Automotive Cybersecurity – Explanation and Implementation of AES Encryption Algorithm

Click the blue text aboveTanshi Laboratory

Get more information on automotive cybersecurity

Automotive Cybersecurity - Explanation and Implementation of AES Encryption Algorithm

In automotive cybersecurity, many encryption and signature verification algorithms are often used. Today, we will discuss the principles of encryption algorithms and their implementations, which can help in understanding encryption algorithms and ensuring the correctness of their implementation.

01

Application Scenarios of Encryption Algorithms and Signature Verification in Automotive Cybersecurity

1. Secure Boot

Ensuring the authenticity of the boot program, encryption algorithms are applied: The boot program of a vehicle (such as the Bootloader) is usually protected using encryption algorithms. A hash algorithm (such as SHA-256) can be used to compute a hash of the boot program, generating a fixed-length hash value. This hash value acts like a “fingerprint” of the boot program; any slight change in the content of the boot program will result in a completely different hash value. The hash value is then stored along with the boot program and encrypted using an encryption algorithm to prevent tampering.

Signature verification application: When the vehicle starts, the hardware first loads the boot program. During the loading process, the hash value of the boot program is decrypted, and the hash value of the boot program is recalculated and compared. Additionally, the signature of the hash value is verified to ensure its authenticity and integrity. This method prevents attackers from replacing or tampering with the boot program, ensuring that the vehicle starts from a trusted boot program.

2. Software Updates

Encryption algorithm application: Automotive manufacturers push software update packages to vehicles over the network. To prevent the update package from being tampered with or stolen during transmission, encryption algorithms are used to encrypt the update package. For example, the SHA-256 algorithm can be used to compute a hash of the update package, generating a unique hash value, which is sent along with the update package to the vehicle. Upon receiving the update package, the vehicle recalculates the hash value of the update package and compares it with the received hash value to ensure the integrity of the update package.

Signature verification application: When the vehicle receives a software update, it needs to verify the legitimacy of the update package’s source. Automotive manufacturers digitally sign the update package when releasing it, and the vehicle verifies the signature to confirm whether the update package was issued by a legitimate manufacturer, thus preventing malicious software from masquerading as an update package installed in the vehicle.

02

Working Principle of AES-CBC

1. Encryption Process

First, the plaintext is divided into fixed-length blocks, typically 128 bits in AES. For the first plaintext block, it is XORed with a randomly generated Initialization Vector (IV), and the result is encrypted using the AES key to obtain the first ciphertext block. Each subsequent plaintext block is XORed with the previous ciphertext block before being encrypted with the AES key, and so on. Thus, the generation of each ciphertext block depends not only on the current plaintext block and key but also on the previous ciphertext block, forming a chain structure, which is the origin of the CBC mode name.

2. Decryption Process

In contrast to the encryption process, the ciphertext block is first decrypted using the AES key, and then the decrypted result is XORed with the previous ciphertext block (for the first ciphertext block, it is XORed with the IV) to obtain the plaintext block. This process is repeated for each ciphertext block to ultimately restore the original plaintext.

3. Implementation Process

Automotive Cybersecurity - Explanation and Implementation of AES Encryption Algorithm

4. Implementation Results

Automotive Cybersecurity - Explanation and Implementation of AES Encryption Algorithm

03

Explanation and Implementation of AES-CMAC

AES-CMAC is an authenticated encryption mode based on the Advanced Encryption Standard (AES), which stands for Cipher-based Message Authentication Code.

1. Working Principle Process

Automotive Cybersecurity - Explanation and Implementation of AES Encryption Algorithm

2. Implementation Process

Automotive Cybersecurity - Explanation and Implementation of AES Encryption AlgorithmAutomotive Cybersecurity - Explanation and Implementation of AES Encryption Algorithm

3. Implementation Results

Automotive Cybersecurity - Explanation and Implementation of AES Encryption Algorithm

Source:

https://blog.csdn.net/xiaoxinxinxinxin/article/details/147264716

end

Automotive Cybersecurity - Explanation and Implementation of AES Encryption Algorithm

Recommended Premium Events

Automotive Cybersecurity - Explanation and Implementation of AES Encryption AlgorithmAutomotive Cybersecurity - Explanation and Implementation of AES Encryption Algorithm

AutoSec Series Salon

Automotive Cybersecurity - Explanation and Implementation of AES Encryption AlgorithmAutomotive Cybersecurity - Explanation and Implementation of AES Encryption AlgorithmAutomotive Cybersecurity - Explanation and Implementation of AES Encryption Algorithm

Professional Community

Automotive Cybersecurity - Explanation and Implementation of AES Encryption Algorithm

Some experts in the group come from:

New Force Car Companies:

Tesla, Hozon New Energy – Nezha, Li Auto, Zeekr, Xiaomi, Binnli Automotive, Jiyue, Leap Motor, Avita, Zhiji Automotive, Xiaopeng, Lantu Automotive, NIO, Geely Automotive, Seres…

Foreign Traditional Mainstream Car Companies:

Volkswagen China, Volkswagen Cool Wing, Audi, BMW, Ford, Daimler-Benz, General Motors, Porsche, Volvo, Hyundai, Nissan, Jaguar Land Rover, Scania…

Domestic Traditional Mainstream Car Companies:

Geely Automotive, SAIC Passenger Cars, Great Wall Motors, SAIC Volkswagen, Changan Automobile, Beijing Automotive, Dongfeng Motor, GAC, BYD, FAW Group, FAW Liberation, Dongfeng Commercial, SAIC Commercial…

Global Leading Tier 1 Suppliers:

Bosch, Continental Group, United Automotive Electronics, Aptiv, ZF, KOSTAL, Schaeffler, Honeywell, DJI, Hitachi, Harman, Huawei, Baidu, Lenovo, MediaTek, Preh, Desay SV, Honeycomb Steering, Junlian Zhixing, Wuhan Guangting, Xingji Meizu, CRRC Group, Wintech, Weichai Group, Horizon, Unisoc, ByteDance…

Tier 2 Suppliers (over 500):

Upstream, ETAS, Synopsys, NXP, TUV, Shanghai Software Center, Deloitte, Qihoo 360, Weichen Xinan, Yunchi Future, Xinda Jiexin, Xinchangcheng, Zelu Security, Niuchuang Xinan, Fudan Microelectronics, Tianrongxin, Qihoo 360, China Automotive Center, China Automotive Research, Shanghai Automotive Inspection, Ruann Technology, Zhejiang University…

Personnel Proportion

Automotive Cybersecurity - Explanation and Implementation of AES Encryption Algorithm

Company Type Proportion

Automotive Cybersecurity - Explanation and Implementation of AES Encryption Algorithm

Articles

Don’t miss out, this could be the largest exclusive community in the automotive cybersecurity industry!

Lawyer’s statement regarding the alleged imitation of the AutoSec conference brand

This article will help you understand the in-vehicle network communication security architecture of intelligent vehicles

Cybersecurity: TARA methods, tools, and cases

Key analysis of automotive data security compliance

Analysis of automotive chip information security regarding secure boot

Exploration of automotive in-vehicle communication security solutions in domain centralized architecture

System security architecture of vehicle network security architecture

Privacy protection issues in the Internet of Vehicles

Research on cybersecurity technology for intelligent connected vehicles

AUTOSAR information security framework and key technology analysis

What information security mechanisms does AUTOSAR have?

Underlying mechanisms of information security

Automotive cybersecurity

Usage of AUTOSAR hardware security module HSM

First release! Lei Jun from Xiaomi suggested at the two sessions regarding automotive data security: Suggestions for building a complete automotive data security management system

Leave a Comment