Politecnico di Torino
Broadcast authentication in Controller Area Networks (CAN) is subject to real time constraints that are hard to satisfy by expensive public key primitives. For this purpose, the authors study here the use of one-time signatures which can be built on the most computationally efficient one-way functions. They use an enhancement of the classical Merkle signature as well as the more recently proposed HORS signature scheme. Notably these two proposals offer different trade-offs, the first is more efficient in terms of memory while the second is more efficient in terms of verification speed and signature size.