0

AES encryption was one of the best encryption techniques used but it had a major disadvantage that it cannot handle brute force attack. Hence honey encryption was introduced which can handle brute force attack but honey encryption can be used only in limited applications. Can honey encryption be used for CAN bus security?

schroeder
  • 123,438
  • 55
  • 284
  • 319
Priyam
  • 1
  • 1
    How does not AES handle brute force? And CAN Bus is a transport protocol. The bus doesn't care about what the payload is. – vidarlo Jan 25 '19 at 10:07
  • 1
    1) AES is still recommended for Top Secret classifications, so it is still one of the best, 2) It handles brute-force attacks just fine due to the doubling of brute force effort for every bit of the key length, 3) Honey encryption was *not* developed to counter the weaknesses in AES or any other cryptographic system because it is meant to be a deception technique. This leads me to question what benefit you were hoping honey encryption would provide in a CAN bus. So, what will honey encryption do for you on a CAN bus? What benefit are you hoping for? – schroeder Jan 25 '19 at 10:15
  • Relevant question: https://security.stackexchange.com/questions/123642/does-can-bus-communication-need-encryption – schroeder Jan 25 '19 at 10:35

1 Answers1

1

Your question doesn't really make sense.

First of all, CAN bus is typically used for M2M-communication, where you will know what data will be present by looking at which devices are attached. Furthermore, CAN bus is a transport bus. You can transport whatever data you want, but the devices has to support whatever encryption you choose. Embedded devices do typically not support different choices of encryption, if they support encryption at all.

And second, no. AES is not vulnerable to brute force. A brute force is considered infeasible due to the vast key space.

vidarlo
  • 12,850
  • 2
  • 35
  • 47