oh |
title |
A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing |
title_short |
A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing |
title_full |
A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing |
title_fullStr |
A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing |
title_full_unstemmed |
A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing |
title_sort |
novel message-preserving scheme with format-preserving encryption for connected cars in multi-access edge computing |
publisher |
MDPI AG |
series |
Sensors |
issn |
1424-8220 |
publishDate |
2019-09-01 |
description |
In connected cars with various electronic control unit (ECU) modules, Ethernet is used to communicate data received by the sensor in real time, but it is partially used alongside a controller area network (CAN) due to the cost. There are security threats in the CAN, such as replay attacks and denial-of-service attacks, which can disrupt the driver or cause serious damage, such as a car accident through malicious manipulation. Although several secure protocols for protecting CAN messages have been proposed, they carry limitations, such as combining additional elements for security or modifying CAN messages with a limited length. Therefore, in this paper, we propose a method for encrypting the data frame, including real data in the CAN message structure, using format-preserving encryption (FPE), which ensures that the plaintext and ciphertext have the same format and length. In this way, block ciphers such as AES-128 must be divided into two or three blocks, but FPE can be processed simultaneously by encrypting them according to the CAN message format, thus providing better security against denial-of-service attacks. Based on the 150 ms CAN message, a normal message was received from a malicious message injection of 180 ms or more for AES-128 and a malicious message injection of 100 ms or more for FPE. Finally, based on the proposed scheme, a CAN transmission environment is constructed for analyzing the encryption/decryption rate and the process of transmitting and processing the encrypted message for connected cars in multi-access edge computing (MEC). This scheme is compared with other algorithms to verify that it can be used in a real environment. |
topic |
controller area network (CAN) format-preserving encryption (FPE) connected car preserving scheme multi-access edge computing (MEC) |
url |
https://www.mdpi.com/1424-8220/19/18/3869 |
work_keys_str_mv |
AT insuoh anovelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing AT taeeunkim anovelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing AT kangbinyim anovelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing AT sunyounglee anovelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing AT insuoh novelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing AT taeeunkim novelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing AT kangbinyim novelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing AT sunyounglee novelmessagepreservingschemewithformatpreservingencryptionforconnectedcarsinmultiaccessedgecomputing |
_version_ |
1725979644674441216 |