Des Autom Embed Syst
TEE based session key establishment protocol for secure
· Jong-Hyouk Lee
Received: 28 February 2018 / Accepted: 23 May 2018
© Springer Science+Business Media, LLC, part of Springer Nature 2018
Abstract Most vehicles are now produced with infotainment features. However, as reported
in various security conferences, security vulnerabilities associated with an infotainment sys-
tem can cause serious security issues, e.g., an attacker can control in-vehicle systems through
the infotainment system. To address such security issues, in this paper, we propose a ses-
sion key establishment protocol using Elliptic Curve Cryptography. The proposed protocol
enables secure authentication and key distribution between a user device and a telematics
control unit. We also shows how a trusted execution environment is used for the proposed
protocol. We present detailed protocol operations with conducted security analysis results.
Keywords In-vehicle infotainment · Trusted execution environment · Elliptic Curve
Recent advances in wireless communication and embedded system technologies have
spawned many new applications for users in vehicles. An infotainment system is one of
the new applications that provides navigation, connectivity, audio, and visual entertainment.
Most modern vehicles nowadays have infotainment systems that can be connected with user
devices. For instance, a user in a vehicle can enjoy video streaming via an infotainment
system while moving [1–4].
As vehicle infotainment systems can access more and more functions of the vehicle,
security concerns have also been increased [5–7]. The car hacking demonstrations have
This research was supported by a 2018 Research Grant from Sangmyung University.
Protocol Engineering Lab, Sangmyung University, Cheonan, South Korea