Robust Multicast Origin Authentication in MACsec and CANsec for Automotive Scenarios
Gianluca Cena, Lucia Seno, Stefano Scanzio
TL;DR
The paper tackles multicast origin authentication in automotive networks where standard link-level security (MACsec/CANsec) lacks provenance guarantees. It introduces TESLA-based keychain strategies, including single and dual interleaved schemes, to provide immediate, loss-tolerant authentication while minimizing overhead. A unified receiver, TRUDI, is proposed to let the transmitter adapt authentication strategies at runtime based on network conditions, preserving security and reliability with flexible resource use. The work provides detailed analyses of overheads, key transmission efficiency, and security against seed-based brute-force attacks, and presents concrete configurations (e.g., sparse dual interleaving with n=1023, m=31) that achieve high efficiency and robust operation in realistic automotive timelines.
Abstract
Having everything interconnected through the Internet, including vehicle onboard systems, is making security a primary concern in the automotive domain as well. Although Ethernet and CAN XL provide link-level security based on symmetric cryptography, they do not support origin authentication for multicast transmissions. Asymmetric cryptography is unsuitable for networked embedded control systems with real-time constraints and limited computational resources. In these cases, solutions derived from the TESLA broadcast authentication protocol may constitute a more suitable option. In this paper, some such strategies are presented and analyzed that allow for multicast origin authentication, also improving robustness to frame losses by means of interleaved keychains. A flexible authentication mechanism that relies on a unified receiver is then proposed, which enables transmitters to select strategies at runtime, to achieve the best compromise among security, reliability, and resource consumption.