Efficient Secure Mechanisms for In-Vehicle Ethernet in Autonomous Vehicles

Abstract

The integration of external devices and network connectivity into autonomous vehicles has raised significant concerns about in-vehicle security vulnerabilities. Existing security mechanisms for in-vehicle bus systems, which mainly rely on appending authentication codes and data encryption, have been extensively studied in the context of CAN and CAN-FD buses. However, these approaches are not directly applicable to Ethernet buses due to the much higher data transmission rates of Ethernet buses compared to other buses. The real-time encryption and decryption required by Ethernet buses cannot be achieved with conventional methods, necessitating an acceleration in the speed of cryptographic operations to match the demands of Ethernet communication. In response to these challenges, our paper introduces a range of cryptographic solutions specifically designed for in-vehicle Ethernet networks. We employ an AES-ECC hybrid algorithm for critical vehicle control signals, combining the efficiency of AES with the security of ECC. For multimedia signals, we propose an improved AES-128 (IAES-128) and an improved MD5 (IMD), which improve encryption time by 15.77%. Our proposed security mechanisms have been rigorously tested through attack simulations on the CANoe (version 10) platform. These tests cover both in-vehicle control signals, such as braking and throttle control, and non-critical systems like multimedia entertainment. The experimental results convincingly demonstrate that our optimized algorithms and security mechanisms ensure the secure and reliable operation of real-time communication in autonomous vehicles.

1. Introduction

With the continuous development and advancement of the electronics industry, automotive electronic products are undergoing constant upgrades and improvements in their functions and performance. Among these advancements, new energy vehicles utilizing mechatronics and wire control technology (known as X-by-wire), such as driverless cars and Internet-connected vehicles, have emerged as the future development trend and direction of the automobile industry [1]. Autonomous vehicles comprise various bus networks, including CAN (Controller Area Network), LIN (Local Interconnect Network), FlexRay, and Ethernet [2]. While each bus serves a specific purpose, Ethernet has become increasingly important due to its high data rates, substantial bandwidth, and precise audio/video synchronization capabilities. Figure 1 illustrates an advanced Ethernet-based network topology for modern vehicles, integrating various critical components for enhanced functionality and safety. This network connects multiple units, including the following:

• Advanced Driver Assistance System (ADAS) Unit: This unit is equipped with an array of sensors, including a radar, a LiDAR, and cameras, along with advanced algorithms. It provides essential autonomous driving features such as collision avoidance, lane assistance, and adaptive cruise control.
• Body Control Unit (BCU): Manages vehicle body electronics, such as window controls and door locks, enhancing comfort and convenience. It includes various ECUs such as the Local Control Unit (LCU), System Control Unit (SCU), Sensor Region Control Unit (SRCU), and Microcontroller Unit (MCU).
• Powertrain Control Unit (PCU): Oversees the vehicle’s power output and transmission efficiency, which is crucial for performance and fuel economy. This unit integrates components like the Domain Gateway, Engine Management System (EMS), and Transmission Control Unit (TCU).
• Chassis Control Unit: This unit manages vehicle stability and control, including the Electronic Stability Control (ESC) Unit and Power Control Unit (PCU), which are vital for maintaining vehicle dynamics and energy management.
• Infotainment System: This system provides entertainment and connectivity features within the vehicle. It includes components like multimedia interfaces, navigation systems, and communication modules that enhance the in-car experience for passengers and drivers.

However, this technological advancement also introduces new security challenges, especially for mission-critical vehicle operations such as braking and acceleration. These operations are particularly vulnerable to cyberattacks, including cross-VLAN and denial-of-service attacks, which can lead to significant safety hazards [3].

Autonomous vehicles leverage multi-network convergence technology to achieve a wide range of in-vehicle functionalities. However, this also results in an increased number of interfaces for accessing the vehicle’s internal and external networks. Unfortunately, these interfaces can serve as potential entry points for malicious attacks [3]. For instance, when the in-vehicle electronic control system is connected to external network systems like WiFi, Bluetooth, OBD (On-Board Diagnostics) II network testers, and cellular networks, hackers may exploit these connections to steal information from the in-vehicle bus network. Subsequently, they could potentially invade the in-vehicle Ethernet system via remote control, thereby tampering with the in-vehicle control signals of vital components such as the engine, throttle, brakes, and steering wheel [4]. Consequently, during data transmission within the in-vehicle Ethernet system, various network failures such as data skipping, packet loss, and node and network link disconnections may occur. These failures can lead to the loss of fundamental operating functions of control systems such as the braking system, steering system, and advanced driver assistance system. Consequently, the risk index of automotive information security is significantly heightened [5]. As one of the most widely utilized modes of transportation, it is imperative for automobiles to prioritize the information security of their in-vehicle networks. Neglecting this aspect could severely compromise the safety of vehicle operations and potentially endanger public safety as well.

As evidenced by a landmark event in 2015, security researchers Charlie Miller and Chris Valasek hacked into a Jeep’s multimedia system via WiFi and successfully infiltrated its core CAN bus network. This notable case underscores the critical need to safeguard both the multimedia and internal bus networks within automotive systems, as malicious actors could potentially manipulate crucial vehicle components. In light of this, the importance of ensuring robust security measures for in-vehicle networks cannot be overstated [6].

As the primary network infrastructure of autonomous vehicles, ensuring the security of in-vehicle Ethernet is crucial. Two main approaches are employed to address the security challenges of in-vehicle networks: cryptography-based message encryption and authentication mechanisms, and packet monitoring and analysis to detect malicious messages and network anomalies [7,8,9]. However, the high real-time demands of in-vehicle bus networks make traditional computer network security technologies computationally intensive and difficult to implement within electronic control units [10]. Therefore, it is essential to study the unique characteristics of in-vehicle bus networks alongside traditional cryptography to enhance security through improved encryption and authentication algorithms. In-vehicle Ethernet is pivotal for automotive active safety, thus requiring assurance of real-time performance, reliability, and security.

To ensure the real-time performance of in-vehicle Ethernet, we conducted research on enhancing encryption and authentication algorithms to bolster defense capabilities. The upgraded encryption algorithm improves the encryption rate by 15% compared to the traditional method, while the enhanced authentication algorithm reduces computation time by half. By integrating these two improved algorithms, we propose a highly efficient security mechanism for in-vehicle Ethernet. To validate the efficacy of our proposed security mechanism, we conducted attack experiments on the CANoe platform, simulating braking, throttle, lights, and video playback functions, and assessed its defensive capabilities. The experimental results demonstrate that our designed security mechanism effectively safeguards the bus network’s security and reliability without disrupting the normal communication function of in-vehicle Ethernet.

The contributions of this paper are as follows:

• AES-ECC Hybrid Algorithm: We develop a novel AES-ECC hybrid algorithm for critical vehicle control signals in Ethernet networks, balancing AES efficiency with ECC security.
• Improved AES-128 (IAES-128): We propose IAES-128, optimizing AES-128 for multimedia entertainment data with a 15% faster encryption time.
• Improved MD5 Authentication (IMD): We improve MD5 authentication (IMD) by 50% in computation time, ensuring efficient data integrity verification.
• Comprehensive Security Mechanism: These algorithms are integrated into a robust security framework, rigorously tested via CANoe attack simulations to protect both critical and non-critical vehicle systems.
• Validation Through Simulations: Validated through realistic cyberattack simulations, ensuring reliability in safeguarding autonomous vehicles from potential threats.

Section 2 provides a concise introduction to in-vehicle Ethernet and highlights potential security risks associated with its implementation. Subsequently, Section 3 elaborates on the comprehensive network security protocol, incorporating enhanced encryption and authentication algorithms. Section 4 analyzes the results of attack and defense experiments, validating the effectiveness of the developed security mechanisms.

2. Background and Related Work

2.1. Introduction to Automotive Ethernet

With the rapid advancement of automotive electronics, there has been a notable increase in the number of automotive electronic products. These products are becoming more functional and complex, surpassing the capacity and bandwidth limits of traditional vehicle bus networks. To address this challenge, in-vehicle Ethernet has emerged as a new LAN technology for connecting automotive electronic units. In comparison to traditional bus networks, in-vehicle Ethernet offers data transmission rates of up to 100 Mbit/s or even 1 Gbit/s over a single pair of unshielded twisted pair wires. It also meets the automotive industry’s requirements for low power consumption, low electromagnetic radiation, affordability, high reliability, low latency, and synchronous real-time performance [11].

Within Vehicular Ethernet, the frame structure has evolved over time, resulting in five distinct frame formats. Among these, the Ethernet frame format is primarily categorized into Ethernet II and IEEE 802.3. IEEE 802.3 Ethernet stands as one of the major standards [12]. The IEEE 802.3 Ethernet frame format is briefly described below, with the format depicted in Figure 2.

An Ethernet frame consists of several key fields. The Preamble is a 7-byte sequence of alternating 0s and 1s that enables bit synchronization. The Start of Frame Delimiter is a 1-byte field set to 10101011, marking the start of the frame. The Destination Address and Source Address fields are each 6 bytes long, containing the MAC addresses of the recipient and sender, respectively. The Length field is 2 bytes, indicating the frame size, with a maximum value of 1500 bytes. The Data or Payload field holds the actual data, padded with 0s if less than 46 bytes. Finally, the Cyclic Redundancy Check (CRC) is a 4-byte field providing a 32-bit hash code for error checking.

2.2. Cybersecurity Hazards of In-Vehicle Ethernet

2.2.1. Intrusion Detection Solutions

In 2013, the BMW X5 became the first vehicle equipped with an in-vehicle Ethernet bus, marking the integration of Ethernet into automotive networks for the first time. Since then, Ethernet has seen increasing utilization in in-vehicle bus networks, with projections indicating it will be utilized in over 80% of vehicles by 2025 [13]. However, as connected car technologies continue to advance, Internet-connected vehicles require external connectivity through open interfaces, thereby escalating the risk of car attacks.

Attackers may maliciously inject erroneous messages (e.g., braking commands) or disrupt the transmission of legitimate messages (e.g., tampering with, delaying, or deleting messages, relaying messages, etc.). They may also exploit vulnerabilities via the on-board diagnostic (OBD) interface or wireless connections, employing reverse engineering techniques to decipher the characteristics of existing nodes. Such actions pose serious threats to vehicle security, potentially endangering the driver’s life and public safety [14]. Therefore, safeguarding vehicle networks is paramount.

Vehicle manufacturers and automotive network providers must implement a range of measures to shield vehicles from cyberattacks. Intrusion detection solutions have been explored to address these threats:

• Woo et al. conducted an experiment to remotely and wirelessly attack a vehicle using a malicious smartphone and devised a security protocol for this purpose. The protocol adheres to the CAN bus specification and has been experimentally validated for feasibility, demonstrating improvements in communication load and authentication delay compared to existing protocols [15].
• Song H.M. et al. introduced a lightweight intrusion detection algorithm based on CAN message interval analysis, capable of detecting all attack messages without triggering false alarms [16].
• Boosun Jeon et al. analyzed traffic characteristics of vehicular Ethernet networks and developed a lightweight anomaly detection system, employing machine learning techniques to identify anomalous traffic in vehicular environments, ensuring real-time performance and bolstering vehicle security [17].
• Yousik Lee et al. scrutinized 13 instances of automotive hacking based on cyber kill chains, introducing an analysis methodology grounded in cyber kill chain attacks. They devised a vulnerability analysis system and recommended corresponding defensive measures [18].
• Ali Altalbe developed FFS-IDS, an advanced IDS for in-vehicle networks. It combined feature fusion with stacking ensemble learning to improve detection accuracy. FFS-IDS outperformed existing methods in identifying various attacks, achieving up to 99% accuracy for certain threats [19].
• Yinbin Miao developed an IDS for autonomous vehicles using K-nearest neighbors and ensemble learning. The system achieved up to 99% accuracy and improved F1-scores on real-world datasets, enhancing vehicle safety and cybersecurity [20].

2.2.2. Cryptographic Solutions

To protect vehicle networks from cyberattacks, cryptographic solutions are essential. These solutions involve encryption and authentication technologies to secure communication and prevent unauthorized access:

• Herrewege et al.’s Broadcast Authentication Protocol: Herrewege et al. proposed a backward-compatible broadcast authentication protocol for the CAN bus. This protocol is designed to be fully applicable without modifications to existing nodes [21].
• Mundhenk et al.’s LASAN Protocol: Mundhenk et al. introduced the Lightweight Authentication Protocol LASAN, which is suitable for in-vehicle networks. LASAN provides notable security and real-time advantages without requiring additional hardware support [22].
• Zhao et al.’s Keychain Authentication Mechanism: Zhao et al. proposed a unidirectional keychain delayed-exposure-based authentication mechanism for TTEthernet. This mechanism enhances message authenticity and reduces authentication delay while addressing system scheduling challenges through mixed-integer linear programming [23].
• Marco Iorio et al.’s Security Framework: Marco Iorio et al. developed a novel mechanism for securing applications in vehicles. This framework is integrated with Ethernet communication and the Service-Oriented Middleware-over-IP (SOME/IP) to bolster communication security [24].
• Wang et al.’s Hardware Security Module (SECU): Wang et al. proposed the SECU Hardware Security Module for key distribution and secure authentication. It also protects the ECU against attack messages before they are received [25].
• Shiyi Jin et al.’s Signal-Packing Method: Shiyi Jin et al. proposed a signal-packing method using the Next Decrease of Fit (NFD) algorithm, which facilitates swift message scheduling and minimizes Frame ID (FID) usage to control message load size and enhance transmission efficiency for FlexRay static segmented messages [26].
• Yinbin Miao et al. introduced PSRQ, a cryptographic scheme that combines Geohash with Coalesce Bloom Filter (CSC-BF) and Symmetric-key Hidden Vector Encryption (SHVE), to enhance privacy and query efficiency. PSRQ+ further improves security and range support, achieving 100× better efficiency compared to prior methods [27].

Challenges and Limitations of Existing Approaches:

The original version of the Ethernet standard is widely acknowledged to offer relatively low levels of security. This has been a significant concern as the automotive industry increasingly adopts Ethernet for in-vehicle networks. The limitations of existing approaches include the following:

• Insufficient encryption mechanisms that do not provide adequate protection against sophisticated cyberattacks.
• A lack of robust authentication protocols that can verify the integrity and authenticity of messages in real-time [28].
• Inadequate consideration for the unique challenges posed by the automotive environment, such as the need for low latency and high reliability in safety-critical systems [29].

Safety Mechanisms in Automotive Operating Systems:

Widely used Automotive Operating Systems like AUTOSAR provide safety mechanisms like End-to-End (E2E) that include several safety mechanisms targeted at different Communication Failure modes [30,31]. These mechanisms are designed to ensure data integrity and reliability in the face of various communication failures. It is crucial for researchers to investigate the Communication Failure modes and the safety mechanisms AUTOSAR provides to enhance the security of in-vehicle Ethernet networks.

As the Ethernet protocol emerges as a relatively novel autonomous solution, there remains a lack of comprehensive studies on security protocols specifically tailored for self-driving cars. However, it is widely acknowledged that the original version of the Ethernet standard offers relatively low levels of security, a concern that has been underscored in numerous research endeavors [32]. Consequently, there is an imperative to develop in-vehicle Ethernet networks tailored to meet the demanding requirements of speed and real-time performance, thus enhancing the safety of self-driving cars.

3. Automotive Ethernet Security Protocol

In this paper, focusing on optimizing the network communication environment of in-vehicle Ethernet and ensuring that the communication data of in-vehicle Ethernet can be transmitted securely, we design a high-efficiency authentication and encryption algorithm based on the research of traditional cryptographic algorithms: AES-128 encryption algorithm, ECC encryption algorithm, and MD5 authentication algorithm. According to the network characteristics of in-vehicle Ethernet, we designed a multi-objective and efficient network security scheme on the basis of the network topology experimental platform we built to further improve the security and real-time performance of the system.

3.1. The Overall Network Security Scheme for In-Vehicle Ethernet

The transmission environments of in-vehicle Ethernet networks can be broadly categorized into two main groups:

• In-vehicle multimedia signals:
  • Functionality: In-vehicle infotainment signals, comprising audio, video, navigation, and diagnostics, are often perceived as non-safety-critical. However, their stable transmission is crucial for passenger comfort and indirectly reflects the reliability of the vehicle, thus influencing the passengers’ safety perception.
  • Security Challenges: As evidenced by the 2015 Jeep hack, a breach in the multimedia system can serve as a gateway to manipulate critical vehicle controls. Therefore, safeguarding both multimedia and vehicle control networks is paramount.
  • Attack Types: These include data theft (e.g., hackers attempting to illegally copy entertainment system data or analyze user behavior) and denial-of-service attacks (blocking multimedia signal transmission through sending numerous invalid requests) [33].
  • Security Measures: To address these threats, this paper employs a combination of an improved IAES-128 algorithm and an IMD5 algorithm for encryption and authentication of in-vehicle multimedia signals. IAES-128 optimizes encryption speed for multimedia data, while IMD5 improves data integrity verification efficiency.
• In-vehicle control signals:
  • Functionality: Encompassing steering, braking, power, and lighting signals, these control signals are pivotal in determining the fundamental functionality and safety of the vehicle.
  • Transmission Requirements: During vehicle operation, it is imperative for control signals to be transmitted swiftly and accurately to ensure the stability and safety of the vehicle.
  • Attack Types: Common attack types include replay attacks (hackers capturing and resending legitimate control signals to deceive the system) and tampering attacks (modifying the content of control signals, such as sending erroneous braking commands) [34,35].
  • Security Measures: To mitigate these threats, this paper adopts a hybrid AES-ECC encryption mechanism with a higher security level to encrypt the control signals. This hybrid algorithm combines the efficiency of AES with the security of ECC, providing a high level of protection for critical vehicle control signals.

Given the distinct characteristics of in-vehicle control signals and multimedia signals, we have implemented different security schemes tailored to each. In this study, these network security schemes have been applied to the constructed network topology, and the flowchart of the network security scheme is depicted in Figure 3. By combining various encryption and authentication algorithms, we can effectively defend against various attacks targeting in-vehicle multimedia and control signals, thereby ensuring the security and reliability of the automotive system. Additionally, in-vehicle Ethernet networks must feature high bandwidth and low latency while considering the intricate vehicle environment, including temperature, humidity, vibration, and electromagnetic interference, to ensure stable and reliable transmission.

3.2. Design of Data Encryption and Authentication Algorithms for In-Vehicle Multimedia Signals

The existing encryption algorithms, while secure, may not be optimized for the computational constraints of real-time automotive applications. The hypothesis is that these algorithms may be mathematically inefficient in their current form, leading to increased latency and reduced communication efficiency. The proposed optimizations aim to address these inefficiencies without compromising security.

3.2.1. Improved AES-128 Encryption Algorithm Design (IAES-128)

Before introducing the improved AES-128 encryption algorithm, it is important to understand the basics of the traditional AES-128 algorithm. AES-128 is a symmetric key encryption technique that operates on a 128-bit block of data with a key length of 128 bits. It consists of several rounds of transformations, including byte substitution (SubBytes), row shifting (ShiftRows), column mixing (MixColumns), and round key addition (AddRoundKey). Each round contributes to the diffusion and confusion properties that enhance the security of the encrypted data, as illustrated in Figure 4 on the left, which shows the four processes of the traditional AES-128.

In an in-vehicle environment, encryption and decryption operations can be resource-intensive, potentially adding to the computational burden of the in-vehicle system. Therefore, ensuring that these processes are fast enough is crucial to prevent communication delays and maintain communication efficiency [36]. The traditional AES-128 encryption algorithm comprises nine rounds of complete transformations, including byte substitution, row shift transformation, column confusion transformation, and round key addition transformation. The computational complexity of these operations, particularly in resource-constrained automotive systems, can lead to latency issues that are detrimental to real-time communication [37].

To address these challenges, the IAES-128 encryption algorithm proposed in this paper aims to enhance algorithm efficiency by simplifying the encryption process. This is achieved by consolidating the row shift (ShiftRows) and column confusion (MixColumns) transformations of the traditional encryption algorithm into a single step known as the row–column transform, as shown in Figure 4 on the right. This optimization reduces the number of computational steps required for each round of encryption, which could potentially decrease the overall encryption and decryption time.

By streamlining these steps, the improved algorithm not only enhances encryption efficiency but also maintains the security of encryption. This makes it more suitable for high-speed real-time data transmission applications in in-vehicle Ethernet networks, where rapid and secure communication is paramount. The right side of Figure 4 illustrates the improved algorithm, highlighting the changes made to the ShiftRows and MixColumns steps, while no improvements have been made to the SubBytes and AddRoundKey steps, ensuring that the core security features of the original AES-128 algorithm are preserved.

We have made no improvements to the SubBytes step and the AddRoundKey step, and the following descriptions are only for the ShiftRows and MixColumns:

The state of the matrix S after SubBytes step is

$$S=\left(\begin{array}{cccc}{S}_{00}& S_{01}& S_{02}& S_{03}\\ S_{10}& S_{11}& S_{12}& S_{13}\\ S_{20}& S_{21}& S_{22}& S_{23}\\ S_{30}& S_{31}& S_{32}& S_{33}\end{array}\right)$$

(1)

Then, we conduct a row–column transformation, which integrates the ShiftRows and the MixColumns into a single step.

First, we multiply the S matrix by a fixed matrix to obtain S′, as shown in Equation (2).

$$S^{\prime }=\left(\begin{array}{cccc}{S_{00}}^{\prime }& {S_{01}}^{\prime }& {S_{02}}^{\prime }& {S_{03}}^{\prime }\\ {S_{10}}^{\prime }& {S_{11}}^{\prime }& {S_{12}}^{\prime }& {S_{13}}^{\prime }\\ {S_{20}}^{\prime }& {S_{21}}^{\prime }& {S_{22}}^{\prime }& {S_{23}}^{\prime }\\ {S_{30}}^{\prime }& {S_{31}}^{\prime }& {S_{32}}^{\prime }& {S_{33}}^{\prime }\end{array}\right)=\left(\begin{array}{cccc}2& 1& 3& 1\\ 1& 2& 1& 3\\ 3& 1& 2& 1\\ 1& 3& 1& 2\end{array}\right)\times \left(\begin{array}{cccc}{S}_{00}& S_{01}& S_{02}& S_{03}\\ S_{11}& S_{12}& S_{13}& S_{10}\\ S_{22}& S_{23}& S_{20}& S_{21}\\ S_{33}& S_{30}& S_{31}& S_{32}\end{array}\right)$$

(2)

The result after multiplication is as shown in Equation (3).

$$\begin{array}{l}{S_{00}}^{\prime }=2S_{00}+1S_{11}+3S_{22}+1S_{33},{S_{01}}^{\prime }=2S_{01}+1S_{12}+3S_{23}+1S_{30},\\ {S_{02}}^{\prime }=2S_{02}+1S_{13}+3S_{20}+1S_{31},{S_{03}}^{\prime }=2S_{03}+1S_{10}+3S_{21}+1S_{32},\\ {S_{10}}^{\prime }=1S_{00}+2S_{11}+1S_{22}+3S_{33},{S_{11}}^{\prime }=1S_{01}+2S_{12}+2S_{23}+1S_{30},\\ {S_{12}}^{\prime }=1S_{00}+2S_{13}+1S_{20}+3S_{31},{S_{13}}^{\prime }=1S_{03}+2S_{10}+1S_{21}+3S_{32},\\ {S_{20}}^{\prime }=3S_{00}+1S_{11}+2S_{22}+1S_{33},{S_{21}}^{\prime }=3S_{01}+1S_{12}+2S_{23}+1S_{30},\\ {S_{22}}^{\prime }=3S_{02}+1S_{13}+2S_{20}+1S_{31},{S_{23}}^{\prime }=3S_{03}+1S_{10}+2S_{21}+1S_{32},\\ {S_{30}}^{\prime }=1S_{00}+3S_{11}+1S_{22}+2S_{33},{S_{31}}^{\prime }=1S_{01}+3S_{12}+1S_{23}+2S_{30},\\ {S_{32}}^{\prime }=1S_{02}+3S_{13}+1S_{20}+2S_{31},{S_{33}}^{\prime }=1S_{03}+3S_{10}+1S_{21}+2S_{32},\end{array}$$

(3)

The above operation expression is then expressed in the form of a vector matrix:

$$\left(\begin{array}{c}{S_{00}}^{\prime }\\ {S_{01}}^{\prime }\\ {S_{02}}^{\prime }\\ {S_{03}}^{\prime }\\ {S_{10}}^{\prime }\\ {S_{11}}^{\prime }\\ {S_{12}}^{\prime }\\ {S_{13}}^{\prime }\\ {S_{20}}^{\prime }\\ {S_{21}}^{\prime }\\ {S_{22}}^{\prime }\\ {S_{23}}^{\prime }\\ {S_{30}}^{\prime }\\ {S_{31}}^{\prime }\\ {S_{32}}^{\prime }\\ {S_{33}}^{\prime }\end{array}\right)=\left(\begin{array}{cccccccccccccccc}2& 0& 0& 0& 0& 1& 0& 0& 0& 0& 3& 0& 0& 0& 0& 1\\ 0& 2& 0& 0& 0& 0& 1& 0& 0& 0& 0& 3& 1& 0& 0& 0\\ 0& 0& 2& 0& 0& 0& 0& 1& 3& 0& 0& 0& 0& 1& 0& 0\\ 0& 0& 0& 2& 1& 0& 0& 0& 0& 3& 0& 0& 0& 0& 1& 0\\ 1& 0& 0& 0& 0& 2& 0& 0& 0& 0& 1& 0& 0& 0& 0& 3\\ 0& 1& 0& 0& 0& 0& 2& 0& 0& 0& 0& 1& 3& 0& 0& 0\\ 0& 0& 1& 0& 0& 0& 0& 2& 1& 0& 0& 0& 0& 3& 0& 0\\ 0& 0& 0& 1& 2& 0& 0& 0& 0& 1& 0& 0& 0& 0& 3& 0\\ 3& 0& 0& 0& 0& 1& 0& 0& 0& 0& 2& 0& 0& 0& 0& 1\\ 0& 3& 0& 0& 0& 0& 1& 0& 0& 0& 0& 2& 1& 0& 0& 0\\ 0& 0& 3& 0& 0& 0& 0& 1& 2& 0& 0& 0& 0& 1& 0& 0\\ 0& 0& 0& 3& 1& 0& 0& 0& 0& 2& 0& 0& 0& 0& 1& 0\\ 1& 0& 0& 0& 0& 3& 0& 0& 0& 0& 1& 0& 0& 0& 0& 2\\ 0& 1& 0& 0& 0& 0& 3& 0& 0& 0& 0& 1& 2& 0& 0& 0\\ 0& 0& 1& 0& 0& 0& 0& 3& 1& 0& 0& 0& 0& 2& 0& 0\\ 0& 0& 0& 1& 3& 0& 0& 0& 0& 1& 0& 0& 0& 0& 2& 0\end{array}\right)\left(\begin{array}{c}{S}_{00}\\ S_{01}\\ S_{02}\\ S_{03}\\ S_{10}\\ S_{11}\\ S_{12}\\ S_{13}\\ S_{20}\\ S_{21}\\ S_{22}\\ S_{23}\\ S_{30}\\ S_{31}\\ S_{32}\\ S_{33}\end{array}\right)$$

(4)

The improved algorithm merges the row displacement transform and column confusion transform, synthesizing them into the row–column transform through function composition. This approach reduces the required number of operations compared to the traditional algorithm, enhancing its efficiency without compromising algorithm security.

3.2.2. Improved MD5 Data Authentication Algorithm Design (IMD5)

Understanding the traditional MD5 algorithm is essential for appreciating the proposed design of the IMD5 algorithm. MD5 is a cryptographic hash function that generates a 128-bit hash value, serving as a digital fingerprint for data integrity verification. It operates through a series of bitwise operations and modular additions, which are designed to ensure the hash value’s uniqueness and resistance to collisions. However, in the context of in-vehicle networks, the traditional MD5 algorithm, while secure, may not be optimized for the dynamic and resource-constrained environment of automotive systems. The fixed output length and the computational demands of MD5 can lead to inefficiencies, particularly when rapid authentication is required for real-time communication [38,39].

To address these limitations and better align with the needs of in-vehicle communication systems, we propose the design of the IMD5 algorithm. This enhanced algorithm is tailored to suit the characteristics of the vehicle bus network, offering optional output values of 32 bits, 64 bits, or retaining the original 128-bit length. This flexibility is crucial for adapting to the diverse performance requirements of automotive systems. Additionally, the IMD5 algorithm enhances the iterative word-generation formula, ensuring that the last 48 words are associated with the first 15 words, and improves two nonlinear functions to enhance algorithm security. These enhancements are aimed at providing a more efficient and secure data authentication mechanism that is better suited for the stringent demands of real-time communication in vehicle bus networks.

During the padded grouping phase of the algorithm, arbitrary input message values are segmented into groups of 512 bits each. Following 64 rounds of iterations, users can select various lengths of output message digests according to their needs. This adaptability renders the MD5 algorithm suitable for diverse scenarios, particularly meeting the performance requirements of cyclicity, security, and real-time performance in the vehicle bus network context. The enhanced algorithm comprises the following four steps:

Step 1: Filling Module: This step is identical to the corresponding step in the original MD5 algorithm. It involves padding the input message to a length that is a multiple of 512 bits.

Step 2: Initialization of Variables: At the outset, this phase initializes the values of registers A, B, C, and D. These values are derived from the first 64 bits of the decimal part of the square root of the four smallest prime numbers ($\sqrt{2}$, $\sqrt{3}$, $\sqrt{5}$, $\sqrt{7}$).

Step 3: Message Digest Calculation: This phase generates a total of 64 words. Initially, the 512-bit message is decomposed into 16 32-bit words, represented as W[0], ..., W[15]. The remaining 48 words are obtained by iterating through Equation (5), where σ₀ and σ₁ are nonlinear functions for confusion and diffusion.

$$W_i={\sigma }_1(W_{i-2})+W_{i-7}+{\sigma }_0(W_{i-15})+W_{i-16}$$

(5)

Step 4: Data Group Processing: This stage entails executing four rounds of 16 operations each. In each operation, the four interconnected variables A, B, C, and D are initially assigned to the variables a, b, c, and d, respectively. Subsequently, the assigned variables a, b, c, and d, along with M_j, the constants t_i ($t_i=2^{64\times \left|\sin \right(i\left)\right|}$), and s, undergo a nonlinear function operation as per Equation (7). The resulting outcome of this operation replaces the variables a, b, c, and d correspondingly.

The four nonlinear function operations are illustrated in Equation (6) below:

$$\begin{array}{l}F(X,Y,Z)=(X\wedge Y)\vee (X\wedge Z)\\ G(X,Y,Z)=(X\wedge Z)\vee (Y\wedge \left|Z\right.)\\ H(X,Y,Z)=(X\oplus Y\oplus Z)>>>1\\ I(X,Y,Z)=X\vee Z\oplus Y\end{array}$$

(6)

$$\begin{array}{l}FF(a,b,c,d,M_j,s,t_i)=b+((a+F(b,c,d)+M_j+t_i)<<S)\\ GG(a,b,c,d,M_j,s,t_i)=b+((a+G(b,c,d)+M_j+t_i)<<S)\\ HH(a,b,c,d,M_j,s,t_i)=b+((a+H(b,c,d)+M_j+t_i)<<S)\\ II(a,b,c,d,M_j,s,t_i)=b+((a+I(b,c,d)+M_j+t_i)<<S)\end{array}$$

(7)

The variables, $X\wedge Y$, $X\oplus Y$, and $X\vee Y$ represent the logical AND, logical XOR, and logical OR, respectively. | X represents the logical complement operation of X.

In the aforementioned equation, we optimize the nonlinear functions H and I. Firstly, we cyclically shift function H to the right to promote its earlier propagation, thereby enhancing the speed of the avalanche effect. Additionally, by enhancing function I from $I(X,Y,Z)=X\vee \left|Z\right.\oplus Y$ to $I(X,Y,Z)=X\vee Z\oplus Y$, we reduce the symmetry of the nonlinear function in the fourth round. This improvement enhances the operational efficiency of the algorithm and expedites the avalanche effect.

Among them, M_j represents the j-th message block (ranging from 0 to 15), <<S denotes a circular left shift by S positions, and the + symbol indicates addition modulo 2³². The IMD5 algorithm enhances the security by optimizing the iterative formula so that the generated 48 words are associated with the first 15 words. In addition, the improved nonlinear function diffuses in advance, which improves the avalanche effect and makes the algorithm more secure. The authentication speed is doubled with an output length of 64 bits, which improves the authentication efficiency of the algorithm. After research and analysis, this paper selects the MD5 algorithm with a 64-bit output value for in-vehicle multimedia information encryption and authentication, which ensures the design of a highly efficient security scheme.

3.2.3. Design of Efficient Data Encryption Algorithm for In-Vehicle Control Signals

In the majority of current automotive security research, the encryption algorithm utilized is AES-128 or AES-256, a symmetric key algorithm. However, when it comes to securing critical in-vehicle control signals, such as those for vehicle ignition, shutdown, acceleration, braking, and steering systems, relying solely on a symmetric key algorithm like AES may not provide the optimal level of security. On the other hand, ECC (Elliptic Curve Cryptography), an asymmetric encryption algorithm, is known for its strong security features but is hindered by its slow encryption and decryption speeds, which are not suitable for the high-speed requirements of automotive Ethernet networks [40,41].

To address these challenges and to meet the demands for both real-time performance and high security in automotive Ethernet, we propose a hybrid encryption approach that integrates the efficiency of AES with the enhanced security of ECC. This combined strategy aims to offer a more robust encryption solution for vehicle control signals, ensuring the secure and reliable operation of safety-critical vehicle functions within the automotive communication network [42].

In this paper, we propose a hybrid encryption mechanism, referred to as AES-ECC, which effectively marries the efficiency of AES with the robust security of ECC. This approach leverages the strengths of both algorithms to design a system that meets the stringent security and real-time requirements of self-driving in-vehicle communication. The improved AES-ECC algorithm aims to achieve efficient encryption and decryption while maintaining a robust security level. The steps are as follows:

Step 1: The sender encrypts the plaintext message using the improved AES algorithm to generate ciphertext.

Step 2: The sender then encrypts the AES key with the recipient’s ECC public key, producing the key block.

Step 3: The sender transmits the key block along with the ciphertext to the receiver.

Step 4: Upon receiving the message, the receiver decrypts the key block using their ECC private key to retrieve the AES key.

Step 5: Finally, the receiver uses the AES key to decrypt the ciphertext and recover the original plaintext message.

The flowchart of the AES-ECC encryption algorithm is illustrated in Figure 5: First, the sender encrypts the control message using the IAES algorithm and generates a 128-bit IMD5 message digest, which is then signed with the transmitter’s private key. The transmitter also encrypts the AES key with the receiver’s ECC public key. The digital signature, AES key ciphertext, and message ciphertext are then sent to the receiver.

Upon receiving the message, the receiver decrypts the AES key ciphertext with their ECC private key to obtain the AES key (as shown in Figure 6). They then use this AES key to decrypt the message ciphertext, restoring the original text. The receiver also decrypts the digital signature with the sender’s public key to retrieve the message digest and computes their own MD5 digest. By comparing the two digests, the receiver can verify the integrity of the message. If the digests match, it confirms that the message is complete and untampered, allowing the receiver to safely store it. If they do not match, the message has been altered during transmission, and the receiver should discard it.

This process effectively combines symmetric encryption, asymmetric encryption, and hash algorithms to ensure the confidentiality, integrity, and non-repudiation of data, providing a robust and reliable data transmission mechanism.

4. Simulation Experiment and Result Analysis

4.1. Simulation of Network Traffic and Attacks

This section delves into the simulation process of network traffic and various attack scenarios within the context of in-vehicle networks. The primary objective of this simulation is to evaluate the efficacy of the proposed security mechanisms under realistic network conditions.

For our experimental simulation, the software utilized was CANoe from Vector, a leading tool for automotive network simulation. We began by editing ECU node information and creating a database with Vector AUTOSAR Explorer (2.0.23 version). System variables were then configured, and a virtual panel was designed in Panel, setting parameters in Properties to establish the simulation environment.

In CANoe, we constructed the network topology architecture, which integrates multimedia and control signals with in-vehicle Ethernet serving as the backbone network, as illustrated in Figure 7.

In Figure 7a, the multimedia signals encompass AMP (Audio Multimedia Processor), CAMF (Camera Module for Video Feed), and HU (HeadUnit), where AMP is responsible for editing multimedia-related information, CAMF acts as the video sender node, and HU serves as the video playback module. The control signals include IC (Instrument Cluster) and VGW (Vehicle Gateway), with IC simulating the dashboard module and VGW emulating the centralized vehicular gateway’s function, facilitating communication between the vehicle’s powertrain systems.

Figure 7b demonstrates the control of the simulated car through the configuration of system variables, which enables the implementation of these functions on the designed panel interface. As illustrated in Figure 7b, the simulated car system variables include settings for parameters such as turn signals, steering wheel, and hazard lights. Taking the left turn signal as an example, 0 signifies off, while 1 indicates on; the steering wheel parameter is set to −1 for a left turn and 1 for a right turn. The pedal is represented by a percentage scale of 0–100, indicating the intensity of the pedal press.

4.1.1. Generation of Normal Network Traffic

We begin by simulating normal network traffic to establish a baseline for network behavior. This involves mimicking the typical data exchange between electronic control units (ECUs) within a vehicle, such as those related to engine control, braking systems, and multimedia entertainment. The simulation encompasses a variety of data types, including real-time sensor data, control signals, and entertainment system communications. The normal traffic is designed to reflect the standard operation of a vehicle’s network without any malicious interference. We simulated vehicle acceleration control, deceleration control, lamp control, and multimedia signals separately.

(A)

Acceleration control: Figure 8 shows the analog acceleration control simulation results, where the vehicle’s speed is regulated by the gas pedal and an acceleration control lever. The simulation illustrates that increased pressure on the gas pedal proportionally boosts acceleration, as indicated by a real-time speed dial on the dashboard. Additionally, moving the acceleration control lever to the left decreases speed, while moving it to the right increases speed. This setup provides precise control over the vehicle’s acceleration, emulating real-world driving conditions and offering a comprehensive understanding of the vehicle’s response to inputs.

(B)

Deceleration control: Figure 9 illustrates the results of the deceleration control simulation. As the car reaches a certain speed, pressing the brake pedal triggers a braking signal, resulting in a reduction in speed. The simulation showcases a direct correlation between the force applied to the brake pedal and the vehicle’s deceleration rate. On the virtual dashboard of the simulated car, the speed value on the odometer decreases accordingly, accurately reflecting the actual speed change in real-time. This setup offers a realistic portrayal of braking dynamics, providing users with immediate feedback on how the vehicle responds to braking inputs. Furthermore, the simulation captures the progressive decrease in speed as more pressure is applied to the brake pedal, mimicking real-world deceleration behavior and enhancing the user’s understanding of the vehicle’s braking performance.

(C)

Lamp control: Figure 10 depicts the results of the headlight control simulation, showcasing various functions such as running light signals, turn-signal signals, hazard light signals, and brake light signals, among others. These functionalities are implemented by integrating lights on the simulated car. When the corresponding control buttons are pressed, the respective lights illuminate, thereby achieving visual control of the lights. It ensures that when control buttons are engaged, the corresponding lights illuminate accurately, providing essential visual cues for driving scenarios.

(D)

Multimedia signals: The in-vehicle multimedia module successfully plays video on the designed HeadUnit analog video player. In this paper, we have tested this by intercepting a clip from the classic movie “Titanic” and verifying that it can be played normally and smoothly through the simulation player, as shown in Figure 11.

As shown in Figure 12, the characteristics of data transmitted on the in-vehicle Ethernet bus can be intuitively analyzed using CANoe’s trace, statistics, and graphics functions. The figure comprehensively analyzes data transmission characteristics, displaying the connection status of devices like AMP, HU, IC, and VGW at a link speed of 1000.0 Mbit/s. Crucial metrics such as bus load, packet rates, bit rates, peak rates, and byte rates for both reception (Rx) and transmission (Tx) are visually presented. The statistics module allows for observation of data transmission and reception load, the total number of packets sent and received, bit rates, error rates, and cumulative data volume handled by each device.

As shown in Figure 13, the trace data panel allows for the observation of data messages and the visualization of data changes generated by each ECU node over time through timestamps. Parameters such as time, transmission channel, VLAN ID, protocol, and data frame length are easily accessible, facilitating a more thorough analysis and study of in-vehicle Ethernet data at a later stage.

4.1.2. Generation of Normal Attack Scenarios

Building upon the baseline of normal traffic, we introduce simulated attack scenarios to assess the resilience and responsiveness of the in-vehicle network. The attacks are categorized into several types, each with distinct characteristics and impacts on the network:

(A)

Non-existing Attacks: This type of attack simulates the presence of messages that should not exist in the network under normal operation. The simulation incorporates such attacks by generating and transmitting packets with identifiers that do not correspond to any known ECU. Following this approach, we conducted a non-existing attack on the entire Ethernet network through a malicious module targeting control and video signals. The results, as depicted in Figure 14, show that the attack was successful, with the CANoe software trace confirming the malicious module’s impact.

(B)

Wrong command Attacks: These attacks are characterized by the transmission of messages that are correct in format but incorrect in content. The simulation introduces wrong attacks by altering the payload of legitimate messages to contain incorrect data. As shown in Figure 15, the video device (TV_Receiver) and the GPS_Unit, acting as attack modules, conducted a wrong command attack on the Ethernet bus. This manipulation of data within the network demonstrates the potential for malicious actors to disrupt normal vehicle operations by sending misleading commands.

(C)

Tampering Attacks: Tampering attacks involve the modification of legitimate messages in transit. In the simulation, tampering attacks are recreated by intercepting and modifying legitimate traffic, changing data such as sensor readings or control commands. As illustrated in Figure 16, tampering attacks on control signals were conducted, demonstrating that effective control signal tampering can be achieved, particularly targeting the HeadUnit module. This manipulation of critical signals highlights the vulnerability of in-vehicle networks to unauthorized alterations that can lead to compromised vehicle control.

4.2. Performance Analysis of Data Encryption and Authentication Algorithms

(A)

IAES-128 algorithm simulation result:

The efficiency of the IAES-128 algorithm is analyzed by comparing its plaintext encryption rate with that of the traditional AES-128 algorithm. Four sets of Ethernet message data of varying sizes are selected for testing. The encryption times of both the traditional and IAES-128 algorithms are compared by running the program in the same environment. Each set of data is encrypted 5000 times to obtain an average encryption time, as depicted in Figure 17.

The analysis of the experimental data shows that the improved IAES-128 algorithm is approximately 15.77% more efficient in plaintext encryption than the traditional AES-128 algorithm, as presented in

Table 1. Encryption times for AES-128 and IAES-128 algorithms.

Group	Data Size (Bytes)	AES-128 Encryption Time (ms)	IAES-128 Encryption Time (ms)	Efficiency Improvement
1	100	293	240	18.12%
2	500	473	376	20.53%
3	1000	613	536	12.56%
4	2000	759	664	11.88%

. This improvement is evident in the enhanced efficiency of the AES algorithm, making it suitable for meeting the real-time requirements of in-vehicle Ethernet communication. Additionally, the AES-128 algorithm, when attacked by an exhaustive search, needs to handle 2128 possible keys, which is impractical given that in-vehicle information changes every second. Thus, the security of in-vehicle multimedia information can be effectively ensured by using the AES algorithm.

(B)

IMD5 algorithm simulation result:

The performance and security enhancements of the IMD5 algorithm, an improved version of the MD5 algorithm, were analyzed through a series of avalanche effect experiments. The IMD5 algorithm incorporates advancements in the generation of the word for the iterative formula and the operation of two nonlinear functions, which are designed to enhance the security of the hash function.

The graphical representation in Figure 18 has been enhanced to include a scatter plot that illustrates the SAC ratio for each of the 1000 experiments conducted on the IMD5 algorithm. Each dot in the scatter plot represents the SAC ratio for a single experiment. The plot clearly shows the distribution of the SAC ratios, with the majority of points falling within the acceptable range of 0.4 to 0.6, indicating a strong avalanche effect.

The experimental results demonstrate that the IMD5 algorithm maintains a robust avalanche effect, with a minimal number of bad points. This indicates that the IMD5 algorithm is effective in producing a significant change in the hash value in response to a single bit change in the input message, thereby enhancing the security of the hash function against pattern detection and potential compromises.

By presenting these results in both tabular and graphical formats, this paper provides a clear and comprehensive comparison of the MD5 and IMD5 algorithms, highlighting the improvements in security and performance achieved by the IMD5 algorithm.

The traditional MD5 algorithm has a bad point rate of 3.5%. Through 1000 experiments, it can be concluded that the improved MD5 algorithm has a bad point rate of 3.2%. This rate is less than 5% and lower than that of the traditional MD5 algorithm, demonstrating that the improved algorithm is safe and reliable.

A significant improvement in the IMD5 algorithm is the reduction in the size of the hash value that requires authentication. While the traditional MD5 algorithm uses a 128-bit hash value, the IMD5 algorithm utilizes a 64-bit hash value. This reduction halves the number of bits that need to be authenticated, leading to a substantial decrease in authentication time. This improvement not only speeds up the authentication process but also conserves computational resources, making the IMD5 algorithm more efficient for real-time applications.

In summary, the IMD5 algorithm showcases notable enhancements in security and performance compared to the traditional MD5 algorithm. The detailed analysis of the avalanche effect experiment results, the comparison of bad point rates, and the assessment of the authentication rate improvements provide a comprehensive understanding of the IMD5 algorithm’s superiority in maintaining data integrity and security within cryptographic applications.

(C)

AES-ECC algorithm simulation result:

The efficiency of the hybrid AES-ECC encryption algorithm was evaluated and compared with the traditional AES-128 and ECC encryption algorithms. This comparison aimed to assess the performance of the hybrid algorithm in terms of encryption time across varying data sizes. Four distinct groups of data were selected, with each group representing a different data size. To obtain reliable average encryption times, each group of data was encrypted 5000 times using each of the three algorithms.

The hybrid AES-ECC algorithm demonstrates encryption times that are intermediate between the AES-128 and ECC algorithms, as shown in Figure 19. In

Table 2. Encryption times for AES-128, ECC, and AES-ECC algorithms.

Group	Data Size (Bytes)	AES-128 Encryption Time (ms)	ECC Encryption Time (ms)	AES-ECC Encryption Time (ms)
1	100	243	300	360
2	200	390	468	410
3	300	487	590	505
4	400	604	800	624

, the ECC algorithm’s encryption time increases significantly with larger data sizes, which is expected due to its computational complexity. In contrast, the hybrid AES-ECC algorithm maintains a relatively stable encryption time, even as the data size grows. This stability is attributed to the algorithm’s design, which leverages a fixed-length key for the AES component, thus avoiding the escalating encryption times associated with the ECC algorithm.

The hybrid AES-ECC algorithm’s consistent performance indicates an improvement in efficiency over the ECC algorithm, particularly for larger data sizes. This enhancement in efficiency is achieved without compromising security, as the algorithm combines the strengths of both AES and ECC encryption methods. The hybrid approach ensures that the security level is maintained, as it still requires the generation and management of ECC keys, which are known for their strength in resisting attacks.

In conclusion, the hybrid AES-ECC encryption algorithm presents a viable solution for applications requiring high-security standards and efficient encryption processes, especially in the context of in-vehicle Ethernet communication where data integrity and speed are paramount. The simulation results support the design objectives of the algorithm, showcasing its potential for real-world implementation in secure communication systems.

4.3. Simulation Results of the Overall Security Mechanism

This section details the simulation of the designed security scheme applied to the in-vehicle network, focusing on both control signal and multimedia signal security defenses. The integration of the algorithm ensures that all functions of the Ethernet system operate correctly, with reduced latency compared to traditional algorithms. To validate the system’s security, various simulated attacks were conducted, including tampering, wrong command, and non-existing attacks, utilizing CANoe’s built-in module functions to emulate hacker attack modes. The results of these attacks can be observed through CANoe’s write window. In the absence of attack interventions, the window will display “send successful”, indicating that the information transmission is successful, as shown in Figure 20.

(A)

Control signal security defense:

We conducted security testing against tampering attacks, non-existing attacks, and wrong command attacks. A tampering attack is when an attacker changes or replaces data during transmission, thus causing the receiver to receive incorrect information that may cause serious damage to the car. When the message data arrive at the receiving end, the system calculates the message digest and compares it with the received message digest. If the summaries are the same, the message is retained; if they are not, the message is discarded. When the receiver receives an error message, the write window displays an alert and requests the sender to resend the message.

A deletion attack is where the attacker interferes with the normal operation of the receiving end by deleting useful messages. Since deletion attacks also need to be recognized by message digests, the write window also displays the same prompts as tampering attacks. As shown in Figure 21, for both attacks, the system displays a successful defense and asks for a re-transmission.

Finally, there is the replay attack, in which the attacker repeatedly sends a piece of information in the data stream. This prevents the car from receiving the next correct information, leading to a delay in the transmission of information and adversely affecting the car’s operations. When the receiver detects a replay attack, the write window displays “send too many times” and stops transmitting the message, as shown in Figure 22.

(B)

Multimedia signal security defense:

Multimedia signals, while not directly impacting vehicle control, are crucial for infotainment systems and driver assistance features. To safeguard these signals, the system is tested against deletion and replay attacks. Deletion attacks, which involve the removal of essential messages, are detected through the message digest comparison process, similar to tampering attacks. If a deletion is detected, the system requests a re-transmission, ensuring the continuity and integrity of multimedia content.

If the multimedia signal defense is successful, normal video playback will occur. In the context of the in-vehicle network, the integrity and security of multimedia signals are crucial for the seamless functioning of infotainment systems and other media-related features. When the security measures in place effectively protect against potential threats such as tampering, deletion, or replay attacks, the multimedia system can reliably deliver uninterrupted and accurate content.

The entire Ethernet system’s detection process and results are depicted in Figure 23; the left side of the figure shows the detection process, while the right side displays the defense monitoring results. By monitoring network traffic and comparing message digests, the system effectively mitigates the risks associated with the unauthorized deletion or tampering of multimedia signals. This proactive approach ensures that the infotainment system and related features remain secure and reliable, thereby enhancing the overall driving experience.

5. Conclusions

Autonomous in-vehicle Ethernet driving plays a crucial role in ensuring automobile active safety, requiring real-time performance, reliability, and security. The improved IAES-128 algorithm demonstrated a 15.77% increase in encryption efficiency compared to the traditional AES-128 algorithm, making it more suitable for real-time vehicle network environments. Similarly, the hybrid AES-ECC algorithm achieved an efficiency improvement of up to 30% over the traditional ECC algorithm while maintaining strong security standards. These advancements meet the stringent requirements for both performance and security in autonomous driving networks.

The IMD5 algorithm, developed as an improved version of the MD5 algorithm, showcased robust security performance through rigorous avalanche effect testing. By reducing the hash value size from 128 bits to 64 bits, the IMD5 algorithm not only improved security but also significantly accelerated the authentication process, making it more efficient for real-time applications. Furthermore, the simulation results demonstrated that the proposed security mechanism could effectively defend against various types of attacks, including tampering, deletion, and replay attacks. By integrating encryption and hash algorithms, the system provided strong protection for both control and multimedia signals within the in-vehicle Ethernet network. The ability to detect and respond to these attacks validated the feasibility of the proposed security solution in ensuring reliable and secure vehicle communication.

In future research, we plan to address several critical areas to enhance the security and robustness of in-vehicle networks. One significant aspect is the development of advanced key management solutions. Effective key management is crucial for ensuring the confidentiality and integrity of communications within the vehicle network. We aim to explore novel cryptographic techniques and protocols to improve key distribution, rotation, and revocation processes, ensuring that the network remains secure against evolving threats. Additionally, as quantum computing technology progresses, it poses potential risks to current cryptographic schemes. We will investigate the impact of quantum threats on vehicle network security and explore quantum-resistant algorithms and techniques. This will involve evaluating the resilience of existing encryption methods against quantum attacks and developing new strategies to safeguard vehicular communications in a post-quantum era.

By addressing these future challenges, we hope to significantly advance the field of in-vehicle network security and contribute to the development of more secure and reliable vehicular systems.