Autonomous vehicles workshop Feb 2016 · Conclusions Assurance for secure communications is...
Transcript of Autonomous vehicles workshop Feb 2016 · Conclusions Assurance for secure communications is...
![Page 1: Autonomous vehicles workshop Feb 2016 · Conclusions Assurance for secure communications is critical for CAV Attacker controlled CAV is a nightmare Security protocol can be only barrier](https://reader033.fdocuments.us/reader033/viewer/2022042407/5f21be46d44a6670b0789e41/html5/thumbnails/1.jpg)
Secure Communication?
Cas Cremers
Summary:Security protocols are hard.
It's scary to attach a (large) vehicle to them.
![Page 2: Autonomous vehicles workshop Feb 2016 · Conclusions Assurance for secure communications is critical for CAV Attacker controlled CAV is a nightmare Security protocol can be only barrier](https://reader033.fdocuments.us/reader033/viewer/2022042407/5f21be46d44a6670b0789e41/html5/thumbnails/2.jpg)
Attacks on AV can be critical
Attacker controlhas serious
consequences
OBD2 telematics hack lets remote attackers mess with car’s brakesDevices used by insurance companies, fleet managers open doors to remote attack.Aug 11, 2015 5:25pm BST
![Page 3: Autonomous vehicles workshop Feb 2016 · Conclusions Assurance for secure communications is critical for CAV Attacker controlled CAV is a nightmare Security protocol can be only barrier](https://reader033.fdocuments.us/reader033/viewer/2022042407/5f21be46d44a6670b0789e41/html5/thumbnails/3.jpg)
AV software updates are not easy
Repairing bugs(enforcing updates)is expensive/hard
Volvo Recalls 59,000 Cars For Faulty Software In 40 Markets02/20/16 AT 11:13 AM
![Page 4: Autonomous vehicles workshop Feb 2016 · Conclusions Assurance for secure communications is critical for CAV Attacker controlled CAV is a nightmare Security protocol can be only barrier](https://reader033.fdocuments.us/reader033/viewer/2022042407/5f21be46d44a6670b0789e41/html5/thumbnails/4.jpg)
What if something goes wrong?
Remote influence oncontrol systems?
3G
Bluetooth
Wifi
...
Control systems
![Page 5: Autonomous vehicles workshop Feb 2016 · Conclusions Assurance for secure communications is critical for CAV Attacker controlled CAV is a nightmare Security protocol can be only barrier](https://reader033.fdocuments.us/reader033/viewer/2022042407/5f21be46d44a6670b0789e41/html5/thumbnails/5.jpg)
Secure communications are crucial for AV
CAV
Remote influence oncontrol systems?
Attacker controlhas serious
consequences
Repairing bugs(enforcing updates)is expensive/hard
![Page 6: Autonomous vehicles workshop Feb 2016 · Conclusions Assurance for secure communications is critical for CAV Attacker controlled CAV is a nightmare Security protocol can be only barrier](https://reader033.fdocuments.us/reader033/viewer/2022042407/5f21be46d44a6670b0789e41/html5/thumbnails/6.jpg)
Who to turn to for secure communications?
● Reminder: these standards can not be local
● ISO/IEC?
● ETSI (European Telecommunications Standards Institute)?● 3G, UMTS, ...
● IETF (Internet Engineering Task Force)?● TLS, ...
![Page 7: Autonomous vehicles workshop Feb 2016 · Conclusions Assurance for secure communications is critical for CAV Attacker controlled CAV is a nightmare Security protocol can be only barrier](https://reader033.fdocuments.us/reader033/viewer/2022042407/5f21be46d44a6670b0789e41/html5/thumbnails/7.jpg)
TLS: Transport Layer Security
![Page 8: Autonomous vehicles workshop Feb 2016 · Conclusions Assurance for secure communications is critical for CAV Attacker controlled CAV is a nightmare Security protocol can be only barrier](https://reader033.fdocuments.us/reader033/viewer/2022042407/5f21be46d44a6670b0789e41/html5/thumbnails/8.jpg)
TLS over time
![Page 9: Autonomous vehicles workshop Feb 2016 · Conclusions Assurance for secure communications is critical for CAV Attacker controlled CAV is a nightmare Security protocol can be only barrier](https://reader033.fdocuments.us/reader033/viewer/2022042407/5f21be46d44a6670b0789e41/html5/thumbnails/9.jpg)
TLS over time
![Page 10: Autonomous vehicles workshop Feb 2016 · Conclusions Assurance for secure communications is critical for CAV Attacker controlled CAV is a nightmare Security protocol can be only barrier](https://reader033.fdocuments.us/reader033/viewer/2022042407/5f21be46d44a6670b0789e41/html5/thumbnails/10.jpg)
Our work in this space
● Develop mathematical frameworks to reason about security protocols & threat models● Side effect: new attack types, new guarantees
● Develop (automated) tools to analyse protocols● E.g., Scyther, Tamarin, ...
● Use the results to improve standards● ISO 9798 & 11770, TLS 1.3, ...
Cas Cremers – http://www.cs.ox.ac.uk/people/cas.cremers/intro.html
![Page 11: Autonomous vehicles workshop Feb 2016 · Conclusions Assurance for secure communications is critical for CAV Attacker controlled CAV is a nightmare Security protocol can be only barrier](https://reader033.fdocuments.us/reader033/viewer/2022042407/5f21be46d44a6670b0789e41/html5/thumbnails/11.jpg)
Automated analysis of TLS 1.3
![Page 12: Autonomous vehicles workshop Feb 2016 · Conclusions Assurance for secure communications is critical for CAV Attacker controlled CAV is a nightmare Security protocol can be only barrier](https://reader033.fdocuments.us/reader033/viewer/2022042407/5f21be46d44a6670b0789e41/html5/thumbnails/12.jpg)
Automated analysis of TLS 1.3
● Resources● Lots of manpower● Hardware (mostly
memory currently)
● Outcome:● Proof of rev 10● Attack on one
suggested variant
Automated Analysis of TLS 1.3: 0-RTT, Resumption and Delayed Authentication C. Cremers, M. Horvat, S. Scott, T. van der Merwe. IEEE Symposium on Security and Privacy (Oakland), 2016.
![Page 13: Autonomous vehicles workshop Feb 2016 · Conclusions Assurance for secure communications is critical for CAV Attacker controlled CAV is a nightmare Security protocol can be only barrier](https://reader033.fdocuments.us/reader033/viewer/2022042407/5f21be46d44a6670b0789e41/html5/thumbnails/13.jpg)
The ISO/IEC 9798 Standard
● Entity Authentication Mechanisms
● 18 base protocols● Symmetric-key encryption,
Digital signatures, Cryptographic check functions
● Unilateral or Mutual authentication● Additional protocols with TTP
● Further variants from optional fields
![Page 14: Autonomous vehicles workshop Feb 2016 · Conclusions Assurance for secure communications is critical for CAV Attacker controlled CAV is a nightmare Security protocol can be only barrier](https://reader033.fdocuments.us/reader033/viewer/2022042407/5f21be46d44a6670b0789e41/html5/thumbnails/14.jpg)
Results● No strong authentication properties
Aliveness < Agreement < Synchronisation
● Under some conditions no authentication
![Page 15: Autonomous vehicles workshop Feb 2016 · Conclusions Assurance for secure communications is critical for CAV Attacker controlled CAV is a nightmare Security protocol can be only barrier](https://reader033.fdocuments.us/reader033/viewer/2022042407/5f21be46d44a6670b0789e41/html5/thumbnails/15.jpg)
Open issues
● Secure protocols quite elusive
● TLS possibly most scrutinized
● No reason to believe protocols such as WPA2 etc more secure● rather the opposite
![Page 16: Autonomous vehicles workshop Feb 2016 · Conclusions Assurance for secure communications is critical for CAV Attacker controlled CAV is a nightmare Security protocol can be only barrier](https://reader033.fdocuments.us/reader033/viewer/2022042407/5f21be46d44a6670b0789e41/html5/thumbnails/16.jpg)
Conclusions
● Assurance for secure communications is critical for CAV● Attacker controlled CAV is a nightmare● Security protocol can be only barrier between attacker and control● Classic problem that is still hugely challenging● Hard to patch the AVs once out there
● Expertise is available – need to collaborate!● IETF has set a good example in involving experts
● We would like to avoid reading on a forum:● "AV-Botnet for sale..."
Cas Cremers – http://www.cs.ox.ac.uk/people/cas.cremers/intro.html