A Hybrid-Cryptography Engine for Securing Intra-Vehicle Communications

Abstract

While technological advancements and their deep integration in connected and automated vehicles is a central aspect in the evolving trend of automotive industry, they also depict a growing size attack surface for malicious actors: the latter ones typically aim at exploiting known and unknown security vulnerabilities, with potentially disastrous consequences on the safety of vehicles, people, and infrastructures. In recent years, remarkable efforts have been spent to mitigate security vulnerabilities in intelligent and connected vehicles, in particular in the inside of vehicles, the so-called intra-vehicle networks. Despite those efforts, securing intra-vehicle networks remains a non-trivial task due to their heterogeneous and increasingly complex context. Starting from the above remarks and motivated by the industrial research and innovation project EMERGE, in this paper we report on a novel cryptographic hardware-software solution that we have designed and developed for securing the intra-vehicle network of intelligent connected vehicles: the Crypto-Engine. The Crypto-Engine relies on a lightweight hybrid-key cryptographic scheme to provide confidentiality and authentication without compromising the normal communication performance. We tested the Crypto-Engine and demonstrated that, once configured according to application-defined performance requirements, it can authenticate parties and secure the communications with a negligible overhead.