Abstract
Car-to-X (C2X) communication is a term used for the automated digital communication between different ITS (Intelligent Transport Systems) stations (e.g., vehicles, roadside units, traffic lights, etc.). C2X applications can be used to enhance both safety and comfort of drivers and require adequate security and privacy protection. The currently discussed security solutions for C2X networks are based on digital signatures of messages. The process of signing a message is quite complex and requires several steps and components.
These requirements call for a twofold application of embedded security hardware inside the ITS-station. First, management and storage of private keys – for signature generation – in software is potentially dangerous, as they can easily be extracted. Consequently, a dedicated hardware security module (HSM) should be used to manage and store all private keys in a secure and reliable way. The second application of security hardware is motivated by the performance requirements of C2X environments. As asymmetric cryptographic algorithms are quite slow in software, the expected number of messages in high traffic situations cannot be verified without hardware acceleration. In this article, we discuss the need for hardware security in a C2X environment. Therefore, we discuss functional requirements targeting security, features and performance for the use of HSMs and analyze possible hardware architectures. We conclude the article by a presentation of the development status of dedicated C2X HSMs within research and industry.
KEYWORDS – Key Management, Hardware Security Module, Car-to-X communication, ITS