Vehicle technology has developed rapidly these years, however, the security measures for in-vehicle network does not keep up with the trend. Controller area network(CAN) is the most used protocol in the in-vehicle network. With the characteristic of CAN, there exists many vulnerabilities including lacks of integrity and confidentiality, and hence CAN is vulnerable to various attacks such as impersonation attack, replay attack, etc. In order to implement the authentication and encryption, secret key derivation is necessary. In this work, we proposed an efficient key management scheme for in-vehicle network. In particular, the scheme has five phases. In the first and second phase, we utilize elliptic curve cryptography-based key encapsulation mechanism(KEM) to derive a pairwise secret between each ECU and a central secure ECU in the same group. Then in the third phase, we design secure communication to derive group shared secret among all ECU in a group. In the last two phases, SECU is not needed, regular ECU can derive session key on their own. We presented a possible attack analysis(chosen-ciphertext attack as the main threat) and a security property analysis for our scheme. Our scheme is evaluated based on a hardware-based experiment of three different microcontrollers and a software-based simulation of IVNS. We argue that based on our estimation and the experiment result, our scheme performs better in communication and computation overhead than similar works.

翻译：近年来，车辆技术发展迅速，然而车载网络的安全措施却未能跟上这一趋势。控制器局域网（CAN）是车载网络中最常用的协议。由于CAN的特性，存在许多安全漏洞，包括缺乏完整性和机密性，因此CAN容易受到多种攻击，如冒充攻击、重放攻击等。为了实现身份验证和加密，需要推导秘密密钥。在这项工作中，我们提出了一种高效的车载网络密钥管理方案。具体而言，该方案包含五个阶段。在第一和第二阶段，我们利用基于椭圆曲线密码学的密钥封装机制（KEM）来推导每个电子控制单元（ECU）与同一组内中央安全ECU之间的配对秘密。随后在第三阶段，我们设计安全通信以推导一组内所有ECU之间的组共享秘密。在最后两个阶段中，不再需要中央安全ECU，普通ECU可以自行推导会话密钥。我们针对该方案进行了可能的攻击分析（以选择密文攻击为主要威胁）和安全性属性分析。我们的方案基于三种不同微控制器的硬件实验和IVNS的软件模拟进行了评估。我们声称，根据我们的估计和实验结果，该方案在通信和计算开销方面优于类似工作。