Robust Multicast Origin Authentication in MACsec and CANsec for Automotive Scenarios

TL;DR

This paper proposes a multicast origin authentication mechanism for automotive Ethernet and CAN networks, utilizing TESLA-based strategies and interleaved keychains to enhance security and robustness under real-time constraints.

Contribution

It introduces a flexible, runtime-adaptable multicast authentication method suitable for resource-constrained automotive networks, addressing the lack of origin authentication in existing link-layer security.

Findings

Enhanced robustness to frame losses through interleaved keychains

Flexible authentication strategies enable optimal security-reliability-resource trade-offs

Applicable to Ethernet and CAN XL automotive networks

Abstract

Having everything interconnected through the Internet, including vehicle onboard systems, is making security a primary concern in the automotive domain as well. Although Ethernet and CAN XL provide link-level security based on symmetric cryptography, they do not support origin authentication for multicast transmissions. Asymmetric cryptography is unsuitable for networked embedded control systems with real-time constraints and limited computational resources. In these cases, solutions derived from the TESLA broadcast authentication protocol may constitute a more suitable option. In this paper, some such strategies are presented and analyzed that allow for multicast origin authentication, also improving robustness to frame losses by means of interleaved keychains. A flexible authentication mechanism that relies on a unified receiver is then proposed, which enables transmitters to select strategies at runtime, to achieve the best compromise among security, reliability, and resource consumption.