Research On Entity Authentication Technology Based On In-vehicle Controller Area Network Gateway

In recent years,with the rapid development of Internet of things technology,all walks of life are experiencing a wave of Internet of things.Small to a watch a cell phone,large to a factory automation production line,are more and more intelligent,and people's lives become more relaxed and convenient.As an important part of people's daily life of automobile,people's demand for it is no longer a simple means of transport,but a set of travel,entertainment and social functions in one body.Therefore,in order to meet the needs of people on the growth of automobile function,in the Internet of things to promote off networking and auxiliary driving technology has been rapid development,the automobile is becoming more and more powerful,more and more intelligent,but at the same time,the vehicle network is becoming more and more large,and more complex.Nowadays,vehicular networks often have more than one hundred nodes,nearly 100 million lines of code,and different nodes according to the functional differences are divided into different sub networks,which makes the automobile became a very large and complex calculation system.But it has not formed a set of mature and perfect security mechanism in the vehicle system today,to protect the vehicle network nodes and the security of communication between nodes,which makes the vehicle network,especially the widely used CAN network,fragile,often become the intrusion entrance for attacker on vehicle network system.In order to ensure safety and reliability of communication nodes in CAN network,and avoid malicious nodes disguised as legitimate nodes to steal sensitive information inside the car,causing harm to the vehicle network,the authentication strategy between CAN gateway and the key entities is designed in this paper.The completion of the certification process between the key entity nodes and the gateway fusing improved AES algorithm and HMAC-SHA256 algorithm,using Challenge-Response mechanism,the gateway node coordinate the authentication process;the confidentiality of communication of authentication process can be ensured through the AES algorithm,and the improved AES algorithm can play a better performance on a CAN node based on 32 bit processor;use the HMAC-SHA256 algorithm to ensure the integrity of the message,and confirm the origin of the message.The hardware platform is build based on MPC5646 C development board in this paper,including the development of CAN driver code,the realization of communication protocol,the development and testing of authentication algorithm,and the proof of validity of the authentication strategy.