Hyundai AutoEver’s advanced security solution ”HAE-WBC” was designed for the safe use of a variety of complicated smart devices.
In the 2018 movie ”Upgrade,” the protagonist’s autonomous car is hacked and ends up crashing as it runs out of control. As our reliance on ever-sophisticated smart devices increases, ensuring security has become even more important. Hyundai AutoEver developed ”HAE-WBC,” a software-based advanced security solution. Read on to find out how it works.
First, what is White Box Cryptography technology?
White Box Cryptography is a software-based security technology which doesn’t require separate hardware. Hackers are becoming increasingly sophisticated, bypassing authentication and manipulating internal memory, way beyond traditional methods of peeking and stealing data exchanges made online. In response, many online services have introduced hardware-based solutions such as Hardware Security Module and Trusted Platform Module which are designed to block malicious access.
However, such hardware-based solutions are hard to implement in automobiles for many reasons, including the need to keep the car light. White Box Cryptography, which obfuscates calculations conducted internally is an ideal solution for cars because it does not need additional hardware. It uses passwords just like in a black box but it provides an additional layer of security by making it impossible to trace how the password is encrypted and stored.
Why did Hyundai AutoEver develop HAE-WBC?
Hackers are becoming more aggressive, penetrating deeper into systems to neutralize security systems, so a lot of effort is being put into creating strong protection against such attacks. Completely taking over the control of a system is the ultimate goal of aggressive hackers. In July 2015, a YouTube video showed a hacked Jeep Cherokee driving into a bush, with its brake and steering wheel disabled. This was a prime example of how advanced hackers have become.
Hyundai AutoEver developed a Hardware Security Module (HSM) system to protect the vehicles against similar attacks. However, there was still the need for a strong security solution where a lightweight design is necessary. This is why the development of the White Box Security solution began. HAE-WBC is a software-based security solution built to protect future technology services such as smart mobilities, smart cities, and smart factories. It has already been deployed by some companies and we are providing technical assistance.
What are the most prominent advantages of HAE-WBC as a security solution?
It adds no weight. While providing high protection against hackers, the solution has low memory requirements and very high encryption/decryption speeds. In particular, it boasts excellent security performance in terms of obfuscation, versatility, compatibility, optimization, speed improvement, and defense against spoofing.
In which field was HAE-WBC first used?
HAE-WBC was first introduced in digital home keys, which support secure control of IoT home appliances such as door locks, lighting, and heating using a digital key downloaded from a mobile app.
How does HAE-WBC prevent reverse analysis by hackers?
When we say data encryption is secure, it means that the encryption key is safely protected. However, sophisticated hackers can recover the encryption key collecting the electricity waveform that occurs at the moment the encryption key is used, and calculate the algorithm in reverse. Malignant hackers who attack White Box are monitoring the inside of the system and capture the memory when the encryption key is used, so the security is inevitably weak. Therefore, WBC needs to expand and process the encryption key and incorporate it into the entire algorithm so the attacker cannot obtain the encryption key even after reverse analysis.
Unlike conventional WBCs which rely on proprietary algorithms, the HAE-WBC protects various cryptographic algorithms using an ”engine.” In addition, the exact form of the algorithms is altered each time it is installed on a device, making it impossible to reverse analyze even if the same encryption function and encryption key are used.
What was the biggest challenge you faced when developing HAE-WBC?
The most difficult part was designing Hyundai AutoEver’s own proprietary White Box Cryptography module. WBC is not a standardized technology and is heavily influenced by the developer who designs it. We had to create a new WBC module that does not undermine the existing safety, works with low system requirements and can be expanded. It wasn’t easy, but we were able to overcome all of the difficulties by following a systematic process.
How will HAE-WBC evolve in the future?
Currently, HAE-WBC is designed to provide only the necessary functions with various encryption algorithms that are required by companies installed as plug-ins. Cryptographic algorithms vary widely by vendors depending on the desired functionality and level of safety, so it is difficult to satisfy all the requirements. When designing a security library for a lightweight environment, it is important to optimize HAE-WBC with only necessary functions. Therefore, we plan to create more diverse support algorithms. In the future, we plan to further advance HAE-WBC’s capabilities by strengthening security, improving stability and optimization to prevent performance degradation.
Advisor. Senior Research Engineer Tae-yean Kwon, Automotive Convergence Software Development e-Lab at Hyundai AutoEver