The increasing complexity of automotive electronics and the communication of cars with the external environment have led to extensive security issues. The car industry is moving towards the use of Ethernet backbones to improve the performance and reduce the complexity of in-car networks. In this paper, we propose a security solution for automotive Ethernet-based communications. We designed a hardware Media Access Control (MAC) layer based on the MAC Security Standard (MACsec) that considers the specific constraints of the automotive world in terms of latency, throughput and area. From a security point of view, our solution guarantees the confidentiality, integrity and authenticity of data. Furthermore, the system can be configured before synthesis to meet the security needs of the context in which the Ethernet communication is used. We synthesized our architecture on a low-power 28(Formula presented.)nm standard-cell CMOS technology, which is appropriate for automotive microcontrollers. The results show that our implementation is suitable for 100(Formula presented.)Mbps, 1(Formula presented.)Gbps and 10(Formula presented.)Gbps Ethernet speeds introducing less than 350(Formula presented.)ns of latency. The size of the circuit varies from 285 to 622 kgates depending on the required level of security and the required features
The continuous increase in complexity in automotive\ud electronics has led to cars that include up to 80 Electronic\ud Control Units (ECUs). As a consequence, in-car networks are\ud currently up to their limit in terms of data load, flexibility and\ud bandwidth. The Ethernet backbone is thus considered as the best\ud performing solution. On the other hand, the growing interconnection\ud of cars with the external world requires high security\ud standards in order to prevent safety risks for car passengers.\ud The IEEE 802.1AE MAC Security Standard (MACSec) solves the\ud security issues of Ethernet networks by providing confidentiality,\ud authenticity and integrity of data. This paper presents an efficient\ud hardware implementation of the MACSec standard for the\ud automotive world. The system was synthesized on a Stratix\ud V FPGA and on a 28nm standard-cell CMOS technology. In\ud terms of maximum throughput, the FPGA results in 1.1 Gbps\ud while the standard-cell technology reaches 3.9 Gbps. The FPGA\ud implementation occupies 4.5% of the Adaptive Logic Modules\ud (ALMs) while the standard-cell one gives a 285 kgate size. The\ud proposed architecture represents a suitable implementation for a\ud low area and high-performance solution as usually required by\ud in-car network controllers
Modern networks have critical security needs and a suitable level of protection and performance is usually achieved with the use of dedicated hardware cryptographic cores. Although the Advanced Encryption Standard (AES) is considered the best approach when symmetric cryptography is required, one of its main weaknesses lies in its measurable power consumption. Side-Channel Attacks (SCAs) use this emitted power to analyse and revert the mathematical steps and extract the encryption key. Nowadays they exist several dedicated equipments and workstations for SCA weaknesses analysis and the evaluation of the related countermeasures, but they can present significant drawbacks as an high cost for the instrumentation or, in case of cheaper instrumentation, the need to underclock the physical circuit implementing the AES cipher, in order to adapt the circuit clock frequency accordingly to the power sampling rate of ADCs or oscilloscopes bandwidth. In this work we proposed a methodology for Correlation and Differential Power Analysis against hardware implementations of an AES core, relying only on a simulative approach. Our solution extracts simulated power traces from a gate-level netlist and then elaborates them using mathematical-statistical procedures. The main advantage of our solution is that it allows to emulate a real attack scenario based on emitted power analysis, without requiring any additional physical circuit or dedicated equipment for power samples acquisition, neither modifying the working conditions of the target application context (such as the circuit clock frequency). Thus our approach can be used to validate and benchmark any SCA countermeasure during an early step of the design, thereby shortening and helping the designers to find the best solution during a preliminary phase and potentially without additional costs.
Systems-on-a-Chip are among the best-performing and complete solutions for complex electronic systems. This is also true in the field of network security, an application requiring high performance with low resource usage. This work presents an Advanced Encryption Standard implementation for Systems-on-a-Chip using as a reference the Cipher Block Chaining mode. In particular, a flexible interface based and the Advanced Peripheral Bus to integrate the encryption algorithm with any kind of processor is presented. The hardware-software approach of the architecture is also analyzed and described. The final system was integrated on a Xilinx Zynq 7000 to prototype and evaluate the idea. Results show that our solution demonstrates good performance and flexibility with low resource usage, occupying less than 2% of the Zynq 7000 with a throughput of 320 Mbps. The architecture is suitable when implementations of symmetric encryption algorithms for modern Systems-on-a-Chip are required
Modern networks have critical security needs and a suitable level of protection and performance is usually achieved with the use of dedicated hardware cryptographic cores. Although the Advanced Encryption Standard (AES) is considered the best approach when symmetric cryptography is required, one of its main weaknesses lies in its measurable power consumption. Side-Channel Attacks (SCAs) use this emitted power to analyse and revert the mathematical steps and extract the encryption key. Nowadays they exist several dedicated equipments and workstations for SCA weaknesses analysis and the evaluation of the related countermeasures, but they can present significant drawbacks as an high cost for the instrumentation or, in case of cheaper instrumentation, the need to underclock the physical circuit implementing the AES cipher, in order to adapt the circuit clock frequency accordingly to the power sampling rate of ADCs or oscilloscopes bandwidth. In this work we proposed a methodology for Correlation and Differential Power Analysis against hardware implementations of an AES core, relying only on a simulative approach. Our solution extracts simulated power traces from a gate-level netlist and then elaborates them using mathematical-statistical procedures. The main advantage of our solution is that it allows to emulate a real attack scenario based on emitted power analysis, without requiring any additional physical circuit or dedicated equipment for power samples acquisition, neither modifying the working conditions of the target application context (such as the circuit clock frequency). Thus our approach can be used to validate and benchmark any SCA countermeasure during an early step of the design, thereby shortening and helping the designers to find the best solution during a preliminary phase and potentially without additional costs.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.