Most of the existing works on securing the CAN bus are using the limited data-field of CAN frames to embed a cryptographic payload. Only very few works have suggested the use of the identifier field since identifiers are critical for the arbitration procedure and changing them at random would interfere with message priorities. To preserve priority on the bus, in this work we use an ordered CMAC buffer. In this way, we can authenticate the identifiers of CAN frames and check that the sender is a legitimate node while arbitration on the bus remains unaltered. Moreover, we determine that for real-world scenarios the achieved security level is very close to the length of the ID field despite the constraints from ordering. This procedure easily circumvents replay attacks and fuzz testing on the bus, which were exploited by many recent works. We prove the feasibility of our approach by testing practical implementations on automotive-grade microcontrollers and CAN-bus traffic allocations from a high-end vehicle. The computational requirements are some of the lowest achievable for securing CAN, with a dozen CMAC-AES computations being sufficient for extracting a table of one hundred identifiers.

中文翻译：

---

通过使用有序 CMAC 重新分配标识符对 CAN 进行高效身份验证

大多数现有的保护 CAN 总线的工作都是使用 CAN 帧的有限数据字段来嵌入加密有效载荷。只有极少数作品建议使用标识符字段，因为标识符对于仲裁过程至关重要，并且随机更改它们会干扰消息优先级。为了保持总线上的优先级，在这项工作中我们使用一个有序的 CMAC 缓冲区。通过这种方式，我们可以验证 CAN 帧的标识符并检查发送方是否为合法节点，同时总线上的仲裁保持不变。此外，我们确定对于实际场景，尽管受到排序的限制，但实现的安全级别非常接近 ID 字段的长度。这个过程很容易绕过总线上的重放攻击和模糊测试，这些攻击被许多最近的作品所利用。我们通过测试汽车级微控制器和来自高端车辆的 CAN 总线流量分配的实际实现来证明我们方法的可行性。计算要求是保护 CAN 可实现的最低要求，十几个 CMAC-AES 计算足以提取包含一百个标识符的表。