Controller Area Network (CAN)

Exposing new vulnerabilities of error handling mechanism in CAN

We discover three major vulnerabilities in the error handling mechanism of the automotive controller area network that could be exploited to launch a variety of attacks including a denial-of-service attack against benign electronic control units.

Cumulative message authentication codes for resource-constrained IoT networks

To provide message authenticity in IoT, we employ a speculation procedure for predicting future message values to achieve an advantageous trade-off between the cryptographic strength and the latency in processing of the message authentication codes.

Evading voltage-based intrusion detection on automotive CAN

We discover a novel tactic that can be exploited by two malicious electronic control units (ECUs) on an automotive controller area network to masquerade a benign ECU while evading voltage-based intrusion detection system.

Cumulative message authentication codes for resource-constrained networks

To provide message authenticity in IoT, we enable the verifier to achieve an advantageous trade-off between the cryptographic strength and the latency in processing of the message authentication codes.