A controller area network (hereinafter, abbreviated as CAN) has become widespread as a representative standard protocol in automotive in-vehicle networks. In such an in-vehicle network, there is a danger that a replay attack will be performed by connecting unauthorized equipment to an interface directly linked to an in-vehicle network such as an on-board-diagnostics 2 (OBD2) port. Here, the replay attack is an attack that causes a false operation by eavesdropping on a message flowing on a communication path to acquire beforehand and retransmitting the acquired message.
Besides, there is also a danger that an information processing device that cooperates with a system outside the vehicle is infected with malware, the infected device transmits a fake message to the in-vehicle network, and a control device that received the message causes a malfunction.
In response to these threats, it is generally considered effective to carry out message authentication using a message authentication code (MAC) as a message authentication code for messages flowing between respective information processing devices. Since the MAC utilizes a key for encryption and is generated using a predetermined encryption algorithm, it is necessary to manage the key in each control device.
In regard to such a technique, PTL 1 discloses a technique in which security information (message authentication code) is included in a communication frame section together with a message class identifier and the security information is employed as a session key for communication by each regular node (Abstract).