Decrypting the Encryption Algorithms Implemented in Automotive Cybersecurity

Decrypting the Encryption Algorithms Implemented in Automotive Cybersecurity

Modern automobiles are highly connected entities and the need to safeguard these complex systems against cyber threats has never been more critical.

According to an Upstream report, in the year 2022, there was a 380% increase in automated Application Programming Interface (API) attacks.

The advent of Vehicular Ad Hoc Networks (VANETs) marks a significant leap forward in enhancing vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communication, promising to revolutionize our driving experiences. However, with great connectivity comes great vulnerability.

Cybersecurity in the automotive sector has thus shifted gears, focusing on implementing robust cryptography algorithms to shield these networks from potential cyber-attacks.

This blog post dives into the intricate world of cryptography algorithms deployed in automotive cybersecurity, offering a glimpse into how these crypto algorithms stand guard over the vehicles’ digital integrity.

From ensuring the confidentiality and integrity of the data transmitted between vehicles to authenticating the myriad of messages exchanged within these networks, cryptographic algorithms are the unsung heroes of automotive cybersecurity.

Commonly Used Cryptography Algorithms in Automotive Cybersecurity

We discuss various cryptographic solutions, including symmetric, asymmetric, and lightweight protocols, aimed at ensuring secure, efficient, and privacy-preserving communication within automotive systems.

Our article emphasizes the importance of developing and implementing advanced cryptographic techniques to safeguard against evolving cybersecurity threats in the automotive industry.

 

In the development of automotive cybersecurity solutions, various encryption algorithms are employed to ensure the confidentiality, integrity, and authenticity of data. These algorithms are crucial for protecting communications within the vehicle’s network, as well as between the vehicle and external networks or devices. Following are the most commonly used algorithms for automotive cybersecurity:

• Advanced Encryption Standard (AES): AES is a symmetric key encryption algorithm widely used for its efficiency and strong security. It is often utilized in securing communications between electronic control units (ECUs) within vehicles and for encrypting data transmitted externally, such as via telematics.

  A vehicle’s infotainment system, which communicates with the engine control module (ECM) to display vehicle performance data may use AES to encrypt this data. This ensures that any intercepted communication cannot be deciphered by unauthorized parties, protecting the integrity and confidentiality of sensitive vehicle data.

• Rivest-Shamir-Adleman (RSA): RSA is an asymmetric encryption algorithm that is primarily used for secure data transmission. In automotive systems, it’s often employed for securing software updates and ensuring the authenticity of messages through digital signatures.

When a car receives an over-the-air (OTA) software update, RSA is used to verify the authenticity of the update package. The update server signs the package with a private key, and the vehicle uses the corresponding public key to verify the signature, ensuring the update is genuine and has not been tampered with.

• Elliptic Curve Cryptography (ECC): ECC provides similar levels of security to RSA but with smaller key sizes, making it more efficient for use in systems with limited computational resources. It’s used in various applications, including key exchange protocols and digital signatures in automotive systems.

  In keyless entry systems, ECC can be used for the key exchange protocol between the key fob and the vehicle, ensuring that the communication is secure and resistant to eavesdropping, even if the signal is intercepted.

• Secure Hash Algorithm (SHA): Though not an encryption algorithm per se, SHA is used for creating hash values from data to ensure data integrity. SHA-256 and SHA-3 are among the variants used in automotive systems for verifying software integrity and authenticity.

  Before installing a new firmware update, a vehicle can use SHA-256 to verify the integrity of the downloaded firmware package. The vehicle computes a hash of the package and compares it to the hash provided by the manufacturer. If they match, it confirms that the package has not been altered or corrupted.

• Transport Layer Security (TLS): TLS and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide secure communication over a computer network. In automotive systems, TLS is used to secure communications between the vehicle and external servers, such as for over-the-air (OTA) updates and telematics services.

  When a vehicle transmits diagnostic data to the manufacturer’s server or retrieves traffic information from a telematics service, TLS is used to encrypt the data in transit, protecting it from interception and ensuring that the vehicle is communicating with a legitimate server.

• Symmetric Key Algorithms (like DES, 3DES): While AES has largely replaced DES (Data Encryption Standard) and 3DES (Triple DES) due to their vulnerabilities, some legacy systems might still use these for compatibility reasons. They are generally considered less secure than AES.

  A legacy telematics system within a vehicle that was designed before the widespread adoption of AES might use 3DES for encrypting data transmissions. Despite its vulnerabilities, 3DES would provide a baseline level of security for communications, albeit with recommendations for upgrading to more secure algorithms like AES.

How to Pick the Right Cybersecurity Algorithm for the Target Automotive Solution?

Choosing the right encryption algorithm for automotive applications depends on balancing security needs with the system’s limitations and the type of data being protected. Confidentiality, Data Integrity, Authentication and Non-repudiation are the pillars of modern cryptographic principles.

• Confidentiality ensures only authorized parties can access information.
• Data integrity guarantees information is not altered unauthorizedly, preserving accuracy.
• Authentication verifies the identity of parties involved in communication, confirming they are who they claim to be.
• Non-repudiation prevents entities from denying their actions, providing proof of involvement in a communication or transaction.

Together, these principles form a comprehensive framework for secure communication, ensuring trust and reliability in digital interactions.

Another factor that impacts choice of cryptographic algorithm is system design consideration.

These considerations include processing power, memory constraints, energy consumption, real-time operation requirements, and the system’s ability to handle computational load without impacting functionality.

For example, high-performance ECUs can manage more complex algorithms like RSA for secure communications, while energy-efficient systems might opt for ECC due to its lower computational requirements.

Additionally, the need for real-time processing in safety-critical applications necessitates the selection of algorithms that balance security with minimal latency. Ensuring the encryption approach aligns with these design parameters is crucial for maintaining both the vehicle’s security posture and its operational efficiency.

Let’s dive a little deeper into more such considerations that significantly impacts the choice of encryption algorithm:

Application Requirements

• Confidentiality: AES is chosen for transmitting sensitive data due to its strong encryption capabilities, making it difficult for unauthorized parties to decrypt the information without the correct key.
• Integrity and Authentication: Applications that require data to be authenticated, like OTA updates, benefit from RSA or ECC, which enable digital signatures. These signatures verify the data’s origin and integrity, ensuring it hasn’t been tampered with during transmission.

Evaluate System Resources

• Computational Power: Devices with limited computational resources might opt for ECC over RSA for key exchange and digital signatures because ECC provides similar levels of security with smaller key sizes, reducing the computational load.
• Network Bandwidth: In scenarios like V2X communication, where efficiency and speed are crucial, ECC’s smaller key sizes also mean less data is transmitted over the network, improving communication efficiency.

Security Requirements

• Data Protection Level: The choice of algorithm (e.g., AES-128 vs. AES-256) can depend on the level of security required. AES-256 provides a higher security level but requires more computational resources.
• Long-term Security: For components that are not updated frequently, selecting algorithms that are resistant to future threats, including quantum computing attacks, is crucial. Certain ECC curves are believed to offer quantum resistance.

Regulatory and Standards Compliance and Inoperability

Compliance with industry standards and regulations ensures that the security measures adopted are recognized and approved, minimizing legal and operational risks.

The chosen encryption methods must ensure seamless communication and compatibility with other systems, components, and infrastructures within the automotive ecosystem, avoiding proprietary solutions that could hinder integration.

Conclusion

As the automotive industry continues to integrate more sophisticated technologies, the importance of employing robust encryption methods cannot be overstated.

Encryption algorithms such as AES, RSA, ECC, and protocols like TLS, along with the use of hash functions like SHA, are foundational to securing the complex ecosystem of modern vehicles.

Autonomous vehicles, electric vehicles, V2X are all examples of how automotive cybersecurity is poised to become a core aspect of automotive ecosystem.

By prioritizing security in the development of new vehicle features, the automotive industry can ensure that vehicles remain not only advanced and interconnected but also safe and reliable in the face of ever-evolving cyber threats.

This proactive approach to cybersecurity is essential in fostering consumer trust and ensuring the successful adoption of future automotive innovations.

This entry was posted in Embedded Blog, Blog by Embitel. Bookmark the permalink