Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

LIN-MM: Multiplexed Message Authentication Code for Local Interconnect Network message authentication in road vehicles

Franco Oberti, Ernesto Sanchez, Alessandro Savino, Filippo Parisi, Mirco Brero, Stefano Di Carlo

TL;DR

This work tackles the vulnerability of LIN-based automotive networks by introducing LIN-MM, a multiplexed MAC approach that embeds a cryptographic digest into the LIN signal via On-Off Keying without modifying the payload. By leveraging a 64-bit MAC (CMAC-128 AES-128-CBC) multiplexed into the 8-byte LIN payload, LIN-MM defends against Spoofing, MitM, and response-collision attacks while preserving backward compatibility and achieving low latency. Experimental LTSpice validation at 19.2 kbit/s demonstrates feasible integration with a modest ~2% hardware overhead and MAC recovery within a single LIN period (~50 μs). However, header-collision and DoS attacks remain challenging, motivating future work (Type-B) to extend integrity protections to LIN headers and support broader security guarantees in automotive networks.

Abstract

The automotive market is profitable for cyberattacks with the constant shift toward interconnected vehicles. Electronic Control Units (ECUs) installed on cars often operate in a critical and hostile environment. Hence, both carmakers and governments have supported initiatives to mitigate risks and threats belonging to the automotive domain. The Local Interconnect Network (LIN) is one of the most used communication protocols in the automotive field. Today's LIN buses have just a few light security mechanisms to assure integrity through Message Authentication Codes (MAC). However, several limitations with strong constraints make applying those techniques to LIN networks challenging, leaving several vehicles still unprotected. This paper presents LIN Multiplexed MAC (LINMM), a new approach for exploiting signal modulation to multiplex MAC data with standard LIN communication. LINMM allows for transmitting MAC payloads, maintaining fullback compatibility with all versions of the standard LIN protocol.

LIN-MM: Multiplexed Message Authentication Code for Local Interconnect Network message authentication in road vehicles

TL;DR

This work tackles the vulnerability of LIN-based automotive networks by introducing LIN-MM, a multiplexed MAC approach that embeds a cryptographic digest into the LIN signal via On-Off Keying without modifying the payload. By leveraging a 64-bit MAC (CMAC-128 AES-128-CBC) multiplexed into the 8-byte LIN payload, LIN-MM defends against Spoofing, MitM, and response-collision attacks while preserving backward compatibility and achieving low latency. Experimental LTSpice validation at 19.2 kbit/s demonstrates feasible integration with a modest ~2% hardware overhead and MAC recovery within a single LIN period (~50 μs). However, header-collision and DoS attacks remain challenging, motivating future work (Type-B) to extend integrity protections to LIN headers and support broader security guarantees in automotive networks.

Abstract

The automotive market is profitable for cyberattacks with the constant shift toward interconnected vehicles. Electronic Control Units (ECUs) installed on cars often operate in a critical and hostile environment. Hence, both carmakers and governments have supported initiatives to mitigate risks and threats belonging to the automotive domain. The Local Interconnect Network (LIN) is one of the most used communication protocols in the automotive field. Today's LIN buses have just a few light security mechanisms to assure integrity through Message Authentication Codes (MAC). However, several limitations with strong constraints make applying those techniques to LIN networks challenging, leaving several vehicles still unprotected. This paper presents LIN Multiplexed MAC (LINMM), a new approach for exploiting signal modulation to multiplex MAC data with standard LIN communication. LINMM allows for transmitting MAC payloads, maintaining fullback compatibility with all versions of the standard LIN protocol.
Paper Structure (11 sections, 13 figures)

This paper contains 11 sections, 13 figures.

Table of Contents

  1. Introduction
  2. LIN Protocol overview
  3. LIN attack vector analysis
  4. LIN-MM
  5. LIN-MM Slave Architecture
  6. LIN-MM Master
  7. Experimental results
  8. Functional validation
  9. Overhead evaluation
  10. Security analysis
  11. Conclusion

Figures (13)

  • Figure 1: LIN Network Scheme
  • Figure 2: LIN Frame Format
  • Figure 3: LIN Electrical Signal
  • Figure 4: LIN MitM Attack Scheme
  • Figure 5: LIN Transceiver Scheme
  • ...and 8 more figures