METHOD FOR HANDLING TRANSMISSION OF FRAUDULENT FRAMES WITHIN IN-VEHICLE NETWORK
First Claim
1. An anti-fraud method for use in an in-vehicle network system including a plurality of electronic control units that exchange data frames, each having added thereto a message authentication code (MAC), via at least one bus in accordance with a Controller Area Network (CAN) protocol, the anti-fraud method comprising:
- receiving a data frame transmitted on the bus;
generating a first message authentication code by using a MAC key and a value of a counter that counts the number of times a data frame having added thereto a message authentication code is transmitted;
verifying that the received data frame has added thereto the generated first message authentication code;
generating, in a case where the verification has failed, a second message authentication code by using a MAC key before update of the MAC key;
re-verifying, in a case where the verification has failed, that the received data frame has added thereto the generated second message authentication code;
transmitting, in a case where the re-verification has succeeded, via the bus a key-update frame indicating a request for updating the MAC key; and
updating the MAC key in response to the transmission of the key-update frame.
1 Assignment
0 Petitions
Accused Products
Abstract
An anti-fraud method for use in an in-vehicle network system including a plurality of electronic control units that exchange data frames, each having added thereto a message authentication code (MAC), via at least one bus includes: receiving a data frame transmitted on the bus; generating a first MAC by using a MAC key and a value of a counter that counts the number of times a data frame having added thereto a MAC is transmitted; in a case where the verification has failed, (i) generating as second MAC by using an old MAC key; (ii) re-verifying that the received data frame has added thereto the generated second MAC; transmitting, in a case where the re-verification has succeeded, via the bus a key-update frame indicating a request for updating the MAC key; and updating the MAC key in response to the transmission of the key-update frame.
-
Citations
9 Claims
-
1. An anti-fraud method for use in an in-vehicle network system including a plurality of electronic control units that exchange data frames, each having added thereto a message authentication code (MAC), via at least one bus in accordance with a Controller Area Network (CAN) protocol, the anti-fraud method comprising:
-
receiving a data frame transmitted on the bus; generating a first message authentication code by using a MAC key and a value of a counter that counts the number of times a data frame having added thereto a message authentication code is transmitted; verifying that the received data frame has added thereto the generated first message authentication code; generating, in a case where the verification has failed, a second message authentication code by using a MAC key before update of the MAC key; re-verifying, in a case where the verification has failed, that the received data frame has added thereto the generated second message authentication code; transmitting, in a case where the re-verification has succeeded, via the bus a key-update frame indicating a request for updating the MAC key; and updating the MAC key in response to the transmission of the key-update frame. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An in-vehicle network system including a plurality of electronic control units that exchange data frames, each having added thereto a message authentication code (MAC), via at least one bus in accordance with a Controller Area Network (CAN) protocol, the in-vehicle network system comprising:
-
a first electronic control unit comprising one or more memories; and
circuitry which, in operation;generates a third message authentication code by using a first MAC key and a value of a first counter that counts the number of times a data frame having added thereto a message authentication code has been transmitted, adds the generated third message authentication code to a data frame, and transmits the data frame on the bus; and a second electronic control unit comprising one or more memories; and
circuitry which, in operation;receives a data frame transmitted on the bus, generates a first message authentication code by using a second MAC key and a value of a second counter that counts the number of times a data frame having added thereto a message authentication code has been received, verifies that the received data frame has added thereto the first message authentication code, generates, in a case where the verification has failed, a second message authentication code by using a MAC key before update of the MAC key, re-verifies, in a case where the verification has failed, that the received data frame has added thereto the generated second message authentication code, transmits, in a case where the re-verification has succeeded, via the bus a key-update frame indicating a request for updating a MAC key, and updates the second MAC key in response to the transmission of the key-update frame, wherein the first electronic control unit updates the first MAC key in response to receipt of the key-update frame.
-
-
9. An electronic control unit for performing communication via a bus in accordance with a Controller Area Network (CAN) protocol, the electronic control unit comprising one or more memories;
- and circuitry which, in operation;
receives a data frame from the bus, generates a first message authentication code by using a MAC key and a value of a counter that counts the number of times a data frame having added thereto a message authentication code has been received, verifies that the received data frame has added thereto the generated first message authentication code (MAC), generates, in a case where the verification has failed, a second message authentication code by using a MAC key befor update of the MAC key, re-verifies, in a case where the verification has failed, that the received data frame has added thereto the generated second message authentication code, transmits, in a case where the re-verification has succeeded, via the bus a key-update frame indicating a request for updating the MAC key, and updates the MAC key in response to the transmission of the key-update frame.
- and circuitry which, in operation;
Specification