{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T13:40:41Z","timestamp":1760190041053,"version":"build-2065373602"},"reference-count":21,"publisher":"MDPI AG","issue":"18","license":[{"start":{"date-parts":[[2019,9,7]],"date-time":"2019-09-07T00:00:00Z","timestamp":1567814400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100003725","name":"National Research Foundation of Korea","doi-asserted-by":"publisher","award":["NRF-2018R1D1A1B07047656","No. 2018R1A4A1025632"],"award-info":[{"award-number":["NRF-2018R1D1A1B07047656","No. 2018R1A4A1025632"]}],"id":[{"id":"10.13039\/501100003725","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>In connected cars with various electronic control unit (ECU) modules, Ethernet is used to communicate data received by the sensor in real time, but it is partially used alongside a controller area network (CAN) due to the cost. There are security threats in the CAN, such as replay attacks and denial-of-service attacks, which can disrupt the driver or cause serious damage, such as a car accident through malicious manipulation. Although several secure protocols for protecting CAN messages have been proposed, they carry limitations, such as combining additional elements for security or modifying CAN messages with a limited length. Therefore, in this paper, we propose a method for encrypting the data frame, including real data in the CAN message structure, using format-preserving encryption (FPE), which ensures that the plaintext and ciphertext have the same format and length. In this way, block ciphers such as AES-128 must be divided into two or three blocks, but FPE can be processed simultaneously by encrypting them according to the CAN message format, thus providing better security against denial-of-service attacks. Based on the 150 ms CAN message, a normal message was received from a malicious message injection of 180 ms or more for AES-128 and a malicious message injection of 100 ms or more for FPE. Finally, based on the proposed scheme, a CAN transmission environment is constructed for analyzing the encryption\/decryption rate and the process of transmitting and processing the encrypted message for connected cars in multi-access edge computing (MEC). This scheme is compared with other algorithms to verify that it can be used in a real environment.<\/jats:p>","DOI":"10.3390\/s19183869","type":"journal-article","created":{"date-parts":[[2019,9,9]],"date-time":"2019-09-09T04:12:40Z","timestamp":1568002360000},"page":"3869","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["A Novel Message-Preserving Scheme with Format-Preserving Encryption for Connected Cars in Multi-Access Edge Computing"],"prefix":"10.3390","volume":"19","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-6545-9125","authenticated-orcid":false,"given":"Insu","family":"Oh","sequence":"first","affiliation":[{"name":"Department of Information Security Engineering, Soonchunhyang University, Asan 31538, Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Taeeun","family":"Kim","sequence":"additional","affiliation":[{"name":"Department of Information Security Engineering, Soonchunhyang University, Asan 31538, Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kangbin","family":"Yim","sequence":"additional","affiliation":[{"name":"Department of Information Security Engineering, Soonchunhyang University, Asan 31538, Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sun-Young","family":"Lee","sequence":"additional","affiliation":[{"name":"Department of Information Security Engineering, Soonchunhyang University, Asan 31538, Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2019,9,7]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"7","DOI":"10.1145\/2095256.2095257","article-title":"The case for ethernet in automotive communications","volume":"8","author":"Bello","year":"2011","journal-title":"ACM SIGBED Rev."},{"key":"ref_2","unstructured":"Wolf, M., Weimerskirch, A., and Paar, C. (2004, January 10\u201311). Security in automotive bus systems. Proceedings of the Workshop on Embedded Security in Cars, Bochum, Germany."},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Taherizadeh, S., Stankovski, V., and Grobelnik, M. (2018). A Capillary Computing Architecture for Dynamic Internet of Things: Orchestration of Microservices from Edge Devices to Fog and Cloud Providers. Sensors, 18.","DOI":"10.3390\/s18092938"},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"239","DOI":"10.1007\/s11241-007-9012-7","article-title":"Controller Area Network (CAN) schedulability analysis: Refuted, revisited and revised","volume":"35","author":"Davis","year":"2007","journal-title":"Real-Time Syst."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"50","DOI":"10.1109\/MNET.2017.1600257","article-title":"In-vehicle network attacks and countermeasures: Challenges and future directions","volume":"31","author":"Liu","year":"2017","journal-title":"IEEE Netw."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., and Shacham, H. (2010, January 16\u201319). Experimental security analysis of a modern automobile. Proceedings of the 2010 IEEE Symposium on Security and Privacy, Berkeley\/Oakland, CA, USA.","DOI":"10.1109\/SP.2010.34"},{"key":"ref_7","unstructured":"Hoppe, T., and Dittman, J. (2007, January 4). Sniffing\/Replay Attacks on CAN Buses: A simulated attack on the electric window lift classified using an adapted CERT taxonomy. Proceedings of the 2nd Workshop on Embedded Systems Security (WESS\u20192007), Salzburg, Austria."},{"key":"ref_8","first-page":"447","article-title":"Comprehensive experimental analyses of automotive attack surfaces","volume":"4","author":"Checkoway","year":"2011","journal-title":"USENIX Secur. Symp."},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Lee, H., Choi, K., Chung, K., Kim, J., and Yim, K. (2015, January 24\u201327). Fuzzing can packets into automobiles. Proceedings of the 2015 IEEE 29th International Conference on Advanced Information Networking and Applications, Gwangiu, Korea.","DOI":"10.1109\/AINA.2015.274"},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"552","DOI":"10.4304\/jnw.4.7.552-564","article-title":"A Defense-in-Depth Approach to Securing the Wireless Vehicle Infrastructure","volume":"4","author":"Nilsson","year":"2009","journal-title":"JNW"},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Ruan, N., and Hori, Y. (2012, January 2\u20134). DoS attack-tolerant TESLA-based broadcast authentication protocol in Internet of Things. Proceedings of the 2012 International Conference on Selected Topics in Mobile and Wireless Networking, Avignon, France.","DOI":"10.1109\/iCOST.2012.6271291"},{"key":"ref_12","unstructured":"Kurachi, R., Matsubara, Y., Takada, H., Adachi, N., Miyashita, Y., and Horihata, S. (2014, January 18\u201319). CaCAN-centralized authentication system in CAN (controller area network). Proceedings of the 14th International Conference on Embedded Security in Cars (ESCAR 2014), Hamburg, Germany."},{"key":"ref_13","unstructured":"Van Herrewege, A., Singelee, D., and Verbauwhede, I. (2011, January 28\u201329). CANAuth-a simple, backward compatible broadcast authentication protocol for CAN bus. Proceedings of the ECRYPT Workshop on Lightweight Cryptography, Louvain-la-Neuve, Belgium."},{"key":"ref_14","first-page":"90","article-title":"Libra-can: Lightweight broadcast authentication for controller area networks","volume":"16","author":"Groza","year":"2017","journal-title":"ACM Trans. Embed. Comput. Syst. (TECS)"},{"key":"ref_15","unstructured":"Hazem, A., and Fahmy, H.A. (2012, January 28\u201329). Lcap-a lightweight can authentication protocol for securing in-vehicle networks. Proceedings of the 10th ESCAR Embedded Security in Cars Conference, Berlin, Germany."},{"key":"ref_16","first-page":"1","article-title":"Secure communication for CAN FD","volume":"4","author":"Happel","year":"2014","journal-title":"CAN Newsl."},{"key":"ref_17","first-page":"38G","article-title":"Recommendation for block cipher modes of operation: Methods for format-preserving encryption","volume":"800","author":"Dworkin","year":"2016","journal-title":"NIST Spec. Publ."},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Barker, E., and Roginsky, A. (2018). Transitioning the Use of Cryptographic Algorithms and Key Lengths.","DOI":"10.6028\/NIST.SP.800-131Ar2"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Rukhin, A., Soto, J., Nechvatal, J., Smid, M., and Barker, E. (2001). A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications, Booz-Allen and Hamilton Inc.","DOI":"10.6028\/NIST.SP.800-22"},{"key":"ref_20","unstructured":"Longan, D. (2019, July 13). Serial CAN Bus Module. Available online: https:\/\/docs.longan-labs.cc\/1030001\/."},{"key":"ref_21","first-page":"26","article-title":"Beaglebone black system reference manual","volume":"5","author":"Coley","year":"2013","journal-title":"Texas Instrum. Dallas"}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/19\/18\/3869\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T13:17:37Z","timestamp":1760188657000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/19\/18\/3869"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,9,7]]},"references-count":21,"journal-issue":{"issue":"18","published-online":{"date-parts":[[2019,9]]}},"alternative-id":["s19183869"],"URL":"https:\/\/doi.org\/10.3390\/s19183869","relation":{},"ISSN":["1424-8220"],"issn-type":[{"type":"electronic","value":"1424-8220"}],"subject":[],"published":{"date-parts":[[2019,9,7]]}}}