Symmetrical encryption requires that both the sender and receiver have the same key. The software modules that are used permit dynamic allocation of the keys at runtime, so that the user or OEM can freely choose them.
A higher-level method such as an (asymmetrical) key exchange method might be implemented, or a static allocation might be made, such as in end-of-line programming. When a vehicle-specific key is used, whenever an ECU is replaced, the automotive service shop must train the new ECU by an authorization method, because the key must be kept confidential under all circumstances.
Preventing Replay Attacks
In this configuration, encrypted transmission of messages is now possible, where the information is, however, still purely static, i.e. a unique key text can be assigned to the plain text signals. This means that replay attacks, i.e. recording excerpts of a desired communication and replaying it into the system at a later time, can still be made. That is because the receiver cannot check whether the message actually originates from the sender at this time point. To make checking possible, at the start of communication the receiver generates a random value it selects – which is referred to as the ID key in the following – and it communicates this to the sender. The sender increments the value with each Tx operation and appends it to the Tx message. When the message arrives, the receiver checks whether the ID key matches the expected value. If it does, it processes the message; otherwise it rejects it. To tolerate possible message losses, the receiver will also accept a slightly higher value. This means that the counter in the Tx message continually alters the encrypted data even if the signal contents remain the same (Figure 1).
Figure 1: Message transmission and timing of encrypted communication