Currently, a controller area network (CAN) is prevalent as a representative standard protocol for automotive in-vehicle networks. In the future, it is expected that a CAN with flexible data-rate (FD), which is an extension to the CAN, will also be prevalent.
Such an in-vehicle network is at risk of illegal attacks against communication by intruders. Generally, a vehicle is provided with a diagnostic interface, which is directly connected to an in-vehicle network, called an on-board-diagnostics 2 (OBD2) port. A risk is that for example, an intruder connects an illegal device to this OBD2 port, and makes a replay attack or the like against the in-vehicle network using such a device. Here, a replay attack is an attack by an intruder eavesdropping and capturing a message flowing on a communication path in advance and retransmitting the captured message, thereby causing illegal operation of each device in the in-vehicle network. Another conceivable attack is, for example, an attack that infects with malware an information processing apparatus that operates in cooperation with a system outside the vehicle, causing the infected apparatus to transmit a false message to an in-vehicle network and then causing a control apparatus that has received this message to malfunction.
As an effective countermeasure against the threat of the illegal attacks described above, performing message authentication using a message authentication code (MAC) as a tampering detection code for a message flowing between each information processing apparatus in an in-vehicle network (PTL 1) is known. According to the technique disclosed in this PTL 1, each information processing apparatus counts the number of times a message is transmitted for each message ID. Then, an information processing apparatus that transmits a message generates a MAC from data, the number of times of transmission, and the message ID, and transmits the MAC separately from the message. On the other hand, an information processing apparatus that receives the message calculates the MAC on the basis of the data, the number of times of transmission, and the message ID in the message that has been received, and compares the MAC with the MAC separately received from the information processing apparatus on the transmitting side. As a result, when these MACs are different from each other, the message that has been received is recognized as illegal, and no message with this message ID is accepted thereafter. This prevents the information processing apparatuses from malfunctioning due to replay attacks or data tampering.