Crypto-Chain: A Relay Resilience Framework for Smart Vehicles

Abubakar Sadiq Sani; Dong Yuan; Elisa Bertino; Zhao Yang Dong

doi:10.1145/3485832.3485920

Crypto-Chain: A Relay Resilience Framework for Smart Vehicles

Abubakar Sadiq Sani, Dong Yuan, Elisa Bertino, Zhao Yang Dong

Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review

2 Citations (Scopus)

Abstract

Recent findings show that smart vehicles can be exposed to relay attacks resulting from weaknesses in cryptographic operations, such as authentication and key derivation, or poor implementation of these operations. Relay attacks refer to attacks in which authentication is evaded without needing to attack a smart vehicle itself. They are a recurrent problem in practice. In this paper, we formulate the necessary relay resilience settings for strengthening authentication and key derivation and achieving the secure design and efficient implementation of cryptographic protocols based on universal composability, which allows the modular design and analysis of cryptographic protocols. We introduce Crypto-Chain, a relay resilience framework that extends Kusters's universal composition theorem on a fixed number of protocol systems to prevent bypass of cryptographic operations and avoid implementation errors. Our framework provides an ideal crypto-chain functionality that supports several cryptographic primitives. Furthermore, we provide an ideal functionality for mutual authentication and key derivation in Crypto-Chain by which cryptographic protocols can use cryptographic operations, knowledge about the computation time of the operations, and cryptographic timestamps to ensure relay resilience. As a proof of concept, we first propose and implement a mutual authentication and key derivation protocol (MKD) that confirms the efficiency and relay resilience capabilities of Crypto-Chain and then apply Crypto-Chain to fix two protocols used in smart vehicles, namely Megamos Crypto and Hitag-AES/Pro. © 2021 Association for Computing Machinery.

Original language	English
Title of host publication	ACSAC '21: Proceedings of the 37th Annual Computer Security Applications Conference
Publisher	Association for Computing Machinery
Pages	439-454
ISBN (Print)	9781450385794
DOIs	https://doi.org/10.1145/3485832.3485920
Publication status	Published - Dec 2021
Externally published	Yes
Event	37th Annual Computer Security Applications Conference (ACSAC 2021) - Virtual, Austin, TX, United States Duration: 6 Dec 2021 → 10 Dec 2021

Publication series

Name	ACM International Conference Proceeding Series

Conference

Conference	37th Annual Computer Security Applications Conference (ACSAC 2021)
Place	United States
City	Austin, TX
Period	6/12/21 → 10/12/21

Research Keywords

Key derivation
Key exchange
Mutual authentication
Relay resilience
Smart vehicles
Universal composability

Access Output

10.1145/3485832.3485920

Other Access Options

Check CityUHK Library

Permanent Link

Right click to copy link

Cite this

@inproceedings{c912c682c2b3476b81f5f670d674e8d4,

title = "Crypto-Chain: A Relay Resilience Framework for Smart Vehicles",

abstract = "Recent findings show that smart vehicles can be exposed to relay attacks resulting from weaknesses in cryptographic operations, such as authentication and key derivation, or poor implementation of these operations. Relay attacks refer to attacks in which authentication is evaded without needing to attack a smart vehicle itself. They are a recurrent problem in practice. In this paper, we formulate the necessary relay resilience settings for strengthening authentication and key derivation and achieving the secure design and efficient implementation of cryptographic protocols based on universal composability, which allows the modular design and analysis of cryptographic protocols. We introduce Crypto-Chain, a relay resilience framework that extends Kusters's universal composition theorem on a fixed number of protocol systems to prevent bypass of cryptographic operations and avoid implementation errors. Our framework provides an ideal crypto-chain functionality that supports several cryptographic primitives. Furthermore, we provide an ideal functionality for mutual authentication and key derivation in Crypto-Chain by which cryptographic protocols can use cryptographic operations, knowledge about the computation time of the operations, and cryptographic timestamps to ensure relay resilience. As a proof of concept, we first propose and implement a mutual authentication and key derivation protocol (MKD) that confirms the efficiency and relay resilience capabilities of Crypto-Chain and then apply Crypto-Chain to fix two protocols used in smart vehicles, namely Megamos Crypto and Hitag-AES/Pro. {\textcopyright} 2021 Association for Computing Machinery.",

keywords = "Key derivation, Key exchange, Mutual authentication, Relay resilience, Smart vehicles, Universal composability",

author = "Sani, {Abubakar Sadiq} and Dong Yuan and Elisa Bertino and Dong, {Zhao Yang}",

year = "2021",

month = dec,

doi = "10.1145/3485832.3485920",

language = "English",

isbn = "9781450385794",

series = "ACM International Conference Proceeding Series",

publisher = "Association for Computing Machinery",

pages = "439--454",

booktitle = "ACSAC '21: Proceedings of the 37th Annual Computer Security Applications Conference",

address = "United States",

note = "37th Annual Computer Security Applications Conference (ACSAC 2021) ; Conference date: 06-12-2021 Through 10-12-2021",

}

Sani, AS, Yuan, D, Bertino, E & Dong, ZY 2021, Crypto-Chain: A Relay Resilience Framework for Smart Vehicles. in ACSAC '21: Proceedings of the 37th Annual Computer Security Applications Conference. ACM International Conference Proceeding Series, Association for Computing Machinery, pp. 439-454, 37th Annual Computer Security Applications Conference (ACSAC 2021), Austin, TX, United States, 6/12/21. https://doi.org/10.1145/3485832.3485920

Crypto-Chain: A Relay Resilience Framework for Smart Vehicles. / Sani, Abubakar Sadiq; Yuan, Dong; Bertino, Elisa et al.
ACSAC '21: Proceedings of the 37th Annual Computer Security Applications Conference. Association for Computing Machinery, 2021. p. 439-454 (ACM International Conference Proceeding Series).

Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review

TY - GEN

T1 - Crypto-Chain

T2 - 37th Annual Computer Security Applications Conference (ACSAC 2021)

AU - Sani, Abubakar Sadiq

AU - Yuan, Dong

AU - Bertino, Elisa

AU - Dong, Zhao Yang

PY - 2021/12

Y1 - 2021/12

N2 - Recent findings show that smart vehicles can be exposed to relay attacks resulting from weaknesses in cryptographic operations, such as authentication and key derivation, or poor implementation of these operations. Relay attacks refer to attacks in which authentication is evaded without needing to attack a smart vehicle itself. They are a recurrent problem in practice. In this paper, we formulate the necessary relay resilience settings for strengthening authentication and key derivation and achieving the secure design and efficient implementation of cryptographic protocols based on universal composability, which allows the modular design and analysis of cryptographic protocols. We introduce Crypto-Chain, a relay resilience framework that extends Kusters's universal composition theorem on a fixed number of protocol systems to prevent bypass of cryptographic operations and avoid implementation errors. Our framework provides an ideal crypto-chain functionality that supports several cryptographic primitives. Furthermore, we provide an ideal functionality for mutual authentication and key derivation in Crypto-Chain by which cryptographic protocols can use cryptographic operations, knowledge about the computation time of the operations, and cryptographic timestamps to ensure relay resilience. As a proof of concept, we first propose and implement a mutual authentication and key derivation protocol (MKD) that confirms the efficiency and relay resilience capabilities of Crypto-Chain and then apply Crypto-Chain to fix two protocols used in smart vehicles, namely Megamos Crypto and Hitag-AES/Pro. © 2021 Association for Computing Machinery.

AB - Recent findings show that smart vehicles can be exposed to relay attacks resulting from weaknesses in cryptographic operations, such as authentication and key derivation, or poor implementation of these operations. Relay attacks refer to attacks in which authentication is evaded without needing to attack a smart vehicle itself. They are a recurrent problem in practice. In this paper, we formulate the necessary relay resilience settings for strengthening authentication and key derivation and achieving the secure design and efficient implementation of cryptographic protocols based on universal composability, which allows the modular design and analysis of cryptographic protocols. We introduce Crypto-Chain, a relay resilience framework that extends Kusters's universal composition theorem on a fixed number of protocol systems to prevent bypass of cryptographic operations and avoid implementation errors. Our framework provides an ideal crypto-chain functionality that supports several cryptographic primitives. Furthermore, we provide an ideal functionality for mutual authentication and key derivation in Crypto-Chain by which cryptographic protocols can use cryptographic operations, knowledge about the computation time of the operations, and cryptographic timestamps to ensure relay resilience. As a proof of concept, we first propose and implement a mutual authentication and key derivation protocol (MKD) that confirms the efficiency and relay resilience capabilities of Crypto-Chain and then apply Crypto-Chain to fix two protocols used in smart vehicles, namely Megamos Crypto and Hitag-AES/Pro. © 2021 Association for Computing Machinery.

KW - Key derivation

KW - Key exchange

KW - Mutual authentication

KW - Relay resilience

KW - Smart vehicles

KW - Universal composability

UR - http://www.scopus.com/inward/record.url?scp=85121598744&partnerID=8YFLogxK

UR - https://www.scopus.com/record/pubmetrics.uri?eid=2-s2.0-85121598744&origin=recordpage

U2 - 10.1145/3485832.3485920

DO - 10.1145/3485832.3485920

M3 - RGC 32 - Refereed conference paper (with host publication)

SN - 9781450385794

T3 - ACM International Conference Proceeding Series

SP - 439

EP - 454

BT - ACSAC '21: Proceedings of the 37th Annual Computer Security Applications Conference

PB - Association for Computing Machinery

Y2 - 6 December 2021 through 10 December 2021

ER -

Crypto-Chain: A Relay Resilience Framework for Smart Vehicles

Abstract

Publication series

Conference

Research Keywords

Access Output

Other Access Options

Permanent Link

Other Files and Links

Fingerprint

Cite this