Abstract

The CAN network bus is one of the most widely used buses in the vehicle, but the lack of sufficient security mechanisms allows criminals to maliciously attack the vehicle, which is a very serious security risk. In this paper, an identity-based encryption algorithm is used to design a secure communication protocol for an in-vehicle CAN network. Compared with the method based on digital certificates, it reduces the overhead of verification, management, and storage of digital certificates. The combination of asymmetric key and symmetric key ensures sufficient security and a small-time cost for the data communication phase. In addition, the Hash Message Authentication Code (HMAC) is used to ensure the integrity and authenticity of the data during the transmission phase. Experimental results show that the proposed protocol can resist forgery attacks, tampering attacks, and replay attacks, and meet the real-time requirements of automotive-grade microcontrollers.