Next Article in Journal
Integration of IoT Technologies for Enhanced Monitoring and Control in Hybrid-Powered Desalination Systems: A Sustainable Approach to Freshwater Production
Previous Article in Journal
Development, Implementation and Evaluation of An Epidemic Communication System
Previous Article in Special Issue
FedMon: A Federated Learning Monitoring Toolkit
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
IoT
Volume 5
Issue 2
10.3390/iot5020015
Review Report
IoT-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

Addressing Vulnerabilities in CAN-FD: An Exploration and Security Enhancement Approach

IoT 2024, 5(2), 290-310; https://doi.org/10.3390/iot5020015
by Naseeruddin Lodge *, Nahush Tambe and Fareena Saqib *
Reviewer 1:
Raghunandan K R
Reviewer 2: Anonymous
Reviewer 3: Anonymous
Reviewer 4: Anonymous
IoT 2024, 5(2), 290-310; https://doi.org/10.3390/iot5020015
Submission received: 29 February 2024 / Revised: 12 May 2024 / Accepted: 16 May 2024 / Published: 30 May 2024
(This article belongs to the Special Issue Cloud and Edge Computing Systems for IoT)

Round 1

Reviewer 1 Report

Comments and Suggestions for Authors

1. Kindly rewrite the title as "Addressing Vulnerabilities in CAN-FD: An Exploration and Security Enhancement Approach"

2. Restructure the article by providing 1. Introduction 2. Literature survey 3. Limitations of the existing methods and the objectives of the proposed work 4. Mathematical Prelimenaries any 5. Proposed method . 6.Results and analysis 7. Future work and discussions 8. conclusion

3. Explore and address more about the vulnerability of CAN-FD in the literature survey.

4. Kindly provide the mathematical back ground of Elliptic Curve Diffie-Helman

5. Provide the time complexity of Encryption/Decryption  of Block

 

Comments on the Quality of English Language

Kindly improvise the way of presentation 

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Reviewer 2 Report

Comments and Suggestions for Authors

The quality of the paper is satisfactory. The writing is of high quality, and I am able to recognize the writers' aspirations in the areas of Controller Area Network (CAN) and Controller Area Network Flexible Data-Rate (CAN-FD). In spite of the fact that it is strategic, there are a few difficulties that need to be brought to your attention.

Throughout the entirety of section 3, which is where the experiment is being conducted, I was unable to locate a step-by-step experimental analysis that would have produced the results of the summary of the findings in section 4. Simply said, I was able to observe the process by which a result is produced; more specifically, I was able to view both the result and the summary. There is a requirement to provide a detailed and unambiguous demonstration of the experimental scenario.

 

Furthermore, in SECTION 1.3 Challenges and limitations of CAN-FD, supposedly, the author should highlight the lists of challenges first and describe them, then later explain the limitations 

Comments on the Quality of English Language

Minor editing of the English language required

Author Response

Please see the attachment."

Author Response File: Author Response.pdf

Reviewer 3 Report

Comments and Suggestions for Authors

In this article, the authors propose a novel framework to secure communication of CAN, CAN-FD protocol. the methods improves access control, authentication and encryption of the protocol. the following points need to be addressed before it can be accepted:

lines 68 - 73, where are the results

line 339:section 3.2 is the part of the literature?

in fig.3, the public key, encrypted message and tag are sent, how long is this message, does it fit in a CAN frame?

section 3.2.4, how do you integrate Ethereum Blockchain and Smart Contract in your framework?

There should be a figure to describe the whole picture of the framework with enough details to show how it works, I suggest a scenario from beginning to end with details about time and message contents and length. 

 

Comments on the Quality of English Language

line 6 : and, and

line 58: per second for payload

line 68: CAN-FD performs demonstrates better performance.

line 87: A recent news

88: utilizing accessing on-board

124: missing and

160: with a a permutation

181: This method provides is easy to

272: . For every pair of nodes communicating

323: In a situation where one node, PUFs unique key generation for every prevents the retrieval of other secret keys.

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Reviewer 4 Report

Comments and Suggestions for Authors The peer-reviewed article addresses important issues of protecting vulnerabilities in CAN and CAN-FD19 protocols. This topic I consider unconditional important, as cars have the most mass use as persons, in business and industry. Currently, these protocols have protection mainly against accidental destructive effects: pulse interference, electronics failures. However, these protocols have little protection against intentional malicious factors. Therefore, information protection research issues for these protocols are relevant. The peer-reviewed article is some abstract review in principle of known technical solutions. It is to the credit of the authors that they conducted a systematic review of these decisions and combined it all in a peer-reviewed article. However, it should be noted that the authors in their article set out a list of well-known cryptographic protocols, while providing brief reference data on them. For example, what does it make sense to summarize the asymmetric encryption protocol on elliptical curves? The specialist knows its content, and the reader not familiar with this protocol can always refer to the recommended literature. There are other asymmetric cryptographic protocols, such as cryptographic protocols on algebraic lattices, etc. For the authors, it should be fundamentally only that this protocol is on asymmetric cryptographic keys, as well as that it allows the implementation of a Diffie-Hellman public key distribution scheme. The mathematical essence of this protocol for setting out general ideas of CAN-FD protection is not fundamental. Also, the meaning of mentioning the Casey protocol is not clear. In one way or another, only cryptographic protocols certified at the time of application can be recommended for use. Unfortunately, the article lacks the results of the original study. It is not clear what the novelty of the "proposed" structures is. Despite the fact that there are no errors in the text of the article, all the solutions used to become quite obvious. There is no formal description of copyright protocols, detailed description of conditions and results of experiments. There are no evaluation analytical dependencies, which are important in this case not so much in assessing the cryptographic resistance of solutions, but in assessing the computing resources spent and the stability of operation in real operating conditions. Almost all of these solutions are obvious, and unnecessarily detailed statements of individual protocols are redundant. Since the topic raised by the authors is extremely important for the field of information security in CAN-FD protocols, and the lack of proper depth of research of the authors in this topic is unacceptable, this article cannot be recommended for publication in the current form.

Comments for author File: Comments.pdf

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Round 2

Reviewer 4 Report

Comments and Suggestions for Authors

The article has undergone some changes that improve the perception of its content.

The graphic material reveals the main idea of the scientific article well. The article also adds the necessary clarifications and detailed descriptions of individual drawings. In the aggregate of the material, the main idea of the article has elements of originality. There are technical errors in the text of the article. For example, the authors do not distinguish between hyphens and dashes (for example, page 3).

However, the article still presents a lot of redundant (reference) information that has no effect on the disclosure of the original content of the article. For example, for what the authors cited the mathematical content of the Diffie-Hellman cryptographic scheme remained unclear. However, this does not introduce any erroneous information into the pack and does not make it wrong.

 

I will recommend this article for publication after eliminating some minor comments.

1. The mathematical content of the Diffie-Hellman scheme for a sophisticated reader is primitive and unnecessary. A scientific article is not a place for "popular entertainment" information.

2. I think the style of the mathematical formula on page 17 needs to be improved. What does the symbol "x"mean?? Is this a mathematical variable or an unsuccessful writing of the multiplication symbol? The simultaneous use of different physical dimensions (microseconds and nanoseconds) in a single formula is usually considered bad form. It is better to lead all values to a single (one) dimension (either seconds or microseconds).

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Back to TopTop