This repo includes the hardware specs, code, and documentation for evaluating SKDC and SSKT, two session key distribution protocols for CAN/CAN-FD bus. Background information and detailed protocol workflow can be found in our ACSAC'20 (Dec 7-11, 2020) paper Session Key Distribution Made Practical for CAN and CAN-FD Message Authentication.
The code consists of two independent parts:
- A prototype implementation of SKDC and SSKT, along with hardware specification and evaluation program (for Section 7.1 of the paper).
- Benchmark evaluation programs for indivudual crypto operations and extrapolation analyses (for Section 7.2 of the paper).
Make sure Arduino IDE is installed on your computer. To run program xxx.ino in your Arduino board and see the result, please do:
- Connect Arduino board to your computer via USB interface.
- Open xxx.ino in Arduino IDE. Under "Tools" select the correct board name and port number.
- Click "Verify"
and then "Upload"
. Then program will be running in the Arduino board. - Open "Serial Monitor"
, set the output format as "Both NL & CR", and the baud rate specified in the code (9600 in our case). - Then the result will print automatically. If you close and reopen the Serial Monitor, the result will reappear.
We will use the following three libraries in the evaluations:
- Arduino Cryptography Library by Rhys Weatherley.
- The provided "GF256" under your Arduino libraries. The GF256.h file contains the pre-computed lookup tables for polynomial arithemetic in GF256.
- CAN-Bus Shield library by the CAN bus shield vendor Seeed Studio.
Library installation is as simple as placing the specified folder under your Arduino libraries (in my case, the path is C:\Users\yangs\Documents\Arduino\libraries). Then restart the IDE and include the needed .h files.
This part contains the implemention details of SKDC and SSKT protocols and evaluation with CAN bus.
For both protocols, we use Arduino Due A000062 borad as the Key Server (KS) and Arduino Uno R3 as ECU nodes. Still, readers need Arduino IDE to upload the code on to board. The CAN-Bus Shield library we previous mentioned is used to provide CAN communication with Seeed Studio CAN BUS Shields.
For the basic CAN bus connection, readers can take the Seeed Studio CAN BUS Shields Tutorial as basic guidance. The figure above shows our hardware simulation experiment setup. The only difference between the tutorial hardware connection and our setup is that the tutorial connection contains only one master node and one slave node while ours contains one master (KS) and multiple slave nodes (ECUs). So we use an additional breadborad to interconnect the CAN_H and CAN_L jump wires from master and slave nodes. Also, two 120-Ohm terminal resistors are inserted between CAN_H jump wires and CAN_L jump wires in order to comply with CAN bus standard.
Experiment on the SKDC protype
- Open 2 Arduino IDE instances for the connected Due and Uno boards. Make sure the COM and Board configuration are correct (under "tool" bar). Then:
- IDE 1: Upload /SKDC/key_server_skdc/key_server_skdc.ino to the Arduino Due. Open Serial Monitor.
- IDE 2: Upload /SKDC/nodes_skdc/nodes_skdc.ino to the N Arduino Uno boards one by one, with corresponding ECU selection and the same M value. Open Serial Monitor.
- Press "reset" button on the Arduino Due board to start running the protocol for one session.
- Check the result at the Serial Monitors. Try different N (from {2,3,4,5,6}, the number of simulated normal ECUs). Make sure the M value is the same across all uploaded programs.
Experiment on the SSKT protype
- Following the same procedure but with the SSKT files.
- Additionally, make sure the N value is also the same across all uploaded key_server_sskt and nodes_sskt programs.
Performance of single cryptographic operations in the protocols including encryption, decryption, hash, and Lagrange polynomial recovery are evaluated in this part. The experiment is conducted on one Arduino Uno R3 board.
- AES encrytion/decryption and BLAKE2 hash calculation can be evaluated with the examples provided by Arduino Cryptography Library, which are replicated in this repository. Simply run Benchmark/TestAESSmall/TestAESSmall.ino, Benchmark/TestAESTiny/TestAESTiny.ino and Benchmark/TestBLAKE2s/TestBLAKE2s.ino to see the result.
- For evaluating the polynomial recovery mechanism used in SSKT (Eq. (1) in the paper), run Benchmark/testPolynomial/testPolynomial.ino to see the result.
The Benchmark/ExtrapolationAnalyses folder contains python programs for extrapolating the total communication and computation costs of the protocols at large scale. Python packages numpy and matplotlib are needed.