Title: An automobile security protocol: side-channel security against timing and relay attacks

Authors: Mohd Anuar Mat Isa; Habibah Hashim; Syed Farid Syed Adnan; Norhaflyza Marbukhari; Nur Nabila Mohamed

Addresses: Faculty of Electrical Engineering, 40450 UiTM Shah Alam, Selangor, Malaysia ' Faculty of Electrical Engineering, 40450 UiTM Shah Alam, Selangor, Malaysia ' Faculty of Electrical Engineering, 40450 UiTM Shah Alam, Selangor, Malaysia ' Faculty of Electrical Engineering, 40450 UiTM Shah Alam, Selangor, Malaysia ' Faculty of Electrical Engineering, 40450 UiTM Shah Alam, Selangor, Malaysia

Abstract: Keyless go, automotive keyless systems (AKS), passive keyless entry and start (PKES) are names given to smart systems that allow a driver to unlock a car without pressing any key, and drive the car without inserting a smart key for starting or stopping the car engine. It is one of the debutant IoT applications in automotive sector. This work presents a 128-bit pairing security protocol (PSP 128 bits) lightweight cryptographic protocol as a security protocol authentication between owner and car. The PSP 128 security analysis in timing and relay attacks by an adversary will be discussed and its resilience proved using a theoretical security reduction method. The theoretical security reduction results are supported by findings from an experimental test bed using RaspberryPi board and radio frequency (RF) communication. Based on the experiment results, the PSP 128 can support up to 56 thousand authentication sessions between owner and car per typical usage. It is estimated that a standard automotive battery running the device can have a lifespan of up to seven years with typical use.

Keywords: keyless; automotive; relay attack; side-channel attack; IoT; lightweight; cryptography; RF security; RaspberryPi.

DOI: 10.1504/IJESDF.2017.085194

International Journal of Electronic Security and Digital Forensics, 2017 Vol.9 No.3, pp.239 - 253

Received: 03 Aug 2016
Accepted: 20 Jan 2017

Published online: 13 Jun 2017 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article