Probing Attacks on Physical Layer Key Agreement for Automotive Controller Area Networks (Extended Version)

Abstract

Efficient key management for automotive networks (CAN) is a critical element, governing the adoption of security in the next generation of vehicles. A recent promising approach for dynamic key agreement between groups of nodes, Plug-and-Secure for CAN, has been demonstrated to be information theoretically secure based on the physical properties of the CAN bus. In this paper, we illustrate side-channel attacks, leading to nearly-complete leakage of the secret key bits, by an adversary that is capable of probing the CAN bus. We identify the fundamental characteristics that lead to such attacks and propose techniques to minimize the information leakage at the hardware, controller and system levels.