SPINS: security protocols for sensor networks
Proceedings of the 7th annual international conference on Mobile computing and networking
The BiBa one-time signature and broadcast authentication protocol
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Better than BiBa: Short One-Time Signatures with Fast Signing and Verifying
ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
A Digital Signature Based on a Conventional Encryption Function
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Directed Acyclic Graphs, One-way Functions and Digital Signatures
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
On the Efficiency of One-Time Digital Signatures
ASIACRYPT '96 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Multilevel μTESLA: Broadcast authentication for distributed sensor networks
ACM Transactions on Embedded Computing Systems (TECS)
Experimental Security Analysis of a Modern Automobile
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Secure Broadcast with One-Time Signatures in Controller Area Networks
ARES '11 Proceedings of the 2011 Sixth International Conference on Availability, Reliability and Security
Hi-index | 0.00 |
Broadcast authentication in Controller Area Networks CAN is subject to real time constraints that are hard to satisfy by expensive public key primitives. For this purpose the authors study here the use of one-time signatures which can be built on the most computationally efficient one-way functions. The authors use an enhancement of the classical Merkle signature as well as the more recently proposed HORS signature scheme. Notably, these two proposals offer different trade-offs, and they can be efficiently paired with time synchronization to reduce the overhead caused by the re-initialization of the public keys, which would otherwise require expensive authentication trees. The authors do outline clear bounds on the performance of such a solution and provide experimental results on development boards equipped with Freescale S12X, a commonly used automotive grade micro-controller. The authors also benefit from the acceleration offered by the XGATE co-processor available on S12X derivatives which significantly increases the computational performances.