Design of a message authentication protocol for CAN FD based on Chaskey lightweight MAC

The development of the autonomous driving and the connected services severely increase security threats on old automotive technologies that are still present on-board vehicles since the long incremental process were employed. For example, the Controller Area Network (CAN) bus, which was standardized in 1991, can be connected to modern Linux embedded computer nodes where evil attacker might be able to exploit a vulnerability on the nodes. However, it is not easy to implement countermeasures on the CAN bus, since the strict requirements and limited performances of CAN specification. That is one of the major reason for the new standard CAN Flexible Data-rate (CAN FD) has been released in 2012 by Bosch to fill the gap between these challenges and the CAN protocol. In this research, a new simple authentication protocol for CAN FD is proposed, and the protocol is evaluated by experiments. The results show that the proposed protocol prevents infected nodes from usurping identity of a critical node and forge messages, with practical computational complexity on modern low-power embedding boards.