While I agree with this instinct: this sounds like a simple "just use PKI" solution but it's really not simple at all. How do the vehicles' or devices' cert keys get provisioned and protected? Are they unique per device, per vehicle, or per manufacturer? Per device or per vehicle increases manufacturing process overhead (read: price) immensely [edit: as well as overhead at service departments]. Every device that can sign messages needs access to perform private key operations, which necessarily either increases cost (eg by storing the keys in a device-local HSM or adding network-based key operations along with the corresponding one-turtle-down auth problems) or decreases security of those private keys. What happens when they inevitably get extracted and baked into spoofing tools? Can the manufacturer rotate the root keys? What happens to vehicles that are offline when that happens?
I thought it was covered in the article but all the devices on the bus would need secret keys that were unique across all devices manufactured. This isn't impossible though since we've been making unique MAC addresses on NICs for many decades, and motherboards often come these days with the actual serial number of the server flashed into the DMI information, etc. It will also take an electron microscope to read the keys out of the chips, which is not a very mobile attack to use against a parked car on the street.
First, those unique MACs and serial numbers are not currently in storage that requires an electron microsocope to read, so that's a pretty big additional cost burden. Second, assuming all devices were to be given secure key storage parts, you also have the cost burden of the pairing process during manufacturing and maintenance, as I mentioned above (not to mention the design and development of that pairing database and its failure/diag/maintenance/factory-reset modes). It's far from trivial.
If you don't provide a convenient interface to read a MAC address then you're going to need an electron microscope to pull it off a NIC chip as well. They just always provide the convenient interface to get at it.
No, you don't need an electron microscope to overcome that type of inconvenience, because those pieces of data are not sensitive and no effort has been made to ensure you can't just read them out using the pins. This is why the problem of storing private keys is so different than the problem of storing a MAC address. Or put another way: inconvenience is not security, and what we're talking about is a security problem.
I think to be feasible from a maintenance and consumer-friendliness standpoint, each vehicle should have its own local CA and have some sort of open standard for how individual devices can have certificates provisioned so that they can be installed on a car. A replacement-part-pairing function that can only be performed by having physical access to a specific secured component (e.g. not just bus access) should work without contacting the manufacturer. I'm in for this startup idea. :D
