Wireless technologies are widely implemented in automotive Cyber Physical Systems (CPSs) for infotainment applications such as navigation schemes, hands-free calling, and satellite radio. However, due to the wire harnessing problem, recent intra-vehicular sensor networks are also adopting wireless technology to greatly reduce the total weight of the vehicle and the complexity of adding newer features during the design time. As a result, using wireless technology may greatly enhance the functionality and efficiency of the automotive CPS. As an example, Tire Pressure Monitoring Systems (TPMS) use wireless sensors to inform both the automotive system and passengers about valuable information such as temperature and tire pressure. Applying wireless technology to detect collisions is a promising solution to increasing traffic efficiency and reducing the number of accidents, where more than 80% are caused by drivers. For this reason, national agencies such as the U.S. Department of Transportation are developing Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) communications to provide entertainment, road condition information, collision detection and avoidance measures, all of which can enable the realistic use of autonomous driving. FIG. 4 provides an illustration for such a scenario.
This new paradigm dealing with the connection between traditionally isolated automotive systems and the outside world over insecure wireless channels introduces several security concerns such as leakage of private information of passengers and direct influence over the automotive system's behavior. In fact, this type of security concern began in the mid-1990s when many automotive systems used Remote Keyless Entry (RKE). Afterward, in 2005, a successful Texas Instrument transponder hack indicated a potential security threat to millions of automobiles. And more recently in 2010, researchers demonstrated the possibility of an attack that captures and reads TPMS communication packets from an automobile up to 40 meters away. They also presented the capability of injecting fake packets to trigger the target automobile's TPMS warning signal. Since incoming safety-critical V2V/V2I applications will also inherit these aforementioned security challenges and concerns, researchers from the European Telecommunications Standards Institute (ETSI) proposed the following security objectives for these applications: confidentiality, integrity, availability, accountability, and authenticity.
To summarize, for wireless communication in automotive CPS, messages will need to be authenticated and sometimes encrypted depending on the confidentiality requirements of applications. As a simple example, account information will need to be encrypted in applications like Electronic Toll Collection (ETC). It is important to note that these security objectives apply to resource-limited (in terms of computational power, energy consumption and memory size) time-critical embedded devices (such as micro-controllers, sensor-nodes, etc.) and resource-limited non-time-critical devices (infotainment systems). The focus of the present invention is the former of these two device types: resource-limited and time-critical.
A typical automotive design needs to provide security for about 20 years or more, implying the necessity of a reliable cryptographic design to achieve the aforementioned security objectives. Cryptographic algorithms fall under two categories: asymmetric and symmetric. As seen in Table I, symmetric algorithms (like Advanced Encryption Standard (“AES”)) have very high performance and smaller energy overhead in comparison to asymmetric algorithms (like Rivest-Shamir-Adleman (“RSA”) and Elliptic Curve Cryptography (“ECC”)). However, the major problem of using symmetric algorithms is that both communicating parties must share a secret key before any secure communication. Therefore, secret key exchange is considered as a challenging problem in automotive wireless applications. Although asymmetric algorithms do not require a shared secret key for secure communication, they are too slow for most of the time-critical automotive CPS applications, and they also consume more computational power and more memory space in comparison to other algorithms.
TABLE IComparison of Existing Cryptographic AlgorithmsSymmetricAsymmetricHybridAuthenticationMessage AuthenticationDigital signatureDigital signature on keysCode (MAC)MAC on dataConfidentialityEncryption of dataEncryption of smallEncrypt keys with Asym.dataEncrypt of data with Sym.PerformanceVery fastSlowMediumCode sizeThousands of bytesThousands of bytesThousands of bytesKey size32-256 bitsECC: 2.56-384 bits512-3072 bits for Asym.RSA: 1024-3072 bits32-256 bits for Sym.KeyRandom key generationNoneRandom key generationmanagementPre-shared secret key
In the current state-of-the-art approach, research groups and government organizations are proposing the use of hybrid solutions, where a symmetric key is generated from a random number generator or a Key Encapsulation Mechanism (KEM) and exchanged through an asymmetric algorithm. As a result, higher performance can be achieved with symmetric encryption of both small and large data.
There are still three major limitations in the current hybrid approach. First, this solution requires a key exchange session using an asymmetric algorithm before the data transmission session. This overhead is estimated to be up to several seconds and is generally not acceptable for safety related applications, which require a reaction time of 50 to 200 milliseconds. Second, the hybrid solution requires an implementation of asymmetric algorithm in the embedded devices, thus causing non-negligible memory space overhead. Third, similar to symmetric algorithms, the hybrid solution generally needs a random number generator that produces symmetric keys with high entropy. Traditionally, the generation of random bits relies on a software-based pseudo random number generator or user given inputs. This approach, however, cannot provide enough entropy (where entropy is the quantified value of the randomness for a set of bits) due to its high level of predictability and determinism.
To solve this problem, researchers have been looking toward physical randomness as a high entropy source for random number generation. One of the products of their ideas is the Physical Unclonable Function (PUF), a function based on physical characteristics that are practically impossible to be duplicated by any attackers. Recently, researchers have proposed to use PUFs that can generate secret keys by extracting randomness from the physical environment. Similarly, it is possible to use the wireless communication channel as a source of physical randomness to generate secret keys. Most of the state-of-the-art theories and practical methods for generating secret keys using physical characteristics of the wireless channel have been proposed within the last decade.
The success of generating dynamic keys from the wireless communication depends on three properties: 1) reciprocity of the radio wave propagation, 2) temporal variations, and 3) spatial variations in the wireless channel. Besides most of the theoretical works, some practical implementations have been demonstrated in sensor network applications, and they rely on the Multiple-Input and Multiple-Output (MIMO) approach or collaborations among multiple wireless nodes to create secret keys with higher entropy. An implementation on V2V/V2I applications has been demonstrated in the art. However, it mainly focuses on the comparison between different key generation algorithms and adequately model the spatial and temporal variations of the automotive wireless channel.
In summary, solving the limitations of the above-mentioned state-of-the-art approaches poses the following key challenges:                1. Finding a reliable high entropy source to generate secret keys for symmetric cryptographic algorithms, for ensured secure wireless communication in automotive CPS.        2. Finding a low cost solution in terms of performance and memory size for the exchange of symmetric keys in automotive CPS.        
To address the above-mentioned challenges, a novel technique to generate symmetric keys from the physical randomness of automotive wireless communication under tight memory and performance budgets is proposed. The present invention is the first to demonstrate, through realistic automotive modeling, simulation and experiments, that higher level of entropy may be obtained from the moving and changing environment to generate symmetric secret keys for automotive CPS wireless communication practically.
Any feature or combination of features described herein are included within the scope of the present invention provided that the features included in any such combination are not mutually inconsistent as will be apparent from the context, this specification, and the knowledge of one of ordinary skill in the art. Additional advantages and aspects of the present invention are apparent in the subsequent detailed description and claims.