As automotive security concerns are rising, the Controller Area Network (CAN)—the de facto standard of in-vehicle communication protocol—has come under scrutiny due to its lack of encryption and authentication. Several vulnerabilities, such as eavesdropping, spoofing, and replay attacks, have shown that the current implementation needs to be extended. Both academic and commercial solutions for a secure CAN have been proposed, but OEMs have not yet integrated them into their products. The main reasons for this lack of adoption are their heavy use of limited computational resources in the vehicle, increased latency that can lead to missed deadlines for safety-critical messages, as well as insufficient space available in a CAN frame to include a Message Authentication Code (MAC). By making a trade-off between security and performance, this disclosure overcomes the aforementioned problems of a secure CAN.

A processing method implemented by a first device including receiving first data including a challenge datum; obtaining key data including an encrypted cryptographic key which is masked by executing a cryptographic masking function; receiving an unmasking key; determining the encrypted cryptographic key by executing a cryptographic unmasking function on the basis of the unmasking key; determining a decrypted cryptographic key by a decryption by executing a decryption algorithm with white-box implementation on the basis of the encrypted cryptographic key; determining an answer datum by a cryptographic operation by executing a predetermined cryptographic algorithm on the basis of the decrypted cryptographic key and the challenge datum; and sending the answer datum to authenticate the first device.

A delivery method, device, system, unmanned vehicle, and computer-readable storage medium, relating to the field of logistics technology. The delivery method includes monitoring a state of the unmanned vehicle; verifying a verification code input by the user and received from the unmanned vehicle in response to the unmanned vehicle being not in an abnormal working state, and transmitting an unpacking instruction to the unmanned vehicle in response to successful verification.

An example apparatus comprises a processing resource coupled to a memory resource. The processing resource may be configured to execute instructions stored on the memory resource to generate a first secure key including a private key stored by a vehicle, generate a first secure message including the first secure key, transmit the first secure message over a vehicle bus to a vehicle part associated with the vehicle, and receive, from the vehicle part, a second secure message including at least one of a vehicle identification number (VIN) and a configuration parameter corresponding to the vehicle part in response to a determination that the first secure key matches a secure key corresponding to the vehicle part.

An electronic control unit comprises circuitry to receive a combined signal via a vehicle bus of a vehicle, wherein the combined signal contains a combination of a data signal and a watermark signal, which can be a radio frequency (RF) signal or an analog baseband signal, wherein the data signal includes a message, circuitry to extract a watermark from the watermark signal, circuitry to verify the watermark based on a comparison of the watermark with a pre-defined watermark, circuitry to extract the data signal from the combined signal and obtain the message from the data signal, and circuitry to authenticate the message based on the verification of the watermark.

A method comprises receiving vehicle data comprising information associated with a plurality of sensors of autonomous vehicle and segmenting the received vehicle data into non-public data and public data. The method further comprises partitioning the public data into a plurality of data partitions and generating a plurality of data levels of the public data. Each data level of the plurality of data levels is generated according to an access level of a plurality of access levels and includes one or more data partitions of the plurality of data partitions in an encrypted form. The method further comprises transmitting the generated plurality of data levels to a group of electronic devices. Each electronic device of the group of electronic devices retrieves, according to one of the plurality of access levels, at least a portion of the public data from the transmitted plurality of data levels.

A prover chip uses a key multiplier value generated by a proof-of-work function from a challenge value, a random number, and elliptic curve cryptography (ECC) techniques to generate a one-time (or ephemeral) use private key. Similarly, a verifier chip uses the key multiplier value generated by an equivalent proof-of-work function, a public key received from the prover, and ECC techniques to derive a one-time use public key that corresponds to the ephemeral private key generated by the prover chip. The prover chip uses the ephemeral private key to sign the second challenge value and send this signed second challenge value to the verifier chip. The verifier verifies the value it receives using the one-time use public key and if the signature on the second challenge value is valid, authenticates the prover chip to a system.

The present disclosure provides communication apparatuses and communication methods for security in resource pool allocation. The communication apparatuses include a target communication apparatus which comprises a receiver, which in operation, receives a resource information X.sub.S from a base station, as well as an authorisation information X.sub.auth and an allocated resource R.sub.S1 from a communication apparatus; and circuitry, which in operation, determines whether or not to utilise the allocated resource R.sub.S1 based on a verification with the resource information X.sub.S and authorisation information X.sub.auth.

A method for verifying content data to be used in a vehicle is provided. The method includes acquiring content data, acquiring, from partial data divided from the content data, a respective plurality of first hash values, acquiring a signature generated by using the first hash values and a key, acquiring state information that indicates a state of a vehicle, determining an integer N that is greater than or equal to one based on the acquired state information, generating, from N pieces of partial data included in the partial data, respective second hash values, verifying the content data by using each of (a) a subset of the plurality of first hash values respectively generated from partial data other than the N pieces of partial data, (b) the second hash values, and (c) the signature, and outputting information that indicates a result of the verifying.

The invention concerns a scheme for authentication between a telematic control unit (10) for a machine for industrial usage (220), preferably a vehicle, and a core server system (40). The telematic control unit (10) is associated with a hardware identifier and comprises an identity module (14) storing an identifier of the identity module (14) and a secret key which is specific to the identifier. The core server system (40) is connected to a telecommunication server (25) of a public land mobile network, wherein the telecommunication server (25) also has access to the secret key which is specific to the identifier. The inventive authentication scheme preferably relies on an advantageous use of a unique hardware identifier of the telematic control unit.